Skip to content

Instantly share code, notes, and snippets.

View szollo's full-sized avatar
🟠

Stevie Zollo szollo

🟠
View GitHub Profile
@Kartones
Kartones / postgres-cheatsheet.md
Last active June 18, 2024 15:09
PostgreSQL command line cheatsheet

PSQL

Magic words:

psql -U postgres

Some interesting flags (to see all, use -h or --help depending on your psql version):

  • -E: will describe the underlaying queries of the \ commands (cool for learning!)
  • -l: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)
@LeCoupa
LeCoupa / bash-cheatsheet.sh
Last active May 27, 2024 20:46
Bash CheatSheet for UNIX Systems --> UPDATED VERSION --> https://github.com/LeCoupa/awesome-cheatsheets
#!/bin/bash
#####################################################
# Name: Bash CheatSheet for Mac OSX
#
# A little overlook of the Bash basics
#
# Usage:
#
# Author: J. Le Coupanec
# Date: 2014/11/04
@turret-io
turret-io / verify_hmac.js
Last active May 4, 2022 14:52
Verify HMAC in NodeJS
var crypto = require('crypto');
// Added for safer string equality checking
var bufferEq = require('buffer-equal-constant-time');
var url = require('url');
var SHARED_SECRET = "sup3rs3cr3t!!";
function verifySignature(string_to_sign, signature, shared_secret) {
var hmac = crypto.createHmac('sha512', shared_secret);
hmac.write(string_to_sign);
hmac.end()
@kristopolous
kristopolous / hn_seach.js
Last active July 24, 2023 04:12
hn job query search
// Usage:
// Copy and paste all of this into a debug console window of the "Who is Hiring?" comment thread
// then use as follows:
//
// query(term | [term, term, ...], term | [term, term, ...], ...)
//
// When arguments are in an array then that means an "or" and when they are seperate that means "and"
//
// Term is of the format:
// ((-)text/RegExp) ( '-' means negation )
@breiter
breiter / Markdown.mdimporter.patch
Last active October 30, 2023 10:24
Enable Spotlight indexing of Markdown in ~~El Capitan~~ Monterey without disabling SIP
--- /System/Library/Spotlight/RichText.mdimporter/Contents/Info.plist 2022-02-26 09:05:07.000000000 +0200
+++ /Library/Spotlight/Markdown.mdimporter/Contents/Info.plist 2022-03-22 21:01:30.000000000 +0200
@@ -13,27 +13,20 @@
<string>MDImporter</string>
<key>LSItemContentTypes</key>
<array>
- <string>public.rtf</string>
- <string>public.html</string>
- <string>public.xml</string>
- <string>public.plain-text</string>
@subfuzion
subfuzion / curl.md
Last active June 17, 2024 21:07
curl POST examples

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

@Faheetah
Faheetah / Jenkinsfile.groovy
Last active June 17, 2024 15:05
Jenkinsfile idiosynchrasies with escaping and quotes
node {
echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
echo 'No quotes, pipeline command in single quotes'
sh 'echo $BUILD_NUMBER' // 1
echo 'Double quotes are silently dropped'
sh 'echo "$BUILD_NUMBER"' // 1
echo 'Even escaped with a single backslash they are dropped'
sh 'echo \"$BUILD_NUMBER\"' // 1
echo 'Using two backslashes, the quotes are preserved'
sh 'echo \\"$BUILD_NUMBER\\"' // "1"

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@gboudreau
gboudreau / AuthyToOtherAuthenticator.md
Last active June 17, 2024 04:00 — forked from Ingramz/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy
@milesbxf
milesbxf / monzo-alertmanager-config.yaml
Last active May 15, 2024 19:37
Monzo's Alertmanager Slack templates
###################################################
##
## Alertmanager YAML configuration for routing.
##
## Will route alerts with a code_owner label to the slack-code-owners receiver
## configured above, but will continue processing them to send to both a
## central Slack channel (slack-monitoring) and PagerDuty receivers
## (pd-warning and pd-critical)
##