Skip to content

Instantly share code, notes, and snippets.

View terrywang's full-sized avatar

Terry Wang terrywang

118 followers · 53 following
View GitHub Profile
@joepie91
joepie91 / vpn.md
Last active June 6, 2024 16:23
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
@croepha
croepha / DigitalOcean_NoVNC_Paste.js
Last active January 6, 2024 09:06
// This will open up a prompt for text to send to a console session on digital ocean
// Useful for long passwords
(function () {
var t = prompt("Enter text to be sent to console, (This wont send the enter keystroke)").split("");
function f() {
var character = t.shift();
var i=[];
var code = character.charCodeAt();
var needs_shift = "!@#$%^&*()_+{}:\"<>?~|".indexOf(character) !== -1
@chrismdp
chrismdp / s3.sh
Last active March 5, 2024 12:57
Uploading to S3 in 18 lines of Shell (used to upload builds for http://soltrader.net)
# You don't need Fog in Ruby or some other library to upload to S3 -- shell works perfectly fine
# This is how I upload my new Sol Trader builds (http://soltrader.net)
# Based on a modified script from here: http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash
S3KEY="my aws key"
S3SECRET="my aws secret" # pass these in
function putS3
{
path=$1
@kennwhite
kennwhite / vpn_psk_bingo.md
Last active February 24, 2024 12:19
Most VPN Services are Terrible

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

@akras14
akras14 / Getting-Cheat-Sheet.md
Last active June 1, 2024 13:22

Git Cheat Sheet

Commands

Getting Started

git init

or

@grugq
grugq / gist:03167bed45e774551155
Last active April 6, 2024 10:12
operational pgp - draft

Operational PGP

This is a guide on how to email securely.

There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.

@bojieli
bojieli / testssl.c
Created April 8, 2014 18:03
Heartbleed OpenSSL vulnerbility POC (CVE-2014-0160)
/* Heartbleed OpenSSL vulnerbility POC
* CVE-2014-0160
*
* You need to modify OpenSSL client code: ssl/t1_lib.c, function tls1_heartbeat
* Previous line: \/\* Payload length (18 bytes here) \*\/
* Old line: s2n(payload, p);
* New line: s2n(65536 - 100, p); // pretend that we have so many bytes of payload...
*
* To compile:
* gcc -g -o testssl -Iinclude -L. -lssl ssl/*.o testssl.c
@takeshixx
takeshixx / hb-test.py
Last active March 9, 2024 13:37
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <takeshix@adversec.com>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@sergeifilippov
sergeifilippov / domain-nginx.conf
Created February 10, 2014 03:22
linux-dash with nginx
server {
server_name $domain_name;
root /var/www;
index index.html index.php;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Cache static files for as long as possible
location ~* \.(?:xml|ogg|mp3|mp4|ogv|svg|svgz|eot|otf|woff|ttf|css|js|jpg|jpeg|gif|png|ico)$ {
try_files $uri =404;
@seboudry
seboudry / latency.markdown
Last active February 15, 2023 12:45 — forked from hellerbarde/latency.markdown

Latency numbers every programmer should know

L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns                     on recent CPU
L2 cache reference ........................... 7 ns                     14x L1 cache
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns                     20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy ............. 3,000 ns  =   3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns  =  20 µs
SSD random read ........................ 150,000 ns  = 150 µs

Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs 4X memory