Skip to content

Instantly share code, notes, and snippets.

View avicoder's full-sized avatar
🖖
hmm hmm hmm hmm hmm

avicoder avicoder

🖖
hmm hmm hmm hmm hmm
201 followers · 0 following
View GitHub Profile
@subudeepak
subudeepak / WebSockets.md
Last active December 4, 2024 13:36
The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)

WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

  • The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
  • This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
  • This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t
@saliceti
saliceti / pre-commit
Last active March 12, 2021 18:38
Git pre-commit hook to check for AWS keys
#!/usr/bin/env bash
# Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook
# The checks are simple and can give false positives. Amend the hook in the specific repository.
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
@yjwong
yjwong / sre_task.md
Last active January 5, 2022 11:08

Cold Storage Group Ordering

Cold Storage is a popular supermarket chain in Singapore. As part of an employee benefit, Glints employees located in Singapore are given a fixed weekly office budget to purchase groceries to fill the office pantry. Unfortunately, the Cold Storage website does not have a group ordering function, which makes collating the list of items to buy a hassle.

To solve this problem, you proposed creating a service that everyone in the

@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active February 7, 2025 23:49
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@avicoder
avicoder / lark_slack.md
Created February 11, 2024 06:56
Mass Import Slack emojis to Larksuite.

Mass Importing Emojis from Slack to Larksuite

Prerequisite:

  1. Export all the emojies from Slack using this tool - https://emojibox.app/
  2. Convert all the exported emojies to the format accepted in Lark, i.e. 96x96, <100KB, png format, using this tool - https://redketchup.io/bulk-image-resizer
image
  1. Note the path where all the converted emojies are located.