If you'd like to experiment with Terraform on macOS locally, a great provider for doing so is the Docker provider. You can get set up in a few simple steps, like so:
Install Docker for Mac if you have not already.
Nedko Hristov NedkoHristov
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 2017 - @leonjza | |
| # | |
| # Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC | |
| # Full bug description: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html | |
| # Usage example: | |
| # | |
| # List available posts: | |
| # | |
| # $ python inject.py http://localhost:8070/ |
brianshumate
/ docker-macos-terraform.md
Last active
November 14, 2024 11:35
The Simplest Terraform with Docker on macOS
Random query recipes of JMESPath for the AWS CLI tools that I might have written or stumbled upon.
EdOverflow
/ github_bugbountyhunting.md
Last active
April 23, 2025 15:23
My tips for finding security issues in GitHub projects.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
Rillke
/ SSH-through-bastion.dokuwiki
Last active
April 27, 2020 14:12
SSH through bastion host: SSH and PuTTY
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| * Linux: ~/.ssh/config: | |
| <code> | |
| Host SHORTCUT | |
| Hostname FULLURL_OR_IP_TARGET_HOST | |
| User USERNAME | |
| Host FULLURL_OR_IP_TARGET_HOST | |
| ProxyCommand ssh -a -W %h:%p BASTION_HOST | |
| Port NUMBER |
raghunayak
/ disable_auto_updater.sh
Last active
March 1, 2023 16:41
Script to disable Auto Updater on Ubuntu 16.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Script to disable auto-updater on Ubuntu 16.04 | |
| # Disable the automatic package updates | |
| echo "Disabling automatic package updates and upgrades" | |
| sudo sed -i 's/"1"/"0"/g' /etc/apt/apt.conf.d/10periodic /etc/apt/apt.conf.d/20auto-upgrades | |
| # Stop and disable apt updater/upgrade timers/services | |
| sudo systemctl disable --now apt-daily.timer |
OlderNewer