Tushar Pal tpal94
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Cross-Site Request Forgery (CSRF): | |
| This attack method works by including malicious code or a link in a page that accesses a web application that the user is believed to have authenticated. | |
| If the session for that web application has not timed out, an attacker may execute unauthorized commands. | |
| Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. | |
| With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing. | |
| If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. | |
| If the victim is an administrative account, CSRF can compromise the entire web application. |
tpal94
/ webdriver.py
Created
April 25, 2020 06:31
The following gist is used to initialize Selenium Webdriver in Headless mode with excluded switches
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def createDriver(): | |
| driver = webdriver.Firefox() | |
| options = Options() | |
| options.add_argument('--ignore-certificate-errors') | |
| options.add_experimental_option("excludeSwitches",["ignore-certificate-errors"]) | |
| options.add_argument("--headless") # Runs Chrome in headless mode. | |
| options.add_argument('--no-sandbox') # Bypass OS security model | |
| options.add_argument('--disable-gpu') # applicable to windows os only | |
| options.add_argument('start-maximized') # | |
| options.add_argument('disable-infobars') |
tpal94
/ monitor.py
Created
April 25, 2020 06:30
The following GIST is used to monitor stock information and raise calls when new information comes in
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def monitor(): | |
| print("Sleeping 5 secs before monitoring") | |
| time.sleep(5) | |
| WebDriverWait(driver, 10).until(EC.visibility_of_element_located((By.XPATH, '//*[@id="messages"]/div[1]'))) | |
| old_incomings = len(driver.find_elements_by_xpath('//*[@id="messages"]/div')) | |
| print("Starting monitoring with %d incomings" % old_incomings) | |
| while True: | |
| time.sleep(5) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def copy_new_sheet(): | |
| """Shows basic usage of the Docs API. | |
| Prints the title of a sample document. | |
| """ | |
| creds = None | |
| # The file token.pickle stores the user's access and refresh tokens, and is | |
| # created automatically when the authorization flow completes for the first | |
| # time. | |
| if os.path.exists('token.pickle'): | |
| with open('token.pickle', 'rb') as token: |
tpal94
/ explode.py
Created
April 25, 2020 06:24
The following GIST is used to process stock information
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def explode_and_identify(text): | |
| if 'SWEEP DETECTED' in text: | |
| text = text.split("\n", 1)[1] + " SWEEP DETECTED" #Workaround for the SWEEP DETECTED checks | |
| datadict = {} | |
| text = text.replace(">>", "") | |
| explode = text.split(" ") | |
tpal94
/ dns_check.rb
Created
March 31, 2018 04:33
— forked from colszowka/dns_check.rb
Ruby DNS Check
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'resolv' | |
| class DnsCheck | |
| attr_reader :host | |
| def initialize(host) | |
| @host = host | |
| end | |
| def a | |
| @a ||= Resolv::DNS.new.getresources(host, Resolv::DNS::Resource::IN::A) |