0x9090
/ makeApp.sh
Created
March 5, 2018 18:54
Create a OSX desktop app from a web page. (not my code, unsure who to credit)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Usage: | |
| # makeApp.sh <appname> <url> <iconurl> | |
| # | |
| # Examples: | |
| # ./makeApp.sh Gmail https://gmail.com http://3.bp.blogspot.com/_rx1dHU9EQFY/THCcfaArRsI/AAAAAAAAB-k/-T1oLDCAEZg/s1600/gmail_logo_contact.png | |
| # ./makeApp.sh Gmail file:///path/to/my/downloaded/icon | |
| # The app name. Example "Gmail". No spaces. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <opml version="1.0"> | |
| <head> | |
| <title>Nops subscriptions in feedly Cloud</title> | |
| </head> | |
| <body> | |
| <outline text="Security" title="Security"> | |
| <outline type="rss" text="X-Force Research β Security Intelligence" title="X-Force Research β Security Intelligence" xmlUrl="http://securityintelligence.com/topics/x-force/feed/" htmlUrl="https://securityintelligence.com"/> | |
| <outline type="rss" text="SecurityIntelligence" title="SecurityIntelligence" xmlUrl="http://securityint.blogspot.com/feeds/posts/default" htmlUrl="http://securityint.blogspot.com/"/> |
0x9090
/ gist:e02577d3bfa20d164b87f85cf60dc0e3
Last active
October 13, 2017 05:36
Guide To Software Security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- Reproduced From OneUpSecurity (Justin Taft) --- https://www.oneupsecurity.com/research/five-minute-guide-to-software-security/ | |
| Education is the best way to mitigate security breaches. Remember, security is not only a business decision, but also a moral decision. Always seek advice from an experienced security professional. | |
| Hacker Mentality | |
| Study and question everything. Break to learn, don't learn to break. | |
| Don't assume something is secure without testing it. | |
| Secure specifications are often implemented insecurely. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables -P INPUT ACCEPT | |
| iptables -F | |
| iptables -A INPUT -i lo -j ACCEPT | |
| iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A INPUT -p tcp --dport 22 -j ACCEPT | |
| iptables -P INPUT DROP | |
| iptables -P FORWARD DROP | |
| iptables -P OUTPUT ACCEPT | |
| iptables -L -v |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os, binascii | |
| # Converts the target binary file to a C formatted string. Useful for embedding binary files in C source code | |
| target = "C:\\Windows\\System32\\cmd.exe" | |
| output_file = "C:\\file.txt" | |
| bytes_per_line = 16 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import socket, sys | |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| port = 6675 | |
| server_address = ("0.0.0.0", port) | |
| sock.bind(server_address) | |
| sock.listen(1) | |
| while True: |
0x9090
/ gist:cb1e3b20f65c0919313d770d269f2486
Last active
March 1, 2017 09:51
structured cookie testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - clear your browsers cache, delete everyting (this will log you out) | |
| - visit the page with the fresh reseted browser and see what cookie you get when you visit page first time (without being logged in) | |
| - save this cookie for later | |
| - now browse the site while beeing NOT logged in, see if and how the cookie changes | |
| - after collecting all data that not involves a session, go and log in | |
| - save this cookie, now compare with the cookie you gathered at first visit | |
| - check what fields have changed, those that stayed same will move down on the list as second choice for alter testing | |
| - any value that has changed, or any parameter that was beeing added, is now to be investigated | |
| - now try changing values, start with the IP and useragent field first | |
| - see if it logs you out after changing your useragent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------- | |
| --- Mirrored From http://quietlydreaming.wumpy.xyz/qd.txt --- | |
| ------------------------------------------------------------- | |
| 1961.01.02 Caltech hackers (Fiendish Fourteen) hacked the stunt cards at the Rose Bowl (U of Wash vs Minnesota) | |
| to say CALTECH instead of WASHINGTON and show a beaver instead of a husky | |
| 1969.10.29 The Internet is born as the first ARPANET link was established on October 29, 1969, between the IMP at UCLA and the IMP at SRI. By December, the entire 4-node network was connected. | |
| 1971.00.00 John Draper (Cap'n Crunch) uses whistle (blue box) to access Ma Bell | |
| 1971.00.00 First e-mail program written by Ray Tomlinson | |
| 1972.05.00 John Draper arrested for phone fraud |
0x9090
/ Coordinating ADFS Token Lifetime
Created
July 27, 2016 20:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------ | |
| This is a backup of a useful article on ADFS token lifetimes that was taken down. Original URL is = https://tristanwatkins.com/coordinating-adfs-2012-r2-token-lifetime-logon-prompt-enforce-revocation-session-duration-public-network/ | |
| ------------ | |
| Coordinating AD FS 2012 R2 token lifetimes to reduce logon prompts, enforce revocation and limit session duration over public networks | |
| Back in February, I posted a question on the Geneva forum about Adjusting token lifetimes at the Web Application Proxy (WAP) for external access: |
0x9090
/ mime.types
Created
April 4, 2016 07:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| types { | |
| text/html html htm shtml; | |
| text/css css; | |
| text/xml xml; | |
| image/gif gif; | |
| image/jpeg jpeg jpg; | |
| application/javascript js; | |
| application/atom+xml atom; | |
| application/rss+xml rss; |