Skip to content

Instantly share code, notes, and snippets.

View larsxschneider's full-sized avatar

Lars Schneider larsxschneider

324 followers · 27 following
View GitHub Profile
@esseti
esseti / print_stk.lua
Last active November 20, 2024 20:27
Read sticky table of HA proxy from lua action
function dump_str(o)
-- transform a table into a string for the printing.
-- found it on google
-- better to use print_r from here http://www.arpalert.org/haproxy-scripts.html
if type(o) == 'table' then
local s = '{ '
for k,v in pairs(o) do
if type(k) ~= 'number' then k = '"'..k..'"' end
s = s .. '['..k..'] = ' .. dump_str(v) .. ','
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 23, 2025 15:23
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@jonico
jonico / dashboard.xml
Created September 20, 2016 15:04
Splunk Dashboard for GitHub Enterprise
<dashboard>
<label>Octodemo performance stats</label>
<row>
<panel>
<chart>
<title>Top fetched repos</title>
<search>
<query>index="octodemo" upload-pack user| top repo</query>
<earliest>@w0</earliest>
<latest>now</latest>
@vsouza
vsouza / .bashrc
Last active April 20, 2025 21:15
Golang setup in Mac OSX with HomeBrew. Set `GOPATH` and `GOROOT` variables in zshell, fish or bash.
# Set variables in .bashrc file
# don't forget to change your path correctly!
export GOPATH=$HOME/golang
export GOROOT=/usr/local/opt/go/libexec
export PATH=$PATH:$GOPATH/bin
export PATH=$PATH:$GOROOT/bin
@ragingwind
ragingwind / Backend Architectures Keywords and References.md
Last active March 21, 2025 15:01
Backend Architectures Keywords and References
@alekstorm
alekstorm / git-reviewers
Last active April 15, 2023 05:51
Finds likely good reviewers for a commit or range of commits by getting a diff, then running `git blame` on the previous versions of each changed hunk. Outputs a sorted list of reviewer names, emails, and how many lines you've both touched. To use, name the file `git-reviewers`, put it somewhere in your $PATH, make it executable, and call it wit…
#!/usr/bin/env bash -ue
if [[ $# -lt 1 || $# -gt 2 ]]; then
echo "Usage: git $(basename "$0" | sed 's/^git-//') <end-commit> [<start-commit>]"
exit 1
fi
diff_range="$1^..$1"
end_commit="$1^"
if [[ $# -eq 2 ]]; then
@agnoster
agnoster / github.com.js
Created October 17, 2012 15:59
Like editing files in an open pull request?
/**
* 1) Use http://defunkt.io/dotjs/
* 2) Install this into ~/.js/github.com.js
* 3) Enjoy a button to edit any file on a pull request (some restrictions may apply, void where prohibited)
*
* Note: this will replace the "View file @ ...", which I find pretty useless (and it's contained in the edit mode,
* anyway). However, if you want to look at files where you don't have access to edit them, this will suck.
*/
function getBranch() {
@torsten
torsten / fix-whitespace.sh
Created September 12, 2012 13:58
Pre-commit hook script for git to fix whitespace and long lines.
#!/bin/sh
# Pre-commit hook for git which removes trailing whitespace, converts tabs to spaces, and enforces a max line length.
if git-rev-parse --verify HEAD >/dev/null 2>&1 ; then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
fi
@erikh
erikh / hack.sh
Created March 31, 2012 07:02 — forked from DAddYE/hack.sh
OSX For Hackers
#!/usr/bin/env sh
##
# This is script with usefull tips taken from:
# https://github.com/mathiasbynens/dotfiles/blob/master/.osx
#
# install it:
# curl -sL https://raw.github.com/gist/2108403/hack.sh | sh
#
@torsten
torsten / property-access.m
Created March 27, 2012 08:32
Benchmark to measure how much slower property access is vs direct member access.
// Compile as: clang -O4 -framework Foundation property-access.m && ./a.out
#import <Foundation/Foundation.h>
// Performance timer, credit: Lars Schneider @kit3bus
#import <mach/mach_time.h>
#define MAKE_NSSTRING(str) (NSString *)CFSTR(#str)
#define START(name) \