How to set up a Headless Selenium Testing environment for CentOS 6.3.
Follow these steps to set up a CentOS 6.3 host to run headless Selenium tests with Firefox.
""" | |
This example requires the body-streaming tornado fork at https://github.com/nephics/tornado. | |
Refer to http://groups.google.com/group/python-tornado/browse_thread/thread/791c67cb86c2dea2. | |
Supports uploading an unlimited number/size of files in a single | |
PUT multipart/form-data request. Each file is processed as the stream | |
finds the part in the form data. | |
==USAGE== |
#!/bin/bash | |
# | |
# validate nginx config | |
# | |
# depends upon a symbolic link from /var/apps/redirector to dist directory | |
# and a build of nginx which supports real_ip and other extensions | |
# | |
# probably best to build a chroot'd tree containing a complete nginx server | |
# though that's a lot of work to copy in shared libraries, etc |
import unittest, os, os.path, sys, urllib | |
import tornado.database | |
import tornado.options | |
from tornado.options import options | |
from tornado.testing import AsyncHTTPTestCase | |
# add application root to sys.path | |
APP_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), '..')) | |
sys.path.append(os.path.join(APP_ROOT, '..')) |
from sqlalchemy import engine | |
from sqlalchemy import event | |
class DbStats(): | |
def __init__(self): | |
self.clear() | |
def clear(self): | |
self.total_queries = 0 | |
self.total_time = 0 |
The process starts by creating the CSR and the private key:
openssl req -nodes -newkey rsa:2048 -nodes -keyout dotmarks.net.key -out dotmarks.net.csr -subj "/C=GB/ST=London/L=London/O=dotmarks/OU=IT/CN=dotmarks.net"
Generates
#!/usr/bin/env python | |
# -*- coding:utf-8 -*- | |
from hsdo import make_app | |
from tornado.testing import AsyncHTTPSTestCase | |
from tornado.escape import json_encode | |
class BaseAsyncHTTPSTestCase(AsyncHTTPSTestCase): | |
def get_app(self): |
I screwed up using git ("git checkout --" on the wrong file) and managed to delete the code I had just written... but it was still running in a process in a docker container. Here's how I got it back, using https://pypi.python.org/pypi/pyrasite/ and https://pypi.python.org/pypi/uncompyle6
apt-get update && apt-get install gdb
# Powershell script to bypass UAC on Vista+ assuming | |
# there exists one elevated process on the same desktop. | |
# Technical details in: | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
# You need to Install-Module NtObjectManager for this to run. | |
Import-Module NtObjectManager |
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output