Skip to content

Instantly share code, notes, and snippets.

View Shosta's full-sized avatar
πŸ§—
Furiously hacking

RΓ©mi Lavedrine Shosta

πŸ§—
Furiously hacking
27 followers · 45 following
View GitHub Profile
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 7, 2025 13:18
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@ronau
ronau / Nextcloud-Pi3-Setup.md
Last active July 2, 2024 22:23
Nextcloud on Raspberry Pi 3 Setup

Nextcloud on Raspberry Pi 3 Setup

Tip

There is a new and up-to-date version of this gist (with focus on the Raspi setup part): https://gist.github.com/ronau/462731589c44f91bb4a3b7d30d277ecf

This manual describes how to setup a Raspberry Pi 3 with nginx, PHP 7.0, MariaDB and use it as a Nextcloud server. Strong TLS encryption with Let's Encrypt certificates is also used. Of course, Owncloud can be used instead of Nextcloud. As of February 2017, the installation instructions are basically the same.

@xl7dev
xl7dev / Install Metasploit on OS X
Last active March 29, 2025 18:59
# XCode Command Line Tools
>xcode-select --install
# Install Homebrew
>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
>echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
>source ~/.bash_profile
>brew tap homebrew/versions
@oaass
oaass / thpsetup.py
Last active December 10, 2024 23:10
This will install the additional tools to Kali recommended by "The Hacker Playbook". It will install the tools in /opt/tools
#!/bin/bash
echo ""
echo "=========================================================================="
echo "= Pentest Attack Machine Setup ="
echo "= Based on the setup from The Hacker Playbook ="
echo "=========================================================================="
echo ""
# Prepare tools folder
@vsouza
vsouza / .bashrc
Last active March 7, 2025 09:42
Golang setup in Mac OSX with HomeBrew. Set `GOPATH` and `GOROOT` variables in zshell, fish or bash.
# Set variables in .bashrc file
# don't forget to change your path correctly!
export GOPATH=$HOME/golang
export GOROOT=/usr/local/opt/go/libexec
export PATH=$PATH:$GOPATH/bin
export PATH=$PATH:$GOROOT/bin
@rxaviers
rxaviers / gist:7360908
Last active April 9, 2025 07:11
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: πŸ˜„ :smile: πŸ˜† :laughing:
😊 :blush: πŸ˜ƒ :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
πŸ˜† :satisfied: 😁 :grin: πŸ˜‰ :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: πŸ˜€ :grinning:
πŸ˜— :kissing: πŸ˜™ :kissing_smiling_eyes: πŸ˜› :stuck_out_tongue:
@Shosta
Shosta / NSString+EmailValidating.h
Created October 4, 2013 07:53
NSString category to test if a string is a valid e-mail address.
//
// NSString+EmailValidating.h
//
//
// Created by Rems on 11/12/12.
// Copyright (c) 2012 . All rights reserved.
//
#import <Foundation/Foundation.h>