Metadata in PDF files can be stored in at least two places:
- the Info Dictionary, a limited set of key/value pairs
- XMP packets, which contain RDF statements expressed as XML
deblike
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.
grugq
/ free security advice.md
Last active
January 15, 2025 10:45
xvitaly
/ remove_crw.cmd
Last active
July 12, 2025 09:00
Remove telemetry updates for Windows 7 and 8.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| echo Uninstalling KB3075249 (telemetry for Win7/8.1) | |
| start /w wusa.exe /uninstall /kb:3075249 /quiet /norestart | |
| echo Uninstalling KB3080149 (telemetry for Win7/8.1) | |
| start /w wusa.exe /uninstall /kb:3080149 /quiet /norestart | |
| echo Uninstalling KB3021917 (telemetry for Win7) | |
| start /w wusa.exe /uninstall /kb:3021917 /quiet /norestart | |
| echo Uninstalling KB3022345 (telemetry) | |
| start /w wusa.exe /uninstall /kb:3022345 /quiet /norestart | |
| echo Uninstalling KB3068708 (telemetry) |
eladnava
/ mongodb-s3-backup.sh
Last active
September 13, 2024 11:42
Automatically backup a MongoDB database to S3 using mongodump, tar, and awscli (Ubuntu 14.04 LTS)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Make sure to: | |
| # 1) Name this file `backup.sh` and place it in /home/ubuntu | |
| # 2) Run sudo apt-get install awscli to install the AWSCLI | |
| # 3) Run aws configure (enter s3-authorized IAM user and specify region) | |
| # 4) Fill in DB host + name | |
| # 5) Create S3 bucket for the backups and fill it in below (set a lifecycle rule to expire files older than X days in the bucket) | |
| # 6) Run chmod +x backup.sh | |
| # 7) Test it out via ./backup.sh |
bontchev
/ EQgroup.md
Last active
June 15, 2025 12:04
Curated list of links describing the leaked Equation Group tools for Windows
-
Lost in Translation - A repository of the leaked tools
-
MS17-010 - Port of some of the exploits to Windows 10
EdOverflow
/ github_bugbountyhunting.md
Last active
October 24, 2025 09:41
My tips for finding security issues in GitHub projects.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
abridgland
/ gaussian-processes-1.ipynb
Last active
August 24, 2025 14:36
A Jupyter notebook to accompany Intro to Gaussian Processes - Part I at http://bridg.land/posts/gaussian-processes-1
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
gwillem
/ _cronrat.sh
Last active
August 27, 2024 18:17
This is the decoded payload from the CRON loader. Full analysis here: https://sansec.io/research/cronrat
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set -eEu | |
| set -o pipefail | |
| trap 'echo "L$LINENO"; O70; exit -1' ERR | |
| O54=4 | |
| function O70() | |
| { | |
| if [[ ! -z "${O57+x}" ]]; then | |
| if [[ -f "${O57}" ]]; then | |
| rm -f "${O57}" | |
| fi |