Skip to content

Instantly share code, notes, and snippets.

View slaypni's full-sized avatar

tanitter slaypni

40 followers · 4 following
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active April 2, 2025 13:39
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@max-mapper
max-mapper / bibtex.png
Last active November 6, 2024 09:03
How to make a scientific looking PDF from markdown (with bibliography)
bibtex.png
@err0r500
err0r500 / main.go
Last active May 24, 2024 02:37
gin gonic with jwt from auth0 (and CORS enabled)
package main
import (
"github.com/auth0/go-jwt-middleware"
"github.com/dgrijalva/jwt-go"
"gopkg.in/gin-gonic/gin.v1"
)
func main() {
startServer()
@nkt1546789
nkt1546789 / simple_classifier.py
Last active March 13, 2017 04:26
Probably this is the simplest classifier.
import numpy as np
from sklearn import preprocessing, base
class SimpleBinaryClassifier(base.BaseEstimator):
def fit(self, X, y):
"""
Requirement: y \in \{0, 1\}
"""
self.scaler = preprocessing.StandardScaler()
X = self.scaler.fit_transform(X)
@bastman
bastman / docker-cleanup-resources.md
Created March 31, 2016 05:55
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see: https://github.com/chadoe/docker-cleanup-volumes

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm

@ygotthilf
ygotthilf / jwtRS256.sh
Last active April 3, 2025 11:49
How to generate JWT RS256 key
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# Don't add passphrase
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
cat jwtRS256.key
cat jwtRS256.key.pub
@cromandini
cromandini / universal-framework.sh
Last active November 9, 2024 08:56 — forked from cconway25/gist:7ff167c6f98da33c5352
This run script will build the iphoneos and iphonesimulator schemes and then combine them into a single framework using the lipo tool (including all the Swift module architectures).
#!/bin/sh
UNIVERSAL_OUTPUTFOLDER=${BUILD_DIR}/${CONFIGURATION}-universal
# make sure the output directory exists
mkdir -p "${UNIVERSAL_OUTPUTFOLDER}"
# Step 1. Build Device and Simulator versions
xcodebuild -target "${PROJECT_NAME}" ONLY_ACTIVE_ARCH=NO -configuration ${CONFIGURATION} -sdk iphoneos BUILD_DIR="${BUILD_DIR}" BUILD_ROOT="${BUILD_ROOT}" clean build
xcodebuild -target "${PROJECT_NAME}" -configuration ${CONFIGURATION} -sdk iphonesimulator ONLY_ACTIVE_ARCH=NO BUILD_DIR="${BUILD_DIR}" BUILD_ROOT="${BUILD_ROOT}" clean build
@jeamland
jeamland / gist:11284662
Created April 25, 2014 10:20
Bluetooth LE on OS X via Python
import select
import socket
import sys
import objc
from PyObjCTools import AppHelper
objc.loadBundle("CoreBluetooth", globals(),
bundle_path=objc.pathForFramework(u'/System/Library/Frameworks/IOBluetooth.framework/Versions/A/Frameworks/CoreBluetooth.framework'))
@John07
John07 / HLS_dvr.sh
Last active August 19, 2024 09:03
A small script to make recording http live streams (HLS, those streams that work on iOS devices) nicer on a Mac. Script records the stream for a defined period of time and sends the user notifications if anything goes wrong and once it's done.
# required: ffmpeg (e.g. from homebrew), terminal-notifier from https://github.com/alloy/terminal-notifier
# you can schedule this with launchd to run e.g. weekly
# Specify in seconds how long the script should record (default here is 1 hour).
seconds=3600
# Date format for the recording file name
DATE=`date "+%d-%m-%y_%H-%M"`
# start ffmpeg recording