chtzvt

require "sinatra"
require "openssl"
require "faraday"
require "json"
require "base64"
require "octokit"

set :port, 3000

COPILOT_API_KEYS_URL = "https://api.github.com/meta/public_keys/copilot_api"

chtzvt

GitHubAuditLogPolling_CL
| where action_s =~ "integration_installation.repositories_added" or action_s =~ "integration_installation.create"
| extend appName = tostring(name_s)
| extend organization = tostring(org_s)
| project-reorder TimeGenerated, actor_s, org_s, organization
| extend date_time = unixtime_milliseconds_todatetime(_timestamp_d)
| project TimeGenerated = date_time, AccountCustomEntity = actor_s, organization = org_s, appName , action = action_s

chtzvt

# .pdf to .pdf - 90+% compression ratio (lossy)

find . -type f -iname "*.pdf" -exec gs -sDEVICE=pdfwrite -dPDFSETTINGS=/prepress -dCompatibilityLevel=1.4 -dNOPAUSE -dBATCH -sOutputFile={}.optimized.pdf {} \;

# .ai to .pdf - 90+% compression ratio

find . -type f -iname "*.ai" -exec gs -sDEVICE=pdfwrite -dPDFSETTINGS=/prepress -dCompatibilityLevel=1.4 -dNOPAUSE -dBATCH -sOutputFile={}.optimized.pdf {} \;

chtzvt

require 'octokit'

access_token = ENV["GH_PAT"]
org_name = ENV["GH_ORG"]

begin
  client = Octokit::Client.new(access_token: access_token)
rescue Octokit::Unauthorized
    puts "Invalid access token. Please set the GH_PAT environment variable to a valid GitHub Personal Access Token."
    exit

chtzvt

# Welcome to the Starter Pipeline for GitHub Advanced Security for Azure DevOps (GHAzDo)
#
# This pipeline enables two core features of GHAzDo for your repository: 
#
# - Dependency Scanning, which will examine your application's package manifests
# to find and alert on any vulnerable dependencies you may be using, and
#
# - Code Scanning, which performs static analysis (SAST) of your application's source
# code to identify certain types of security vulnerabilities, along with additional, 
# optional quality checks.

chtzvt

# LVDB - LLOOGG Memory DB
# Copyriht (C) 2009 Salvatore Sanfilippo <[email protected]>
# All Rights Reserved

# TODO
# - cron with cleanup of timedout clients, automatic dump
# - the dump should use array startsearch to write it line by line
#   and may just use gets to read element by element and load the whole state.
# - 'help','stopserver','saveandstopserver','save','load','reset','keys' commands.
# - ttl with milliseconds resolution 'ttl a 1000'. Check ttl in dump!

chtzvt

GitHub Secret Scanning - PEM Format

Secret format: ((\w|[=/+])+\r?\n)+

Before secret: -----BEGIN ([A-Z]+ )?PRIVATE KEY-----\r?\n

After secret: -----END ([A-Z]+ )?PRIVATE KEY-----

chtzvt

# Scholten/Dijkstra pebble game
# https://youtu.be/31KI7fk15QA?t=90

# my implementation (an abomination)
class Pebble 
    attr_accessor :color

    def initialize
        @color = 1 + rand(2) > 1 ? :black : :white
    end 

chtzvt

# Okasaki style Functional Red Black Tree
# https://www.cs.tufts.edu/comp/150FP/archive/chris-okasaki/redblack99.pdf
#
# leaves and root are black
# BST
# No red node has a red child
# Every path from the root to a leaf has the same number of black nodes

module RBTree
  class Leaf

chtzvt

SYSTEM_LAN_IFACE="eth0"
VPN_CLIENT_IFACE="tun0"
DEST_IP="10.173.204.63"
FWDED_PORT="22"
SOURCE_NET_WHITELIST="10.0.2.0/24,10.0.3.0/24"

get_iface_ip() {
    IP=`ip addr show $1 | grep -o "inet [0-9]*\.[0-9]*\.[0-9]*\.[0-9]*" | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*"`
    if [[ $? -ne 0 ]];
    then