Skip to content

Instantly share code, notes, and snippets.

View d33tah's full-sized avatar

Jacek Wielemborek d33tah

115 followers · 23 following
View GitHub Profile
@petrleocompel
petrleocompel / README.md
Last active December 2, 2019 21:48
Discord xdg-mime fixup -> https://bune.city/2019/05/discord-and-spotify-for-linux-and-xdg-mime/

Fist of all need to move xdg-mime to xdg-mime.orig

mv /usr/bin/xdg-mime /usr/bin/xdg-mime.orig

then new file xdg-mime and xdg-mime.bash

@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active November 8, 2024 20:13
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@ChiChou
ChiChou / unhex.sql
Last active October 11, 2023 05:44
SQLite3 convert hex string to int (requires sqlite >= 3.8.3)
WITH RECURSIVE
unhex(str, val, weight) AS (
SELECT 'deadbeef', 0, 1
UNION ALL
SELECT
substr(str, 1, length(str) - 1),
val + (instr('0123456789ABCDEF', substr(str, length(str), 1)) - 1) * weight,
weight * 16
FROM unhex WHERE length(str) > 0
)
@zmwangx
zmwangx / uuniq
Created July 1, 2014 18:16
Shell script: unsorted uniq via awk (uniq without sorting first).
#!/bin/bash
# remove duplicates without pre-sorting
# `uuniq' stands for unsorted uniq
awk '!x[$0]++'
@d33tah
d33tah / asm.c
Created April 13, 2013 19:40
A quick-and-dirty tongue-in-cheek generator of a tiny assembler source code written in assembler ;)
//make asm ; python -c "open('asm.S','w').write('\n'.join(map(lambda x: 'db 0x%02x' % ord(x) ,open('asm','r').read())))"
#include "stdlib.h"
#include "assert.h"
#include "stdio.h"
int hex2int(char hex)
{
if(hex<'0'|| (hex<'A' && (hex>'Z' && hex<'a')) || hex>'z' )
{
@d33tah
d33tah / asm.py
Last active December 16, 2015 03:08
#!/usr/bin/python
import sys #argv
import os #we'll need the following two to perform a "chmod +x" equivalent
import stat
import subprocess #to test our result
def error(message):
print("ERROR: "+message)
sys.exit(1)
@hrldcpr
hrldcpr / tree.md
Last active September 1, 2024 07:04
one-line tree in python

One-line Tree in Python

Using Python's built-in defaultdict we can easily define a tree data structure:

def tree(): return defaultdict(tree)

That's it!

@d33tah
d33tah / calc_slush.py
Created August 2, 2011 12:46
A simple script to calculate avg time needed to find a bitcoin block on Slush's bitcoin mining pool
#!/usr/bin/python
import urllib
from lxml import html
raw_html = urllib.urlopen("http://mining.bitcoin.cz/stats/").read()
parsed_html=html.fromstring(raw_html)
#all TRs from the second table, without the header TR
data_rows = parsed_html.xpath('//table')[1].xpath('.//tr')[1:]
sum_seconds=0
for d in data_rows:
#the second column contains the calculation time