Skip to content

Instantly share code, notes, and snippets.

View tlesh989's full-sized avatar

Tom Lesh tlesh989

1 follower · 5 following
View GitHub Profile
@win3zz
win3zz / GitHub-Leaked-API-Keys-and-Secrets.md
Last active July 18, 2024 14:17

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@aldoborrero
aldoborrero / README.md
Created November 25, 2022 21:03
How to setup a Nix binary cache with Terraform in DigitalOcean Spaces + CDN and custom subdomain in Cloudflare
@andstor
andstor / blacklist.filter
Created February 18, 2022 00:47
Synology Drive Client blacklist
[Version]
major = 1
minor = 1
[Common]
black_dir_prefix = "/Backup", "/Moments"
max_length = 0
max_path = 0
[File]
@kobus-v-schoor
kobus-v-schoor / power-monitor.service
Last active September 14, 2022 13:49
[Service]
Environment=STARTUP_WAIT=30s
ExecStart=/home/kobus/.local/bin/power_monitor.sh
[Install]
WantedBy=default.target
@kobus-v-schoor
kobus-v-schoor / power_monitor.sh
Last active May 22, 2024 14:02
#! /bin/bash
BAT=$(echo /sys/class/power_supply/BAT*)
BAT_STATUS="$BAT/status"
BAT_CAP="$BAT/capacity"
LOW_BAT_PERCENT=20
AC_PROFILE="performance"
BAT_PROFILE="balanced"
LOW_BAT_PROFILE="power-saver"
@rbo
rbo / README.md
Last active August 30, 2023 11:30
How to disable yubikey / certificate for firefox

Firefox Settings

-> Privacy & Security -> Security Devcices

image

Before

2021-08-24-16-43-29-1629816209

@epicserve
epicserve / example.com.import.txt
Last active March 11, 2023 14:04
Example Terraform file for importing DNS Records from DigitalOcean
digitalocean_domain.example example.com
digitalocean_record.example example.com,<DO ID>
digitalocean_record.fd-gmail-txt example.com,<DO ID>
digitalocean_record.fd-mx["alt1.aspmx.l.google.com."] example.com,<DO ID>
digitalocean_record.fd-mx["alt2.aspmx.l.google.com."] example.com,<DO ID>
digitalocean_record.fd-mx["aspmx.l.google.com."] example.com,<DO ID>
digitalocean_record.fd-mx["aspmx2.googlemail.com."] example.com,<DO ID>
digitalocean_record.fd-mx["aspmx3.googlemail.com."] example.com,<DO ID>
digitalocean_record.fd-ns["1"] example.com,<DO ID>
digitalocean_record.fd-ns["2"] example.com,<DO ID>
@kkemple
kkemple / autonomous.txt
Created June 24, 2020 17:37 — forked from Khaledgarbaya/autonomous.txt
Instructions on how to reset the autonomous desk. This fixes a problem where the desk will not lower (also reportedly fixes incorrectly reported heights).
> Thank you for reaching out to Autonomous! I am sorry to hear that you are having some trouble with your SmartDesk
> but I will be glad to assist. It sounds like your system needs a "hard reset" can I please have you follow these
> steps thoroughly.
Reset Steps:
1. Unplug the desk for 20 seconds. Plug it back in. Wait a full 20 seconds.
2. Press the up and down buttons until the desk lowers all the way and beeps or 20 seconds pass.
3. Release both buttons.
4. Press the down buttons until the desk beeps one more time or 20 seconds pass.
@gene1wood
gene1wood / bitwarden-amazon-aws-credential-setup.md
Last active March 22, 2024 22:53
How to get BitWarden to differentiate between amazon.com consumer retail logins, AWS root logins and AWS IAM user logins

Here's how to get BitWarden to treat these three different types of Amazon logins as separate

  • amazon.com consumer retail business login
  • AWS root user login (AWS logins that use an email address)
  • AWS IAM user login (AWS logins that use a username)

amazon.com consumer retail

  • Set URI 1 to Exact with a value of

    https://www.amazon.com/ap/signin?_encoding=UTF8&ignoreAuthState=1&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2F%3Fref_%3Dnav_custrec_signin&switch_account=

@vonNiklasson
vonNiklasson / remove_old_gcloud_versions.sh
Last active January 16, 2024 16:04
Remove old Google App Engine versions
#!/bin/bash
# A bash script to remove old versions of a Google App Engine instance.
#
# Inspiration of script taken from:
# https://almcc.me/blog/2017/05/04/removing-older-versions-on-google-app-engine/
# Original code by Alastair McClelland and Marty Číž.
# Assembled and modified by Johan Niklasson.
#
# To run this script, execute