Skip to content

Instantly share code, notes, and snippets.

Avatar
🎧
‌‌

Wagner Souza waghcwb

🎧
‌‌
View GitHub Profile
@brianmacarthur
brianmacarthur / flash-app.js
Last active Jan 21, 2022
Flash messaging in Express 4: express-flash vs. custom middleware in ejs, handlebars, or jade
View flash-app.js
var express = require('express');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var flash = require('express-flash');
var handlebars = require('express-handlebars')
var app = express();
var sessionStore = new session.MemoryStore;
// View Engines
@Vestride
Vestride / encoding-video.md
Last active Jan 21, 2022
Encoding video for the web
View encoding-video.md

Encoding Video

Installing

Install FFmpeg with homebrew. You'll need to install it with a couple flags for webm and the AAC audio codec.

brew install ffmpeg --with-libvpx --with-libvorbis --with-fdk-aac --with-opus
@letanure
letanure / estados-cidades.json
Last active Jan 19, 2022
JSON estados cidades do brasil, dividido por estados. segunda lista atualizada em 2020, dados do IBGE
View estados-cidades.json
{
"estados": [
{
"sigla": "AC",
"nome": "Acre",
"cidades": [
"Acrelândia",
"Assis Brasil",
"Brasiléia",
"Bujari",
@esperlu
esperlu / mysql2sqlite.sh
Created Apr 27, 2011
MySQL to Sqlite converter
View mysql2sqlite.sh
#!/bin/sh
# Converts a mysqldump file into a Sqlite 3 compatible file. It also extracts the MySQL `KEY xxxxx` from the
# CREATE block and create them in separate commands _after_ all the INSERTs.
# Awk is choosen because it's fast and portable. You can use gawk, original awk or even the lightning fast mawk.
# The mysqldump file is traversed only once.
# Usage: $ ./mysql2sqlite mysqldump-opts db-name | sqlite3 database.sqlite
# Example: $ ./mysql2sqlite --no-data -u root -pMySecretPassWord myDbase | sqlite3 database.sqlite
@chrisveness
chrisveness / crypto-aes-gcm.js
Last active Jan 17, 2022
Uses the SubtleCrypto interface of the Web Cryptography API to encrypt and decrypt text using AES-GCM (AES Galois counter mode).
View crypto-aes-gcm.js
/**
* Encrypts plaintext using AES-GCM with supplied password, for decryption with aesGcmDecrypt().
* (c) Chris Veness MIT Licence
*
* @param {String} plaintext - Plaintext to be encrypted.
* @param {String} password - Password to use to encrypt plaintext.
* @returns {String} Encrypted ciphertext.
*
* @example
* const ciphertext = await aesGcmEncrypt('my secret text', 'pw');
@vlucas
vlucas / encryption.js
Last active Jan 13, 2022
Stronger Encryption and Decryption in Node.js
View encryption.js
'use strict';
const crypto = require('crypto');
const ENCRYPTION_KEY = process.env.ENCRYPTION_KEY; // Must be 256 bits (32 characters)
const IV_LENGTH = 16; // For AES, this is always 16
function encrypt(text) {
let iv = crypto.randomBytes(IV_LENGTH);
let cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(ENCRYPTION_KEY), iv);
@zcaceres
zcaceres / Error-Handling-Patterns-Express.md
Last active Jan 13, 2022
error handling patterns in Express
View Error-Handling-Patterns-Express.md

Handling Errors

Express.js makes it a breeze to handle errors in your routes.

Express lets you centralizes your error-handling through middleware.

Let's look at patterns for how to get the most out of your error-handling.

First, our error-handling middleware looks like this:

@coolbrg
coolbrg / powershell.go
Last active Jan 5, 2022
Playing PowerShell command via Golang
View powershell.go
package main
import (
"bytes"
"fmt"
"os/exec"
"strings"
)
// PowerShell struct
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@ceres-c
ceres-c / frida-extract-keystore.py
Last active Jan 5, 2022
Automatically extract KeyStore objects and relative password from Android applications with Frida - Read more: https://ceres-c.it/2018/12/16/frida-android-keystore/
View frida-extract-keystore.py
#!/usr/bin/python3
'''
author: ceres-c
usage: ./frida-extract-keystore.py
Once the keystore(s) have been exported you have to convert them to PKCS12 using keytool
'''
import frida, sys, time