Skip to content

Instantly share code, notes, and snippets.

@Mins
Mins / mysql_secure.sh
Last active May 31, 2024 14:19
Automating mysql_secure_installation
#!/bin/bash
aptitude -y install expect
// Not required in actual script
MYSQL_ROOT_PASSWORD=abcd1234
SECURE_MYSQL=$(expect -c "
set timeout 10
# If you're looking into the C10M problem (10 million concurrent connections)
# you might want to play with DPDK (Originally proprietry Intel, now open source)
#
# C10M: http://c10m.robertgraham.com/
# DPDK: http://dpdk.org/
#
# This is a quick summary how to install dpdk on ubuntu
# running inside virtualbox on a mac
# On my Mac:
@tristanfisher
tristanfisher / Ansible-Vault how-to.md
Last active June 11, 2024 13:23
A short tutorial on how to use Vault in your Ansible workflow. Ansible-vault allows you to more safely store sensitive information in a source code repository or on disk.

Working with ansible-vault


I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.

What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.

Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.

@beezly
beezly / gist:267b80557900b865bc92
Last active February 17, 2021 10:37
Find the SSL/TLS version clients are negotiate with your SSL server. Adapt the "src port 443" part as per your requirements. Uses tshark from https://www.wireshark.org
tshark -f 'src port 443 and ether[0x42]=0x16 and ether[0x47]=0x02' -T fields -e ip.dst_host -e ssl.handshake.version
@denji
denji / golang-tls.md
Last active November 7, 2024 05:58 — forked from spikebike/client.go
Simple Golang HTTPS/TLS Examples
Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
@hngouveia01
hngouveia01 / debugging_kernel.txt
Last active August 21, 2024 08:14
Debugging kernel code line by line with Qemu and GDB
We are going to use buildroot to download, configure and compile the kernel.
First, download and uncompress buildroot: https://buildroot.org/download.html
Go to the directory and:
make qemu_x86_defconfig
make menuconfig
@ageis
ageis / systemd_service_hardening.md
Last active November 15, 2024 09:28
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@munificent
munificent / generate.c
Last active September 15, 2024 03:16
A random dungeon generator that fits on a business card
#include <time.h> // Robert Nystrom
#include <stdio.h> // @munificentbob
#include <stdlib.h> // for Ginny
#define r return // 2008-2019
#define l(a, b, c, d) for (i y=a;y\
<b; y++) for (int x = c; x < d; x++)
typedef int i;const i H=40;const i W
=80;i m[40][80];i g(i x){r rand()%x;
}void cave(i s){i w=g(10)+5;i h=g(6)
+3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u