Skip to content

Instantly share code, notes, and snippets.

View itobn's full-sized avatar

itobn

0 followers · 12 following
View GitHub Profile
@itobn
itobn / GitHub-Leaked-API-Keys-and-Secrets.md
Created November 21, 2024 18:20 — forked from win3zz/GitHub-Leaked-API-Keys-and-Secrets.md

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@itobn
itobn / bintoaes.py
Created December 4, 2024 09:54 — forked from caueb/bintoaes.py
AES encrypt binary and save the encrypted shellcode to a file.
import sys
from base64 import b64encode
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from Crypto.Random import get_random_bytes
import hashlib
KEY = get_random_bytes(16)
iv = 16 * b'\x00'
cipher = AES.new(hashlib.sha256(KEY).digest(), AES.MODE_CBC, iv)
@itobn
itobn / Allowing SSH on a server with an active OpenVPN client.md
Created April 16, 2025 17:14 — forked from Shourai/Allowing SSH on a server with an active OpenVPN client.md
Allowing SSH on a server with an active OpenVPN client

If you want to SSH to a VPS which is running openVPN do the following:
source: https://serverfault.com/questions/659955/allowing-ssh-on-a-server-with-an-active-openvpn-client

Enable

The problem is that the default gateway gets changed by OpenVPN, and that breaks your current SSH connection unless you set up appropriate routes before you start OpenVPN.

What follows works for me. It uses iptables and ip (iproute2). Below, it is assumed that the default gateway interface before OpenVPN is started is "eth0". The idea is to ensure that when a connection to eth0 is made, even if eth0 is not the default gateway interface anymore, response packets for the connection go back on eth0 again.

You could use the same number for the connection mark, firewall mark and routing table. I used distinct numbers to make the diffences between them more apparent.