Skip to content

Instantly share code, notes, and snippets.

View proudlygeek's full-sized avatar
🍕

Gianluca Bargelli proudlygeek

🍕
111 followers · 103 following
View GitHub Profile
@yonjah
yonjah / gist:5082855
Last active February 10, 2023 19:25
Blocking DDOS bots with JavaScript for fun and profit! Or how easy it is to break the current protection methods and how to make it better.
TL;DR - jump to the challenge at the end
====ON BLOCKING EVIL BOTS=====
On a resent job interview I had for "Incapsula" a few days ago I was put to the challenge to break
their bot protection mechanism. Apparently node.js is not that common among bot writes and most bots
are not able to run javascript.
The challenge had two parts -
1. find what the code does.
2. implement a bot that will break the code without using js.
3. think how to make this code unbreakable
@mwunsch
mwunsch / emoji_image_replace.js
Last active August 13, 2023 21:44
Detect emoji unicode on a page, replace it with images (supplied by GitHub, for now). Goes great in your ~/.js
/**
*
* Here's a thing that will look through all the text nodes of a document, and
* upon encountering an emoji codepoint, will replace it with an image.
* For now, those images are pulled from GitHub, which isn't very nice, so I
* need to find a more suitable host.
*
* Much of this code was gleaned from staring at the minified GitHub JS.
*
* Copyright (c) 2013 Mark Wunsch. Licensed under the MIT License.
anonymous
anonymous / gist:4702627
Created February 3, 2013 17:09
public class NodeContent
{
public NodeContent(int n)
{
this.Contenuto = n;
}
public int Contenuto { get; set; }
}
class DoubleLinkedListNode
{
@JangoSteve
JangoSteve / rails_omakase.rb
Last active December 12, 2015 01:58 — forked from postmodern/rails_omakase.rb
Works with Rails 2.2.x on Ruby 1.8.7. Really harmless, but if you see a `#<ActionController>` object in your params, that's bad.
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0333)
#
# ## Advisory
#
# https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
#
# ## Caveats
#
@andreapavoni
andreapavoni / state_machine.rb
Created February 1, 2013 10:12
module SimpleStateMachine
extend ActiveSupport::Concern
# instance methods
included do
def current_step
# model that includes this module must have a field called 'current_step'
super || steps.first
end
@postmodern
postmodern / rails_omakase.rb
Last active December 25, 2020 10:14
Proof-of-Concept exploit for the new Rails Remote Code Execution vulnerability (CVE-2013-0333)
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0333)
#
# ## Advisory
#
# https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo
#
# ## Caveats
#
anonymous
anonymous / App.js
Created January 15, 2013 23:40
Todo app example
// Todoapp using Localstorage
/*global window */
/*global document */
(function () {
"use strict";
window.todoApp = {
addTodoBtn: document.getElementById("addTodo"),
@freegenie
freegenie / unicorn.conf.rb
Created December 13, 2012 00:14
Unicorn after_fork block to have Rails write logs to a separare file for each worker.
after_fork do |server, worker|
log_path = Rails.root.join('log',"#{Rails.env}.#{worker.nr}.log")
new_logger = Logger.new(log_path)
new_logger.level = Logger::INFO
Rails.logger.flush
Rails.logger.close
Rails.logger = Rails.application.config.logger = ActiveSupport::TaggedLogging.new(new_logger)
@ryanfitz
ryanfitz / golang-nuts.go
Created December 2, 2012 22:45
two ways to call a function every 2 seconds
package main
import (
"fmt"
"time"
)
// Suggestions from golang-nuts
// http://play.golang.org/p/Ctg3_AQisl
@jasonroelofs
jasonroelofs / Timings.txt
Created November 29, 2012 18:23
Using Go for embarrassingly parallel scripts
] wc -l domains.txt
783 domains.txt
] time go run domain_lookup_parallel.go
real 0m5.743s
user 0m0.359s
sys 0m0.355s
] time go run domain_lookup_sequential.go