Skip to content

Instantly share code, notes, and snippets.

View KevinHock's full-sized avatar
👀
https://www.youtube.com/watch?v=23NlO1EOGyI

KevinHock

👀
https://www.youtube.com/watch?v=23NlO1EOGyI
View GitHub Profile
@danielpops
danielpops / example_output.txt
Created February 24, 2018 01:04 — forked from coffeetocode/example_output.txt
Example of bypasses for naive blacklists of 169.254.169.254 local metadata service. See https://twitter.com/coffeetocode/status/912788650408026112
$ ./try_local_metadata.sh
Trying 169.254.169.254... found metadata
Trying 169.254.43518... -
Trying 169.1668966... -
Trying 2852039166... found metadata
Trying 0251.0376.0251.0376... found metadata
Trying 0251.0376.0124776... -
Trying 251.0775248... -
Trying 25177524776... -
Trying 0xa9.0xfe.0xa9.0xfe... found metadata
@coffeetocode
coffeetocode / example_output.txt
Last active September 15, 2022 18:29
Example of bypasses for naive blacklists of 169.254.169.254 local metadata service. Useful for SSRF testing, among other things. See https://twitter.com/coffeetocode/status/912788650408026112
$ ./try_local_metadata.sh
Trying 169.254.169.254... found metadata
Trying 169.254.43518... found metadata
Trying 169.16689662... found metadata
Trying 2852039166... found metadata
Trying 0251.0376.0251.0376... found metadata
Trying 0251.0376.0124776... found metadata
Trying 251.0775248... -
Trying 25177524776... -
Trying 0xa9.0xfe.0xa9.0xfe... found metadata
@domanchi
domanchi / cheatsheet.md
Last active July 26, 2024 21:45
[splunk cheatsheet] Splunk snippets, because their syntax is so confusing. #splunk

Splunk Queries

I really don't like Splunk documentation. Why is it so hard to find out how to do a certain action? So this is a cheatsheet that I constructed to help me quickly gain knowledge that I need.

Analysis

Events over time

index="my_log"

A description of known problems in Satoshi Nakamoto's paper, "Bitcoin: A Peer-to-Peer Electronic Cash System", as well as notes on terminology changes and how Bitcoin's implementation differs from that described in the paper.

Abstract

The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.

@kharmabum
kharmabum / ocmock-cheatsheet.m
Last active July 30, 2024 07:14
OCMock cheatsheet
/*----------------------------------------------------*/
#pragma mark - XCTAsserts
/*----------------------------------------------------*/
XCTAssert(expression, format...);
XCTAssertTrue(expression, format...);
XCTAssertFalse(expression, format...);
XCTAssertEqual(expression1, expression2, format...);
XCTAssertNotEqual(expression1, expression2, format...);
XCTAssertNil(expression, format...);
@yoshi0309
yoshi0309 / deleteByQuery.py
Last active October 26, 2018 13:27
delete documents by query result for Amazon CloudSearch.
#!/usr/bin/python
# -*- coding: utf-8 -*-
import sys
import urllib
import urllib2
import json
# you need to set your domain endpoints.
SEARCH_ENDPOINT = "XXXXX.us-east-1.cloudsearch.amazonaws.com"
DOCUMENT_ENDPOINT = "XXXXX.us-east-1.cloudsearch.amazonaws.com"
@trietptm
trietptm / gist:8195027
Created December 31, 2013 10:29
A lot of valuable advice from Rolf Rolles http://magazine.hitb.org/issues/HITB-Ezine-Issue-005.pdf
Bài phỏng vấn Rolf Rolles của HITB hay đến từng cm :D , đây mới đúng là hacker:
http://magazine.hitb.org/issues/HITB-Ezine-Issue-005.pdf
What are your favorite reverse engineering tools?
IDA, Resource Hacker, 010 Editor, VMWare, SoftICE, and those that I develop myself.
How would you describe the process of reverse engineering to a beginner?
Step 0: Pose a question (how is the program accomplishing X?).
Step 1: Find a portion of the code relevant to the inquiry via a variety of static and dynamic means.
Step 2: Analyze that code to obtain information; annotate the binary with what you have learned.
@rxaviers
rxaviers / gist:7360908
Last active November 19, 2024 06:37
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: 😄 :smile: 😆 :laughing:
😊 :blush: 😃 :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
😆 :satisfied: 😁 :grin: 😉 :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: 😀 :grinning:
😗 :kissing: 😙 :kissing_smiling_eyes: 😛 :stuck_out_tongue:
@levigross
levigross / constant_time.go
Created May 4, 2011 05:29
GoLang constant time
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// src location /src/pkg/crypto/subtle/constant_time.go
// Package subtle implements functions that are often useful in cryptographic
// code but require careful thought to use correctly.
package subtle