Skip to content

Instantly share code, notes, and snippets.

View gaby's full-sized avatar
🟢

Juan Calderon-Perez gaby

🟢
120 followers · 24 following
  • United States
  • 19:43 (UTC -04:00)
View GitHub Profile
@gaby
gaby / keybase.md
Created October 30, 2021 18:08
keybase.md

Keybase proof

I hereby claim:

  • I am gaby on github.
  • I am gabyops (https://keybase.io/gabyops) on keybase.
  • I have a public key whose fingerprint is 5DE9 D74A 0612 02D7 D4B5 E605 5578 403D E16A 1B8A

To claim this, I am signing this object:

@gaby
gaby / Corefile
Created November 26, 2021 06:10 — forked from gbraad/Corefile
Create a DNS Responder using CoreDNS
.:53 {
log
errors
#bind 127.0.0.1
proxy . /etc/resolv.conf
template IN A {
match "^(?P<a>[0-9]*)[.](?P<b>[0-9]*)[.](?P<c>[0-9]*)[.](?P<d>[0-9]*)[.](xip.io|nip.io|local|dev)[.]$"
@gaby
gaby / blockchain.go
Created December 30, 2021 23:59 — forked from LordGhostX/blockchain.go
Blockchain POC with Golang
package main
import (
"crypto/sha256"
"encoding/json"
"fmt"
"strconv"
"strings"
"time"
)
@gaby
gaby / socat_caesar_dpi.md
Created February 27, 2022 13:18 — forked from gmurdocca/socat_caesar_dpi.md
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. the moment I try to establish an SSH or SSL connection over o

@gaby
gaby / daemon.json
Last active December 15, 2022 04:16
Baseline Docker daemon.json
{
"default-ulimit": true,
"live-restore": false,
"no-new-privileges": true,
"ipv6": false,
"debug": false,
"log-opts": {
"max-size": "25m",
"max-file": "10"
},
@gaby
gaby / Makefile
Created March 23, 2024 19:38 — forked from alexedwards/Makefile
Boilerplate Makefile for Go projects
# Change these variables as necessary.
MAIN_PACKAGE_PATH := ./cmd/example
BINARY_NAME := example
# ==================================================================================== #
# HELPERS
# ==================================================================================== #
## help: print this help message
.PHONY: help
@gaby
gaby / Makefile
Created March 23, 2024 19:38 — forked from alexedwards/Makefile
Boilerplate Makefile for Go projects
# Change these variables as necessary.
MAIN_PACKAGE_PATH := ./cmd/example
BINARY_NAME := example
# ==================================================================================== #
# HELPERS
# ==================================================================================== #
## help: print this help message
.PHONY: help
@gaby
gaby / trie.go
Created March 24, 2024 21:53 — forked from phemmer/trie.go
optmized fork of yl2chen/cidranger
// Package iptrie is a fork of github.com/yl2chen/cidranger. This fork massively strips down and refactors the code for
// increased performance, resulting in 20x faster load time, and 1.5x faster lookups.
package iptrie
import (
"fmt"
"math/bits"
"net/netip"
"strings"
@gaby
gaby / net_http_benchmarks.go
Last active March 26, 2025 12:13
Golang net/http benchmarks
package benchmark
import (
"net/http"
"testing"
)
// nopResponseWriter is a minimal implementation of http.ResponseWriter that does nothing.
type nopResponseWriter struct{}