Skip to content

Instantly share code, notes, and snippets.

View kenn's full-sized avatar

Kenn Ejima kenn

300 followers · 63 following
View GitHub Profile
@kenn
kenn / how-to-use.md
Last active November 29, 2025 17:33
SHA1-hulud Supply Chain Attack Scanner

SHA1-hulud Supply Chain Attack Scanner

A bash script to detect indicators of compromise from the SHA1-hulud npm supply chain attack.

Background

SHA1-hulud is a supply chain attack targeting npm packages discovered in late 2025. Attackers compromise legitimate npm maintainer accounts and publish malicious versions that execute code during npm install.

Reference: https://thehackernews.com/2025/11/second-sha1-hulud-wave-affects-25000.html

@kenn
kenn / local-domain.md
Created August 18, 2023 07:23
Keep separate cookies and passwords for multiple projects

Local Domains for Development

tl;dr

Install dnsmasq to make all .test domains point to localhost on your Mac.

Why and how to set up .test domain on your Mac

When we work on a local machine for development, we usually point to localhost:3000 in the browser. But using that domain for everything comes with some downsides when you work on multiple projects.

@kenn
kenn / poller.tsx
Created July 21, 2023 17:18
import { useRevalidator } from '@remix-run/react'
import { useEffect } from 'react'
// Rendering will ensure all page loaders are revalidated according to a given
// frequency
export const Poller = ({ seconds }) => {
usePolling(seconds)
return null
}
@kenn
kenn / qdrant_merge.py
Created April 30, 2023 02:22
def scroll_merge(klass, source_names, target_name, batch_size = 100):
Qdrant.recreate(target_name) # reset target collection
def generator(source_name):
offset = None
while True:
# Scroll https://qdrant.tech/documentation/points/#scroll-points
# https://github.com/qdrant/qdrant-client/blob/master/qdrant_client/qdrant_client.py#L412
result = Qdrant.client.scroll(
@kenn
kenn / gist:f2a0d1f52358b9b2770b
Created December 2, 2014 04:48
/etc/hosts
199.91.171.93 bb-m.rubygems.org
54.186.104.15 api.rubygems.org rubygems.org
@kenn
kenn / staging.rb
Created September 14, 2014 21:32
config/environments/staging.rb
require Rails.root.join('config/environments/production')
MyApp::Application.configure do
config.action_dispatch.tld_length = 2 # domain.com vs staging.domain.com
end
@kenn
kenn / gist:67730a44a0dc5078defd
Created July 18, 2014 20:21
#pragma mark - Original
- (NSURLSessionDataTask *)GET:(NSString *)URLString
parameters:(id)parameters
success:(void (^)(NSURLSessionDataTask *task, id responseObject))success
failure:(void (^)(NSURLSessionDataTask *task, NSError *error))failure;
#pragma mark - Overrides
- (NSURLSessionDataTask *)GET:(NSString *)URLString
@kenn
kenn / gist:fd4cc798804508c3de6d
Last active August 29, 2015 14:02
Bot IPs
# cat auth.log | grep Failed | grep root | cut -d ' ' -f 11 | sort | uniq
111.74.238.101
111.74.238.103
111.74.238.104
111.74.238.124
111.74.238.138
111.74.238.151
111.74.238.152
111.74.238.153
111.74.238.167
@kenn
kenn / gist:c59256c77af5fc03b241
Created June 13, 2014 01:09
mysql> explain SELECT * FROM messages USE INDEX (index_messages_on_friend_id_and_id) WHERE friend_id = 100 AND (id < 1000000) ORDER BY id DESC LIMIT 10\G
*************************** 1. row ***************************
id: 1
select_type: SIMPLE
table: messages
type: range
possible_keys: index_messages_on_friend_id_and_id
key: index_messages_on_friend_id_and_id
key_len: 8
ref: NULL
@kenn
kenn / doorkeeper.rb
Created June 6, 2014 16:50
Doorkeeper client_secret obfuscation
# config/initializers/doorkeeper.rb
Doorkeeper.configure do
client_credentials :from_obfuscated_params
end
module Doorkeeper
module OAuth
class Client
module Methods
def from_obfuscated_params(request)