- Installation:
- Create a virtual environment:
python3 -m venv “my_env” - Activate the created virtual environment:
- Windows:
source “my_env”/Scripts/Activate - Linux:
source “my_env”/bin/activate - Once activated, use “pip” to download the semgrep library:
pip install semgrep
Semgrep can also be installed directly without creating any virtual environment but it’s always recommended to have a virtual environment set-up in case things go wrong, you can switch back to your normal environment and work with it.
- Windows:
- Create a virtual environment:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: REMOVE_TOKENS | |
| info: | |
| name: "Broken Authentication by removing auth token" | |
| description: "API doesn't validate the authenticity of token. Attacker can remove the auth token and access the endpoint." | |
| details: > | |
| "The endpoint appears to be vulnerable to broken authentication attack. The original request was replayed by removing victim's <b>auth</b> token. The server responded with 2XX success codes.<br>" | |
| "<b>Background:</b> Authentication is the process of attempting to verify the digital identity of the sender of a communication. Testing the authentication schema means understanding how the authentication process works and using that information to | |
| circumvent the authentication mechanism. While most applications require authentication to gain access to private information or to execute tasks, not every authentication method is able to provide adequate security. Negligence, ignorance, or simple | |
| understatement of security threats often result in authentication schemes that can be bypassed |
Himan10
/ feeds.opml
Created
April 9, 2025 20:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <opml version="1.0"> | |
| <head> | |
| <title>Engineering Blogs</title> | |
| </head> | |
| <body> | |
| <outline text="Engineering Blogs" title="Engineering Blogs"> | |
| <outline type="rss" text="8th Light" title="8th Light" xmlUrl="https://8thlight.com/insights/feed/rss.xml" htmlUrl="https://8thlight.com/blog/"/> | |
| <outline type="rss" text="AdRoll" title="AdRoll" xmlUrl="http://tech.adroll.com/feed.xml" htmlUrl="http://tech.adroll.com/blog/"/> | |
| <outline type="rss" text="Advanced Web Machinery" title="Advanced Web Machinery" xmlUrl="https://advancedweb.hu/atom.xml" htmlUrl="https://advancedweb.hu/"/> |
Himan10
/ secure_code_review.md
Last active
August 28, 2024 08:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class User(models.Model): | |
| """ | |
| Represents a user profile with related details. | |
| This class defines the attributes associated with a user profile. | |
| This class has two foreign keys that point to Job and Company table | |
| """ | |
| def media_upload_path(instance, filename): | |
| return f"user_{instance.user_id}/data/{filename}" |
Himan10
/ missing_functionalities_in_jobAPI.md
Created
October 21, 2023 10:50
Missing functionalities in API (Jobs)
- Jobs
- Industry
- Job Type
- Salary
- Qualification
- Vacency position
- Total applyed (we already have a number of applicants for this)
- About the Job:
Himan10
/ genymotionlogs.txt
Last active
May 3, 2023 05:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] ==== STARTING PLAYER ==== | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] Player version: "3.3.3" 20230301-8f94f87b97 | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] args: ("/opt/genymotion/player", "--vm-name", "07706b39-b5d5-437a-aa36-a71663de9778") | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] "Local socket created at path: /tmp/dcd0d36bfe6c40ac5b8d66e9efb9b069" | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] No proxy set | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] Host date and time: "02 May 2023 21:30:52 +0530" | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] "Notifying launchpad of status change: 07706b39-b5d5-437a-aa36-a71663de9778 BOOTING" | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] Progress dialog is visible. devicePixelRatio: 1 | |
| 2023-05-02T21:30:52+05:30 [Genymotion Player:159871] [debug] Device is up to date | |
| 2023-05-02T21:30:52+05:30 [Genymo |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Jan 04 20:03:42 blackHat systemd-coredump[16912]: [🡕] Process 16904 (wireshark) of user 1000 dumped core. | |
| Stack trace of thread 16904: | |
| #0 0x00007ff4c08ba64c n/a (libc.so.6 + 0x8864c) | |
| #1 0x00007ff4c086a958 raise (libc.so.6 + 0x38958) | |
| #2 0x00007ff4c085453d abort (libc.so.6 + 0x2253d) | |
| #3 0x00007ff4c1aea03c n/a (libwsutil.so.14 + 0xc03c) | |
| #4 0x00007ff4c1afb02a ws_log (libwsutil.so.14 + 0x1d02a) | |
| #5 0x0000564a86f04a63 n/a (wireshark + 0x249a63) | |
| #6 0x00007ff4c0e38ab8 n/a (libQt5Core.so.5 + 0xe0ab8) |
Himan10
/ discordProblem.py
Created
April 23, 2021 09:47
get the data stored in all the curly braces pairs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def get_data_from_file(file_path): | |
| # Read File | |
| with open(file_path, 'r') as file: | |
| data = file.read() | |
| return data | |
| def check_paranthesis(data: str): | |
| """ Check if the string contains valid opening/closing tag """ | |
| stack = [] |
Himan10
/ vocabfetch.py
Created
March 26, 2021 18:30
Fetch the meaning (short and long) of a given word
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3.8 | |
| import types | |
| import requests | |
| from sys import argv | |
| from re import match | |
| from bs4 import BeautifulSoup | |
| from pynput import keyboard | |
| from functools import partial | |
| from colorama import Fore, Style |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Implementation of split method | |
| def split(string: str, separator: str, max_split=-1): | |
| if separator.__len__() == 0 or string.__len__() == 0: | |
| raise ValueError | |
| result = [] | |
| temp = '' | |
| i = 0 | |
| s_index = 0 | |
| full_match = False |
NewerOlder