pizzaboxer

Top 10 Web Application Security Risks

A1:2017-Exposed JS File (EJF): Having a .JS File exposed. This vulnerability would allow an attacker to expoit your webshell and upload a reverse shell onto the website. An example of this vulnerability in the wild can be seen here: https://doxbin.org/legacy/jquery.min.js

A2:2017-Exposed Login Page: Login page being accessible to the public. This should never be the case, as someone could login using it.

A3:2017-Having Subdomains: Many web applications might have subdomains (e.g. login.example.com, cdn.example.com). This is a vulnerability because it allows an attacker to visit your subdomains. An attacker could then possibly find a login page, which is another vulnerability.

A4:2017-Error Pages Enabled (EPE): Any type of error page (403, 404, 429) is con

Stevey's Google Platforms Rant

I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.

I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't real

	// ==UserScript==
	// @name Austiblox Anti-Adblock Bypass
	// @version 0.1
	// @description try to take over the world!
	// @author kickturn
	// @run-at document-start
	// @match https://austiblox.net/*
	// @icon https://www.google.com/s2/favicons?sz=64&domain=austiblox.net
	// @grant none
	// ==/UserScript==

	{
	"FFlagDebugDisableTelemetryEphemeralCounter": "True",
	"FFlagDebugDisableTelemetryEphemeralStat": "True",
	"FFlagDebugDisableTelemetryEventIngest": "True",
	"FFlagDebugDisableTelemetryPoint": "True",
	"FFlagDebugDisableTelemetryV2Counter": "True",
	"FFlagDebugDisableTelemetryV2Event": "True",
	"FFlagDebugDisableTelemetryV2Stat": "True"
	}

	KFZUS-F3JGV-T95Y7-BXGAS-5NHHP
	T3ZWQ-P2738-3FJWS-YE7HT-6NA3K
	KFZUS-F3JGV-T95Y7-BXGAS-5NHHP
	65Z2L-P36BY-YWJYC-TMJZL-YDZ2S
	SFZHH-2Y246-Z483L-EU92B-LNYUA
	GSZVS-5W4WA-T9F2E-L3XUX-68473
	FTZ8A-R3CP8-AVHYW-KKRMQ-SYDLS
	Q3ZWN-QWLZG-32G22-SCJXZ-9B5S4
	DAZPH-G39D3-R4QY7-9PVAY-VQ6BU
	KLZ5G-X37YY-65ZYN-EUSV7-WPPBS

	// ==UserScript==
	// @name @chaoticvibing Twitter Blue Nerd - twitter.com
	// @namespace Violentmonkey Scripts
	// @match ://.twitter.com/*
	// @match ://.x.com/*
	// @grant none
	// @version 1.9.2
	// @author @chaoticvibing - GH @busybox11
	// @description 11/9/2022, 11:45:28 PM
	// @updateURL https://gist.githubusercontent.com/busybox11/53c76f57a577a47a19fab649a76f18e3/raw

	public sealed class AsyncMutex : IAsyncDisposable
	{
	private readonly string _name;
	private Task? _mutexTask;
	private ManualResetEventSlim? _releaseEvent;
	private CancellationTokenSource? _cancellationTokenSource;

	public AsyncMutex(string name)
	{
	_name = name;

	class PngIconConverter
	{
	/* input image with width = height is suggested to get the best result */
	/* png support in icon was introduced in Windows Vista */
	public static bool Convert(System.IO.Stream input_stream, System.IO.Stream output_stream, int size, bool keep_aspect_ratio = false)
	{
	System.Drawing.Bitmap input_bit = (System.Drawing.Bitmap)System.Drawing.Bitmap.FromStream(input_stream);
	if (input_bit != null)
	{
	int width, height;