Skip to content

Instantly share code, notes, and snippets.

@dnbrakk
dnbrakk / proposal.md
Created April 10, 2020 13:21 — forked from jessfraz/proposal.md
High-Level Security Profile Generator

High-Level Security Profile Generator

(originally from my proposal on moby/moby#17142 (comment) but generic)

The profile would generate artificats of an apparmor profile and seccomp filters.

Obviously doesn't have to be toml since that's super hipster :p

Assumptions

  • no one is going to sit and write out all the syscalls/capabilities their app needs
  • automatic profiling would be super cool but like aa-genprof it is never
@dnbrakk
dnbrakk / skylake-tuning-linux.md
Created April 10, 2020 13:04 — forked from Brainiarc7/skylake-tuning-linux.md
This gist will show you how to tune your Intel-based Skylake, Kabylake and beyond Integrated Graphics Core for performance and reliability through GuC and HuC firmware usage on Linux.

Tuning Intel Skylake and beyond for optimal performance and feature level support on Linux:

Note that on Skylake, Kabylake (and the now cancelled "Broxton") SKUs, functionality such as power saving, GPU scheduling and HDMI audio have been moved onto binary-only firmware, and as such, the GuC and the HuC blobs must be loaded at run-time to access this functionality.

Enabling GuC and HuC on Skylake and above requires a few extra parameters be passed to the kernel before boot.

Instructions provided for both Fedora and Ubuntu (including Debian):

Note that the firmware for these GPUs is often packaged by your distributor, and as such, you can confirm the firmware blob's availability by running:

Disabling GNOME Tracker and Other Info

GNOME's tracker is a CPU and privacy hog. There's a pretty good case as to why it's neither useful nor necessary here: http://lduros.net/posts/tracker-sucks-thanks-tracker/

After discovering it chowing 2 cores, I decided to go about disabling it.

Directories

Getting Started
Https://wizardforcel.gitbooks.io/web-hacking-101/content/ Web Hacking 101 Chinese
Https://wizardforcel.gitbooks.io/asani/content/ Easy to get Android security Chinese version
Https://wizardforcel.gitbooks.io/lpad/content/ Android penetration test study manual Chinese version
Https://wizardforcel.gitbooks.io/kali-linux-web-pentest-cookbook/content/ Kali Linux Web Penetration Test Cheats Chinese Version
Https://github.com/hardenedlinux/linux-exploit-development-tutorial Linux exploit Development Primer
Https://www.gitbook.com/book/t0data/burpsuite/details burpsuite actual guide
Http://www.kanxue.com/?article-read-1108.htm=&winzoom=1 Penetration Testing Node.js Application
Https://github.com/qazbnm456/awesome-web-security Web Security Information and Resources List
@dnbrakk
dnbrakk / sublime-text-3-setup.md
Created March 23, 2020 17:10 — forked from ijy/sublime-text-3-setup.md
My Sublime Text 3 setup.

Sublime Text 3 Setup

Install Package Control

Install Package Control for easy package management.

  1. Open the console with Ctrl+`
  2. Paste in the following:
@dnbrakk
dnbrakk / about:config.md
Created March 23, 2020 16:08 — forked from MrYar/Firefox-68
Firefox telemetry and spy removal

Firefox telemetry and data collection denial

This is a fork of haasn "Firefox bullshit removal" Also heavily based off pyllyukko "Firefox hardening" https://github.com/pyllyukko/user.js/

This guide has been tested to work on Firefox 68.1.0ESR and will probably work with other versions

Instead of manually editing about:config, make changes to the user.js file

###How to use the user.js file