Setting a minimum release age (a "cooldown") on dependencies is a cheap, high-leverage defense against supply-chain attacks. Most malicious package versions are detected and yanked within hours, so a 24-hour delay filters out the smash-and-grab incidents (axios 1.14.1, ua-parser-js, Solana web3.js, etc.).
All three major Node.js package managers now support this, but each one used a different name and a different unit. Here is what you need.
| Tool | Setting | Unit | Introduced in |
|---|
Launch a new agent that has access to the following tools: Bash, Glob, Grep, LS, exit_plan_mode, Read, Edit, MultiEdit, Write, NotebookRead, NotebookEdit, WebFetch, TodoRead, TodoWrite, WebSearch. When you are searching for a keyword or file and are not confident that you will find the right match in the first few tries, use the Agent tool to perform the search for you.
When to use the Agent tool:
When NOT to use the Agent tool:
| #!/usr/bin/env bash | |
| set -Eeuo pipefail | |
| trap cleanup SIGINT SIGTERM ERR EXIT | |
| script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P) | |
| usage() { | |
| cat <<EOF | |
| Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...] |
| #!/usr/bin/env node | |
| var fs = require('fs'); | |
| var esprima = require('esprima'); | |
| var escodegen = require('escodegen'); | |
| var estraverse = require('estraverse'); | |
| var debug = true; | |
| var rename = true; | |
| var stringrotatefunc = ` | |
| (function (array, times) { |
about:config settings to harden the Firefox browser. Privacy and performance enhancements.
To change these settings type 'about:config' in the url bar.
Then search the setting you would like to change and modify the value. Some settings may break certain websites from functioning and
rendering normally. Some settings may also make firefox unstable.
Not all these changes are necessary and will be dependent upon your usage and hardware. Do some research on settings if you don't understand what they do. These settings are best combined with your standard privacy extensions (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".
| (function() { | |
| 'use strict'; | |
| // keep track of all the opened tab | |
| let tabs = {}; | |
| // Get all existing tabs | |
| chrome.tabs.query({}, function(results) { | |
| results.forEach(function(tab) { | |
| tabs[tab.id] = tab; |
The below instructions describe the process for MITM'ing a target device over HTTPS using nginx. It tries to go over every aspect of intercepting traffic, including hosting a Wifi access point.
The goal is to get a target device (such as an iPhone, Wii U, or another computer) to trust our local nginx server instead of the remote trusted server. This is going to be done by importing a custom CA root certificate on the target that corresponds with the nginx server's certificate.
Client (Trusted Device) <--> MITM Server (nginx) <--> Remote (Trusted) Server
These instructions are being performed on a PureOS machine, which is Debian based. They should also work in other environments with slight modifications
| #!/usr/bin/env python3 | |
| import base64 | |
| import json | |
| import requests | |
| from aws_requests_auth.boto_utils import BotoAWSRequestsAuth | |
| """ | |
| This code will connect from an ECS container to a remote Hashicorp Vault server | |
| and authenticate using the 'iam' auth_type for the AWS auth backend. |
| data "template_file" "inventory" { | |
| template = "${file("inventory.tpl")}" | |
| vars { | |
| backend_ip = "${aws_instance.backend.public_ip}" | |
| frontend_ip = "${aws_instance.frontend.public_ip}" | |
| landing_ip = "${aws_instance.landing.public_ip}" | |
| key_path = "${var.instance_key_path}" | |
| } | |
| } |
