rain-1

Purpose

Bootstrap knowledge of LLMs ASAP. With a bias/focus to GPT.

Avoid being a link dump. Try to provide only valuable well tuned information.

Prelude

Neural network links before starting with transformers.

Hacktivate-TH

/*
# Author: Hacktivate Co., Ltd. (https://hacktivate.tech)
# 
# Description: An example Frida script for tampering with streaming gRPC messages. 
# Full blog post can be found at: https://hacktivate.tech/2022/10/27/a-hackish-way-to-tamper-grpc-traffic-in-android.html
*/


setTimeout(function() {
    Java.perform(function() {

Hacktivate-TH

#
# Author: Hacktivate Co., Ltd. (https://hacktivate.tech)
# 
# Description: This is an mitmproxy extension for editing gRPC messages over HTTP/2. 
# Full blog post can be found at: https://hacktivate.tech/2022/10/27/a-hackish-way-to-tamper-grpc-traffic-in-android.html
#


from concurrent.futures.process import _threads_wakeups

szemate

How to resolve package-lock.json conflicts

It is not possible to resolve conflicts of package-lock.json in GitHub's merge tool and you need to do a manual merge.

1. Update the master branch with the latest changes:

   git checkout master
   git pull
   

2. Merge your feature branch into master:

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

yokawasa

ghcr (GitHub Container Registry) quickstart

CLI

To push container images to ghcr, you need peronal access token (PAT) - see how to create PAT

1. Get PAT (personal access token)

Personal Settings > Developer settings > Personal access tokens

wolfv

export TOKEN=$(curl --silent https://ghcr.io/token\?scope\=repository:wolfv/artifact:pull | jq -r .token)

curl \
--silent \
--request 'GET' \
--header "Authorization: Bearer $TOKEN" \
--header "Accept: application/vnd.oci.image.manifest.v1+json" \
'https://ghcr.io/v2/wolfv/artifact/manifests/1.0'

echo "\n\nFetching image content now:\n\n"

dmattera

This list was auto-generated on macOS 10.15 (Catalina) using a script that did the following:

1. grabbed the name of all the .plist files located in the 5 folders used by launchctl:

• ~/Library/LaunchAgents Per-user agents provided by the user.
• /Library/LaunchAgents Per-user agents provided by the administrator.
• /Library/LaunchDaemons System wide daemons provided by the administrator.
• /System/Library/LaunchAgents OS X Per-user agents.
• /System/Library/LaunchDaemons OS X System wide daemons.

KoryNunn

Had 15 github followers in 2019? You can get about $4kAUD of crypto for minimal effort.

Explain this scam

That's legitimately a good default position to hold, however, in this case, the free money is a function of time, and not only charity.

In February 2020, in order to promote Handshake (HNS) to developers, an airdrop was offered to any Github user with more than 15 followers. The Airdrop would give you 4246HNS, at the time worth around at $0.08USD per coin, for a total of $339.68USD, pretty generous!

Today, 4246HNS is worth around $4000 dollarydoos, and there are plenty of github users who haven't claimed theirs.

LeZuse

Node.js on Apple Silicon

Node Version Manager (https://github.com/nvm-sh/nvm) works perfectly across native node installations as well as emulated Rosetta installations. The trick I am using here is to install one LTS version of node under Rosetta and another stable version as native binary.

TODO

• find a way how to run the same node version on both platforms