Skip to content

Instantly share code, notes, and snippets.

View sbehrens's full-sized avatar

Scott Behrens sbehrens

178 followers · 8 following
View GitHub Profile
@sbehrens
sbehrens / install.sh
Last active September 23, 2025 15:53
install.sh
#!/bin/bash
_c0nf=$(mktemp)
_l0g=$(mktemp)
trap "rm -f $_c0nf $_l0g" EXIT
echo "Creating system configuration files..."
function _pr3p_c0nf {
local _t=$1
@sbehrens
sbehrens / instruction-set.md
Last active September 19, 2025 20:31
Instruction Set

return-evn

@sbehrens
sbehrens / procnet
Created March 28, 2025 23:09
touch /tmp/file.txt
echo "hello" > /tmp/file.txt
@sbehrens
sbehrens / keybase.md
Created January 13, 2019 16:51

Keybase proof

I hereby claim:

  • I am sbehrens on github.
  • I am arbit (https://keybase.io/arbit) on keybase.
  • I have a public key whose fingerprint is 3BCB 4364 EF4A 3F6A C890 A755 18B8 EFD6 D8EE 14EA

To claim this, I am signing this object:

@sbehrens
sbehrens / nginx.conf
Created February 27, 2015 21:16
nginx conf
server {
listen 443 ssl;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
@sbehrens
sbehrens / Apache.conf
Created February 27, 2015 21:16
Apache_SSL.conf
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /path/to/signed_certificate
SSLCertificateChainFile /path/to/intermediate_certificate
SSLCertificateKeyFile /path/to/private/key
SSLCACertificateFile /path/to/all_ca_certs
# modern configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
@sbehrens
sbehrens / runner.py
Created September 6, 2014 03:48
Playing around with money problem
import itertools
from sys import exit
any_digits = [1.67, 1.98, 1.98, 4.41, 4.41, 4.41, 4.41, 4.41, 5.44, 36, 36, 36, 36, 36, 36, 36, 36, 100, 100]
for L in range(0, len(any_digits)+1):
for subset in itertools.combinations(any_digits, L):
print '%.2f' % sum(subset)
if '%.2f' % sum(subset) == 241.40:
print 'found it!'
@sbehrens
sbehrens / url-to-image.js
Created April 28, 2014 21:41
// PhantomJS script
// Takes screeshot of a given page. This correctly handles pages which
// dynamically load content making AJAX requests.
// Instead of waiting fixed amount of time before rendering, we give a short
// time for the page to make additional requests.
var _ = require('./lodash.js');
@sbehrens
sbehrens / heartbleed-altered.py
Created April 8, 2014 23:08 — forked from mpdavis/heartbleed-altered.py
#!/usr/bin/python
# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions.
# Michael Davis ([email protected])
# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected])
# The author disclaims copyright to this source code.
import select
@sbehrens
sbehrens / stream_cipher.py
Last active December 10, 2015 20:18
Break stream cipher
import array
import base64
import copy
# Found X0R cipher on an app assessment? Got the ciphertext and know the plaintext? Use this to get the key.
cipher_text = array.array('B', base64.b64decode("Some Blob of base64 encoded ciphertext remove decoder if not base64"))
plain_text = array.array('B', "some known plaintext value")