Stevie Zollo szollo

## postgres-cheatsheet.md

      
              1 file
            
          
              1103 forks
            
          
              65 comments
            
          
              3406 stars
            
          
                Kartones
                / postgres-cheatsheet.md
            
            
              Last active
              November 27, 2023 11:50
            
              
                PostgreSQL command line cheatsheet
              
          
      View postgres-cheatsheet.md
  
      
    PSQL
Magic words:
psql -U postgres
Some interesting flags (to see all, use -h or --help depending on your psql version):

-E: will describe the underlaying queries of the \ commands (cool for learning!)
-l: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)


## bash-cheatsheet.sh
#!/bin/bash
#####################################################
# Name: Bash CheatSheet for Mac OSX
#
# A little overlook of the Bash basics
#
# Usage:
#
# Author: J. Le Coupanec
# Date: 2014/11/04

## verify_hmac.js
var crypto = require('crypto');
// Added for safer string equality checking
var bufferEq = require('buffer-equal-constant-time');
var url = require('url');
var SHARED_SECRET = "sup3rs3cr3t!!";

function verifySignature(string_to_sign, signature, shared_secret) {
	var hmac = crypto.createHmac('sha512', shared_secret);
	hmac.write(string_to_sign);
	hmac.end()

## hn_seach.js
// Usage:
//   Copy and paste all of this into a debug console window of the "Who is Hiring?" comment thread
//   then use as follows:
//
//   query(term | [term, term, ...], term | [term, term, ...], ...)
//
// When arguments are in an array then that means an "or" and when they are seperate that means "and"
//
// Term is of the format:
//    ((-)text/RegExp)  ( '-' means negation )

## Markdown.mdimporter.patch
--- /System/Library/Spotlight/RichText.mdimporter/Contents/Info.plist	2022-02-26 09:05:07.000000000 +0200
+++ /Library/Spotlight/Markdown.mdimporter/Contents/Info.plist	2022-03-22 21:01:30.000000000 +0200
@@ -13,27 +13,20 @@
 			<string>MDImporter</string>
 			<key>LSItemContentTypes</key>
 			<array>
-				<string>public.rtf</string>
-				<string>public.html</string>
-				<string>public.xml</string>
-				<string>public.plain-text</string>

## curl.md

      
              5 files
            
          
              984 forks
            
          
              96 comments
            
          
              3885 stars
            
          
                subfuzion
                / curl.md
            
            
              Last active
              November 28, 2023 01:27
            
              
                curl POST examples
              
          
      View curl.md
  
      
    Common Options
-#, --progress-bar
Make curl display a simple progress bar instead of the more informational standard meter.
-b, --cookie <name=data>
Supply cookie with request. If no =, then specifies the cookie file to use (see -c).
-c, --cookie-jar <file name>
File to save response cookies to.

  
## Jenkinsfile.groovy
node {
    echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
    echo 'No quotes, pipeline command in single quotes'
    sh 'echo $BUILD_NUMBER' // 1
    echo 'Double quotes are silently dropped'
    sh 'echo "$BUILD_NUMBER"' // 1
    echo 'Even escaped with a single backslash they are dropped'
    sh 'echo \"$BUILD_NUMBER\"' // 1
    echo 'Using two backslashes, the quotes are preserved'
    sh 'echo \\"$BUILD_NUMBER\\"' // "1"

## Wannacrypt0r-FACTSHEET.md

      
              1 file
            
          
              158 forks
            
          
              267 comments
            
          
              712 stars
            
          
                rain-1
                / Wannacrypt0r-FACTSHEET.md
            
            
              Last active
              November 28, 2023 10:19
                — forked from Epivalent/Wannacrypt0r-FACTSHEET.md
            
          
      View Wannacrypt0r-FACTSHEET.md
  
      
    WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

  
## AuthyToOtherAuthenticator.md

      
              1 file
            
          
              230 forks
            
          
              316 comments
            
          
              1626 stars
            
          
                gboudreau
                / AuthyToOtherAuthenticator.md
            
            
              Last active
              November 29, 2023 00:06
                — forked from Ingramz/AuthyToOtherAuthenticator.md
            
              
                Export TOTP tokens from Authy
              
          
      View AuthyToOtherAuthenticator.md
  
      
    Generating Authy passwords on other authenticators

There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.
Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes for you to use on your favorite authenticator.
His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My guess is that Brian used the

  
## monzo-alertmanager-config.yaml
###################################################
##
## Alertmanager YAML configuration for routing.
##
## Will route alerts with a code_owner label to the slack-code-owners receiver
## configured above, but will continue processing them to send to both a
## central Slack channel (slack-monitoring) and PagerDuty receivers
## (pd-warning and pd-critical)
##
	#!/bin/bash
	#####################################################
	# Name: Bash CheatSheet for Mac OSX
	#
	# A little overlook of the Bash basics
	#
	# Usage:
	#
	# Author: J. Le Coupanec
	# Date: 2014/11/04
	var crypto = require('crypto');
	// Added for safer string equality checking
	var bufferEq = require('buffer-equal-constant-time');
	var url = require('url');
	var SHARED_SECRET = "sup3rs3cr3t!!";

	function verifySignature(string_to_sign, signature, shared_secret) {
	var hmac = crypto.createHmac('sha512', shared_secret);
	hmac.write(string_to_sign);
	hmac.end()
	// Usage:
	// Copy and paste all of this into a debug console window of the "Who is Hiring?" comment thread
	// then use as follows:
	//
	// query(term \| [term, term, ...], term \| [term, term, ...], ...)
	//
	// When arguments are in an array then that means an "or" and when they are seperate that means "and"
	//
	// Term is of the format:
	// ((-)text/RegExp) ( '-' means negation )
	--- /System/Library/Spotlight/RichText.mdimporter/Contents/Info.plist 2022-02-26 09:05:07.000000000 +0200
	+++ /Library/Spotlight/Markdown.mdimporter/Contents/Info.plist 2022-03-22 21:01:30.000000000 +0200
	@@ -13,27 +13,20 @@
	<string>MDImporter</string>
	<key>LSItemContentTypes</key>
	<array>
	- <string>public.rtf</string>
	- <string>public.html</string>
	- <string>public.xml</string>
	- <string>public.plain-text</string>
	node {
	echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
	echo 'No quotes, pipeline command in single quotes'
	sh 'echo $BUILD_NUMBER' // 1
	echo 'Double quotes are silently dropped'
	sh 'echo "$BUILD_NUMBER"' // 1
	echo 'Even escaped with a single backslash they are dropped'
	sh 'echo \"$BUILD_NUMBER\"' // 1
	echo 'Using two backslashes, the quotes are preserved'
	sh 'echo \\"$BUILD_NUMBER\\"' // "1"
	###################################################
	##
	## Alertmanager YAML configuration for routing.
	##
	## Will route alerts with a code_owner label to the slack-code-owners receiver
	## configured above, but will continue processing them to send to both a
	## central Slack channel (slack-monitoring) and PagerDuty receivers
	## (pd-warning and pd-critical)
	##