| javascript:{var s = window.location.href.toString();var p=/\/(?:title|name)\/([a-zA-Z0-9])+\//gi;if (p.test(s)){try{var n=s.match(p)[0].split("\/")[2];window.open('http://letterboxd.com/imdb/'+n);}catch(e){}}};void(0); |
| #!/usr/bin/env python | |
| """ | |
| 2020 update: | |
| - More iterators, fewer lists | |
| - Python 3 compatible | |
| - Processes files in parallel | |
| (one thread per CPU, but that's not really how it works) | |
| """ |
This Gist is created in 2014, and it's highliy outdated now, according to one of mitmproxy's manjor contributor (check his comment below). Thanks for letting us know, @mhils!
Modern applications usually make use of back-end API servers to provide their services. With a non-transparent HTTPs proxy, which intercepts the communication between clients and servers (aka the man-in-the-middle scheme), you can easily manipulate both API requests and responses.
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
| var request = require('request'); | |
| var unzip = require('unzip'); | |
| var csv2 = require('csv2'); | |
| request.get('http://s3.amazonaws.com/alexa-static/top-1m.csv.zip') | |
| .pipe(unzip.Parse()) | |
| .on('entry', function (entry) { | |
| entry.pipe(csv2()).on('data', console.log); | |
| }) | |
| ; |
| install: | |
| - sudo apt-get install texlive-latex-recommended texlive-latex-extra texlive-fonts-recommended | |
| - sudo apt-get install chktex | |
| script: | |
| - make | |
| - chktex -W # Print version information. | |
| - chktex -q -n 6 *.tex chapters.*.tex 2>/dev/null | tee lint.out | |
| # If lint output is non-empty report an error. | |
| - test ! -s lint.out |
| #!/usr/bin/env python2 | |
| """ | |
| Author: takeshix <[email protected]> | |
| PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]). | |
| Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
| """ | |
| import sys,struct,socket | |
| from argparse import ArgumentParser |
| I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the | |
| 10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself | |
| that I too could do it. | |
| First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially | |
| believed that it would be highly improbable under normal conditions to obtain the private key | |
| through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's | |
| challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to | |
| extract private keys. So I wanted to see first-hand if it was possible or not. |
https://www.grc.com/misc/truecrypt/truecrypt.htm | https://twitter.com/stevebarnhart/status/472192457145597952
Steven Barnhart (@stevebarnhart) wrote to an eMail address he had used before and received several replies from “David.” The following snippets were taken from a twitter conversation which then took place between Steven Barnhart (@stevebarnhart) and Matthew Green (@matthew_d_green):
TrueCrypt Developer “David”: “We were happy with the audit, it didn't spark anything. We worked hard on this for 10 years, nothing lasts forever.”
Steven Barnhart: (Paraphrasing) Developer “personally” feels that fork is harmful: “The source is still available as a reference though.” >
| I hope this patch is acceptable in something like its present form. If | |
| so, I'll write up the documentation updates as well. (But I suspect it | |
| may spark some discussion.) | |
| It updates some rather outdated defaults hard-wired into GnuPG: | |
| 1. Default cipher algorithm: CAST5 -> AES256 | |
| 2. Default digest algorithm: SHA1 -> SHA512 | |
| 3. Default S2K hash algorithm: SHA1 -> SHA256 | |
| 4. Default S2K iterations: 255 (this takes about 400ms in E2E, not |
