Skip to content

Instantly share code, notes, and snippets.

@postmodern
postmodern / benchmark.rb
Created February 23, 2023 02:23
Micro-benchmark for `value != nil` vs. `!value.nil?`
#!/usr/bin/env ruby
require 'benchmark'
Benchmark.bm do |b|
n = 1_000_000
value1 = 1
value2 = nil
@olets
olets / nvm-ls-g
Last active May 19, 2021 15:44
List global packages for all nvm Nodes
#!/usr/bin/env sh
# nvm-ls-g
# Henry Bley-Vroman
# MIT License, 2018
# Lists the globally-installed npm packages
# for every nvm-installed version of Node
# Usage:
@laurenfazah
laurenfazah / express_postgress_knex.md
Last active November 26, 2022 13:19
Cheat Sheet: Setting up Express with Postgres via Knex

Express & Postgres via Knex

Note: <example> is meant to denote text replaced by you (including brackets).

Setup

// global dependencies
npm install -g knex
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active December 6, 2024 06:26
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@kdabir
kdabir / heredoc_json.bash
Last active January 11, 2024 02:25
json in heredoc in bash script alongwith variable substitution
_BUCKET_NAME="foo.example.com"
_POLICY=$(cat <<EOT
{
"Version":"2012-10-17",
"Statement":[{
"Sid":"PublicReadForGetBucketObjects",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
@FelicianoTech
FelicianoTech / .ciignore
Created June 15, 2016 04:51
An example Git hook to automate when to use [skip ci] in commit messages. This particular hook uses patterns from a file called .ciignore
logs/*
@Rubentxu
Rubentxu / maybe.go
Created September 24, 2015 23:34
Implementing the Maybe monad in Golang
package main
import (
"fmt"
"errors"
)
type Maybe interface {
Return(value interface{}) Maybe
Bind(func(interface{}) Maybe) Maybe
@jmoiron
jmoiron / 01-curl.go
Last active October 19, 2024 11:28
io.Reader & io.Writer fun
package main
import (
"fmt"
"io"
"net/http"
"os"
)
func init() {
@oroce
oroce / app.js
Created June 17, 2014 08:37
parse csp report in express
var express = require('express');
var app = express();
var bodyParser = require('body-parser');
// chrome sends application/csp-report
// firefox sends application/json
// it seems chrome is doing it well: https://w3c.github.io/webappsec/specs/content-security-policy/
app.use(bodyParser.json({
type: ['json', 'application/csp-report']
}));
@jammycakes
jammycakes / deps.js
Created February 28, 2012 00:59
Node.js script to install dependencies using npm
var child_process = require('child_process');
function install(modules, callback) {
if (modules.length == 0) {
if (callback) callback(null);
return;
}
var module = modules.shift();
child_process.exec(
'npm install ' + module,