Skip to content

Instantly share code, notes, and snippets.

View l-portet's full-sized avatar
🤙

Lucas Portet l-portet

🤙
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 15, 2024 17:02
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@sindresorhus
sindresorhus / esm-package.md
Last active November 15, 2024 15:20
Pure ESM package

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

  1. Use ESM yourself. (preferred)
    Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
  2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
  3. Stay on the existing version of the package until you can move to ESM.
@premek
premek / mv.sh
Last active March 5, 2024 17:43
Rename files in linux / bash using mv command without typing the full name two times
# Put this function to your .bashrc file.
# Usage: mv oldfilename
# If you call mv without the second parameter it will prompt you to edit the filename on command line.
# Original mv is called when it's called with more than one argument.
# It's useful when you want to change just a few letters in a long name.
#
# Also see:
# - imv from renameutils
# - Ctrl-W Ctrl-Y Ctrl-Y (cut last word, paste, paste)
@ManUtopiK
ManUtopiK / clean-graphql.js
Last active May 5, 2024 20:11
Clean graphql response : Remove edges, node and __typename from graphql response
/**
* Remove edges, node and __typename from graphql response
*
* @param {Object} input - The graphql response
* @returns {Object} Clean graphql response
*/
const cleanGraphQLResponse = function(input) {
if (!input) return null
const output = {}
const isObject = obj => {
@twxia
twxia / getScrollableParent.js
Created January 5, 2018 03:41
Get Scrollable Parent
function getScrollParent(node) {
const isElement = node instanceof HTMLElement;
const overflowY = isElement && window.getComputedStyle(node).overflowY;
const isScrollable = overflowY !== 'visible' && overflowY !== 'hidden';
if (!node) {
return null;
} else if (isScrollable && node.scrollHeight >= node.clientHeight) {
return node;
}
@remarkablemark
remarkablemark / .dockerignore
Last active January 24, 2023 23:20
Docker Node.js Example
node_modules/
*.log
@ayamflow
ayamflow / gist:b602ab436ac9f05660d9c15190f4fd7b
Created May 9, 2016 19:10
Safari border-radius + overflow: hidden + CSS transform fix
// Add on element with overflow
-webkit-mask-image: -webkit-radial-gradient(white, black);
@marcanuy
marcanuy / gist:06cb00bc36033cd12875
Created July 11, 2015 13:35
The 5,000 Most Frequently Used Domain Name Prefixes and Suffixes
1. my+ 1001. se+ 2001. thedaily+ 3001. empire+ 4001. herb+
2. +online 1002. test+ 2002. giant+ 3002. +cook 4002. +teen
3. the+ 1003. fish+ 2003. survey+ 3003. +deluxe 4003. affordable+
4. +web 1004. hk+ 2004. +conference 3004. +crunch 4004. proto+
5. +media 1005. florida+ 2005. twit+ 3005. michigan+ 4005. +ity
6. web+ 1006. fine+ 2006. pick+ 3006. cars+ 4006. myhome+
7. +world 1007. loan+ 2007. +dvd 3007. +forest 4007. plastic+
8. +net 1008. page+ 2008. cinema+ 3008. yacht+ 4008. +kc
9. go+ 1009. fox+ 2009. desi+ 3009. +wallet 4009. +foot
10. +group 1010. +gift 2010. act+ 3010. +contest 4010. +sup
@guilherme
guilherme / gist:9604324
Last active October 10, 2024 18:27
Git pre-commit hook that detects if the developer forget to remove all the javascript console.log before commit.
#!/bin/sh
# Redirect output to stderr.
exec 1>&2
# enable user input
exec < /dev/tty
consoleregexp='console.log'
# CHECK
if test $(git diff --cached | grep $consoleregexp | wc -l) != 0
then