Skip to content

Instantly share code, notes, and snippets.

View Shosta's full-sized avatar
🧗
Furiously hacking

Rémi Lavedrine Shosta

🧗
Furiously hacking
26 followers · 45 following
View GitHub Profile
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active November 8, 2024 20:13
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@ronau
ronau / Nextcloud-Pi3-Setup.md
Last active July 2, 2024 22:23
Nextcloud on Raspberry Pi 3 Setup

Nextcloud on Raspberry Pi 3 Setup

Tip

There is a new and up-to-date version of this gist (with focus on the Raspi setup part): https://gist.github.com/ronau/462731589c44f91bb4a3b7d30d277ecf

This manual describes how to setup a Raspberry Pi 3 with nginx, PHP 7.0, MariaDB and use it as a Nextcloud server. Strong TLS encryption with Let's Encrypt certificates is also used. Of course, Owncloud can be used instead of Nextcloud. As of February 2017, the installation instructions are basically the same.

@xl7dev
xl7dev / Install Metasploit on OS X
Last active August 17, 2024 21:30
# XCode Command Line Tools
>xcode-select --install
# Install Homebrew
>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
>echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
>source ~/.bash_profile
>brew tap homebrew/versions
@oaass
oaass / thpsetup.py
Last active April 12, 2023 00:54
This will install the additional tools to Kali recommended by "The Hacker Playbook". It will install the tools in /opt/tools
#!/bin/bash
echo ""
echo "=========================================================================="
echo "= Pentest Attack Machine Setup ="
echo "= Based on the setup from The Hacker Playbook ="
echo "=========================================================================="
echo ""
# Prepare tools folder
@vsouza
vsouza / .bashrc
Last active September 21, 2024 12:31
Golang setup in Mac OSX with HomeBrew. Set `GOPATH` and `GOROOT` variables in zshell, fish or bash.
# Set variables in .bashrc file
# don't forget to change your path correctly!
export GOPATH=$HOME/golang
export GOROOT=/usr/local/opt/go/libexec
export PATH=$PATH:$GOPATH/bin
export PATH=$PATH:$GOROOT/bin
@rxaviers
rxaviers / gist:7360908
Last active November 15, 2024 16:55
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: 😄 :smile: 😆 :laughing:
😊 :blush: 😃 :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
😆 :satisfied: 😁 :grin: 😉 :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: 😀 :grinning:
😗 :kissing: 😙 :kissing_smiling_eyes: 😛 :stuck_out_tongue:
@Shosta
Shosta / NSString+EmailValidating.h
Created October 4, 2013 07:53
NSString category to test if a string is a valid e-mail address.
//
// NSString+EmailValidating.h
//
//
// Created by Rems on 11/12/12.
// Copyright (c) 2012 . All rights reserved.
//
#import <Foundation/Foundation.h>