Skip to content

Instantly share code, notes, and snippets.

View jakewarren's full-sized avatar

jakewarren

86 followers · 131 following
View GitHub Profile
@rscs
rscs / FlipperZero-RFID-blanks.md
Last active January 19, 2025 00:17
Rewritable RFID blanks for Flipper Zero

A list of rewritable RFID blanks that are compatible with Flipper Zero.

X indicates a particular protocol is writable.

? indicates it is unknown if a particular protocol is writable.

Brand Type Chip EM4100 H10301 Indala26 IoProxXSF AWID FDX-A FDX-B HIDProx HIDExt Pyramid Viking Jablotron Paradox PAC/Stanley Keri Gallagher
ETEKJOY Fob EM4305 X X X X X X
@teroyks
teroyks / nitter_bookmarklet.js
Last active September 18, 2023 14:46
Redirect a Twitter URL to Nitter
javascript:(() => { const nitter_instance = 'nitter.net'; const current_url = window.location.href; window.location.href = current_url.replace(/(mobile\.)?twitter\.com/, nitter_instance); })();
@gmurdocca
gmurdocca / socat_caesar_dpi.md
Last active June 28, 2024 15:53
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

@johannrichard
johannrichard / README.md
Last active July 17, 2023 21:27
E-Mail Retention Policies for Gmail

How to bring E-Mail retention policies to Gmail / Google Mail:

  • Go to Google Scripts and create a blank project (make sure you are logged into your Google account);
  • paste the code (below) (and modify the policies as needed);
  • set a trigger (Resources -> Current Project's Triggers -> Add one now) to run it at the preferred interval; and
  • create filters in Gmail/Google Mail that set policies when specific messages arrive

Inspired and adapted from Gmail Automation: 5 Useful Google Scripts to Automate Your Gmail

@bartman
bartman / watch-cgroup-memory-usage
Last active November 17, 2021 15:19
watch-cgroup-memory-usage
#!/bin/bash
#
# watch cgroup 'browsers' memory activity
#
# best served with ...
#
# https://gist.github.com/jakewarren/477ecd1149abe908cbd5cf7a7c9abaa3
self=$0
SUDO=
@kennethso168
kennethso168 / restic_backup.sh
Last active November 30, 2021 00:07
My Backup Solution
#!/bin/bash
# Location of your restic repo
export RESTIC_REPOSITORY=/run/media/kenneth/MyBook/restic
# Password of the restic repo
# Use a keyring to store the password so it isn't stored in plaintext on disk
# Install python-keyring (Arch) to use this command
export RESTIC_PASSWORD=`keyring get restic MyBook`
if ! restic snapshots
@haccer
haccer / scanio.sh
Last active February 18, 2025 14:06
PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar
#!/bin/bash
# Usage : ./scanio.sh <save file>
# Example: ./scanio.sh cname_list.txt
# Premium
function ech() {
spinner=( "|" "/" "-" "\\" )
while true; do
for i in ${spinner[@]}; do
echo -ne "\r[$i] $1"
@Neo23x0
Neo23x0 / audit.rules
Last active March 11, 2025 10:24
Linux Auditd Best Practice Configuration
# IMPORTANT!
# This gist has been transformed into a github repo
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd
# ___ ___ __ __
# / | __ ______/ (_) /_____/ /
# / /| |/ / / / __ / / __/ __ /
# / ___ / /_/ / /_/ / / /_/ /_/ /
# /_/ |_\__,_/\__,_/_/\__/\__,_/
@lucaswerkmeister
lucaswerkmeister / sandbox.conf
Created October 22, 2017 13:56
systemd sandbox for apache2.service on Debian Stretch (systemd v232)
[Service]
# read /var/lib/dehydrated/
CapabilityBoundingSet=CAP_DAC_OVERRIDE
# bind port 80 + 443
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
# drop privileges to www-data
CapabilityBoundingSet=CAP_SETUID CAP_SETGID
# call ulimit
CapabilityBoundingSet=CAP_SYS_RESOURCE
# partially mitigate CAP_DAC_OVERRIDE
@ryboe
ryboe / .travis.yml
Last active December 5, 2024 03:44
Example .travis.yml for Golang
# use the latest ubuntu environment (18.04) available on travis
dist: bionic
language: go
# You don't need to test on very old versions of the Go compiler. It's the user's
# responsibility to keep their compiler up to date.
go:
- 1.16.x