Skip to content

Instantly share code, notes, and snippets.

//author @TraderX0
//script to plot daily Open high and low
//version 1.1
//last edited 22/11/2018
//title
study(title="TraderX0__O_H_L", shorttitle="TraderX0_O_H_L", overlay=true)
// holds the daily price levels
openPrice = security(tickerid, 'D', open)
@infosecn1nja
infosecn1nja / WMI-Persistence.ps1
Created May 14, 2018 15:12
Fileless WMI Persistence (PSEDWMIEvent_SU - SystemUptime)
# Fileless WMI Persistence (PSEDWMIEvent_SU - SystemUptime)
# https://wikileaks.org/ciav7p1/cms/page_14587908.html
<#
.SYNOPSIS
This script creates a persisted WMI event that executes a command upon trigger of the system's uptime being between a given range in seconds. The event will trigger only once.
#>
$EventFilterName = "Fileless WMI Persistence SystemUptime"

FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.


Effective Engineer - Notes

What's an Effective Engineer?

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@maxvt
maxvt / infra-secret-management-overview.md
Last active November 1, 2024 21:34
Infrastructure Secret Management Software Overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.

This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.

There is a companion feature matrix of various tools. Comments are welcome in the same manner.

@devster31
devster31 / swap.yml
Last active June 5, 2024 11:24 — forked from manuelmeurer/swap.yml
Ansible role for creating a Swap file
- name: set swap_file variable
set_fact:
swap_file: /{{ swap_space }}.swap
- name: check if swap file exists
stat:
path: "{{ swap_file }}"
register: swap_file_check
- name: create swap file
@joecampo
joecampo / fail2ban.md
Last active November 6, 2024 10:14
fail2ban – stop HTTP(S) route abuse/brute forcing

If you're not familiar: What is fail2ban? fail2ban is an awesome linux service/monitor that scans log files (e.g. auth.log for SSH) for potentially malicious behavior. Once fail2ban is tripped it will ban users for a specified duration by adding rules to Iptables. If you're unfamiliar with fail2ban Chris Fidao has a wonderful (& free!) series about security including setting up fail2ban here.

Recently Laravel released a new feature in 5.1 to throttle authentication attempts by simply adding a trait to your authentication controller. The Laravel throttle trait uses the inputted username, and IP address to throttle attempts. I love seeing this added to a framework out of the box, but what about some of our other apps not built on Laravel? Like a WordPress login? Or even an open API etc.? Ultimately,

@pmarreck
pmarreck / encrypt_decrypt.sh
Last active September 23, 2021 20:18
Some easy bash scripts to encrypt/decrypt data, for anyone who wants to go all cloak&dagger. (bitcoin private keys, etc.)
# Encryption functions. Requires the GNUpg "gpg" commandline tool. On OS X, "brew install gnupg"
# Explanation of options here:
# --symmetric - Don't public-key encrypt, just symmetrically encrypt in-place with a passphrase.
# -z 9 - Compression level
# --require-secmem - Require use of secured memory for operations. Bails otherwise.
# cipher-algo, s2k-cipher-algo - The algorithm used for the secret key
# digest-algo - The algorithm used to mangle the secret key
# s2k-mode 3 - Enables multiple rounds of mangling to thwart brute-force attacks
# s2k-count 65000000 - Mangles the passphrase this number of times. Takes over a second on modern hardware.
# compress-algo BZIP2- Uses a high quality compression algorithm before encryption. BZIP2 is good but not compatible with PGP proper, FYI.