Skip to content

Instantly share code, notes, and snippets.

View mehdichaouch's full-sized avatar
🤖
Happiness Developer

Mehdi Chaouch mehdichaouch

🤖
Happiness Developer
122 followers · 287 following
View GitHub Profile
@fvln
fvln / Jouons avec le phishing Paypal.md
Last active January 7, 2021 11:02
Quelques observations sur les attaques par phishing ciblant Paypal

Jouons avec le phishing Paypal

Courant septembre, j'ai testé un développement qui cherche des patterns parmi (les certificats TLS venant d'être délivrés publiquement)[http://certstream.calidog.io/]. La limite de cette recherche, c'est qu'elle s'applique sur des noms de domaines et pas des URL complètes ! Il suffit de filtrer ces certificats avec le mot-clé « paypal » pour obtenir des dizaines de noms de domaines malveillants par jour, avec parfois... juste un .zip à la racine. Comme j'en ai attrapé quelques-uns (ici 16shop), c'est l'occasion de les décortiquer ;)

Comment ça marche ?

Essayons de comprendre comment les attaquants travaillent !

@MaximeCulea
MaximeCulea / wp-cli-languages.sh
Last active January 31, 2023 13:36
Play with WordPress languages in cli.
#!/bin/bash
# Note the fifference between Install and Update
# Install : if the language doesn't exist, this is the first step to get the last asked language package. It is also needed, in order to update.
# Update : will get the last asked translation package, only if the language is already installed.
# Install core in french if not existing
wp language core install fr_FR
# Update all existing core languages
@asdfgeoff
asdfgeoff / compress_videos.py
Last active September 14, 2023 22:10
Bulk compress phone videos using H.265 HEVC encoding 🔥 More info: https://geoffruddock.com/bulk-compress-videos-x265-with-ffmpeg/
import click
from pathlib import Path
from subprocess import call, check_output
from tqdm import tqdm
@click.command()
@click.argument('directory', type=click.Path(exists=True))
@click.option('--recursive', is_flag=True, help='Recursive')
@click.option('--file-ext', help='File format to process')
def main(directory, file_ext='mp4', recursive=False):
@lewisvoncken
lewisvoncken / DB_CLEANUP_SCRIPT.php
Last active May 30, 2022 11:11
CVE-2019-8118 - DB_CLEANUP_SCRIPT
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
use Magento\Framework\App\Bootstrap;
use Magento\Framework\DB\Adapter\AdapterInterface;
use Magento\Framework\DB\Query\Generator;
use Magento\Framework\Exception\LocalizedException;
@kortina
kortina / pocket-bookmarklet.js
Created March 31, 2020 02:47
Pocket Bookmarklet That Avoids Cookie Errors
// Was getting the following error on many sites with the 'official' Pocket Bookmarklet
// ( available at https://getpocket.com/add/?ep=1 )
//
// VM171:1 Refused to load the script 'https://getpocket.com/b/r4.js?h=qqualnjcokmhwrrxefqvqbftooidhfpmommvsfsecblmtqugvmwf46684f1f0&u=https%3A%2F%2Fwww.linkedin.com%2Fpulse%2Fmechanics-war-economy-ray-dalio%2F&t=(6)%20The%20Mechanics%20of%20the%20War%20Economy%20%7C%20LinkedIn'
// because it violates the following Content Security Policy directive:
// "script-src 'report-sample' 'sha256-6gLjSWp3GRKZCUFvRX5aGHtECD1wVRgJOJp7r0ZQjV0=' 'unsafe-inline' s.c.lnkd.licdn.com static-fstl.licdn.com static-src.linkedin.com https://www.linkedin.com/voyager/service-worker-push.js s.c.exp1.licdn.com s.c.exp2.licdn.com static-lcdn.licdn.com s.c.lcdn.licdn.com https://www.linkedin.com/sc/ https://www.linkedin.com/scds/ https://qprod.www.linkedin.com/sc/ https://www.linkedin.com/sw.js https://www.linkedin.com/voyager/abp-detection.js https://snap.licdn.com/li.lms-analytics/insight.mi
@BrambleXu
BrambleXu / github_api_realtime.py
Created November 29, 2019 01:39
Get activity stream by GitHub API
import requests
headers ={
'Authorization': 'token <TOKEN>', # replace <TOKEN> with your token
}
response = requests.get('https://api.github.com/users/<username>/received_events', headers=headers) # replace <username> with your user name
data = response.json()
event_actions = {'WatchEvent': 'starred', 'PushEvent': 'pushed to'}
@worldofprasanna
worldofprasanna / download_apk.py
Created November 22, 2019 11:06
Download APK files from google play store
import sys
import os
from gpapi.googleplay import GooglePlayAPI
def main():
server = GooglePlayAPI('en_US', 'America/New York', 'bacon')
try:
server.login(email="<gmail userid>", password="<gmail password>")
storagepath = '/tmp/'
download = server.download('com.whatsapp', expansion_files=False)
@matheusgontijo
matheusgontijo / magento-2-debugging-tricks-mysql-query-fetchall-fetchrow-data-hydrate-and-xdebug.php
Created June 10, 2019 01:00
Magento 2 Debugging Tricks - MySQL Query, fetchAll, fetchRow, Data Hydrate & PHP xDebug by Matheus Gontijo
Magento 2 Debugging Tricks - MySQL Query, fetchAll, fetchRow, Data Hydrate & PHP xDebug by Matheus Gontijo
Video: https://www.youtube.com/watch?v=xLf3OwpAFhQ
-----------------------------------------------
1) Track MySQL queries
vendor/magento/zendframework1/library/Zend/Db/Adapter/Abstract.php::query
vendor/magento/zendframework1/library/Zend/Db/Select.php
@sundowndev
sundowndev / GoogleDorking.md
Last active April 24, 2025 13:38
Google dork cheatsheet

Google dork cheatsheet

Search filters

Filter Description Example
allintext Searches for occurrences of all the keywords given. allintext:"keyword"
intext Searches for the occurrences of keywords all at once or one at a time. intext:"keyword"
inurl Searches for a URL matching one of the keywords. inurl:"keyword"
allinurl Searches for a URL matching all the keywords in the query. allinurl:"keyword"
intitle Searches for occurrences of keywords in title all or one. intitle:"keyword"
@veritstudio
veritstudio / billing-address-mixin.js
Created May 24, 2019 19:34
Automatically check billing address same as shipping in Magento 2
define([
'jquery',
'Magento_Checkout/js/checkout-data',
'Magento_Checkout/js/model/quote'
],function ($, checkoutData, quote) {
'use strict';
return function (Component) {
return Component.extend({