swlkr swlkr

URL	Stars	Created
http://github.com/ahungry/ahungry-janet	3	2020-05-29 02:54:07
http://github.com/ahungry/ahungry-janet-user	0	2020-05-29 04:28:45
http://github.com/ahungry/janet-code	8	2019-07-28 05:10:59
http://github.com/ahungry/janet-p99-map	1	2020-05-10 04:13:27
http://github.com/ahungry/janet-pobox	7	2020-05-27 04:36:08
http://github.com/ahungry/janet-xbuild	2	2020-05-28 14:17:09
http://github.com/ahungry/puny-gui	83	2020-04-24 02:52:59
http://github.com/ahungry/puny-server	1	2020-04-23 01:42:38

How Clojure's documentation can leapfrog other languages

Summary

I made a documentation generator that cashes in on Clojure's dynamism. See the play-cljs docs (a ClojureScript game library) for an example of its output.

The Problem

Like many of you, I've often wondered what my final regret will be on my deathbed. My best guess came to me in a dream recently. I was walking across the charred earth of an apocalyptic future world, maneuvering around the remains of the less fortunate. I was startled to find a young girl, barely holding onto her life. She murmured something to me. I asked her to repeat it, and she said more loudly: "I...wish your Clojure projects didn't have such crappy documentation."

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output

	# Rails production setup via SQLite3 made durable by https://litestream.io/
	# Copy this to Dockerfile on a fresh rails app. Deploy to fly.io or any other container engine.
	#
	# try locally: docker build . -t rails && docker run -p3000:3000 -it rails
	#
	# in production you might want to map /data to somewhere on the host,
	# but you don't have to!
	#
	FROM ruby:3.0.2

	(ns user.test
	(:refer-clojure :exclude [test])
	(:require
	[meander.epsilon :as m]
	[taoensso.timbre :refer [error]]))


	(def tests-enabled true)

	(defmacro test [& body]

	#!/bin/bash
	# Cloudflare as Dynamic DNS
	# From: https://letswp.io/cloudflare-as-dynamic-dns-raspberry-pi/
	# Based on: https://gist.github.com/benkulbertis/fff10759c2391b6618dd/
	# Original non-RPi article: https://phillymesh.net/2016/02/23/setting-up-dynamic-dns-for-your-registered-domain-through-cloudflare/

	# Update these with real values
	auth_email="[email protected]"
	auth_key="global_api_key_goes_here"
	zone_name="example.com"

	#!/usr/bin/env zsh

	#
	# Check file exists
	#

	if [ ! -f /tmp/foo.txt ]; then
	echo "File not found!" >&2
	exit 1
	fi

	;; I think it would be a mistake to introduce temporal coupling to prevent typos.

	;; The example program below lets you identify "missing" keys specs at
	;; the time and place of your choosing, and then handle them as you
	;; deem appropriate, without imposing those decisions on other
	;; users of spec.

	(require '[clojure.spec.alpha :as s]
	'[clojure.set :as set])

	(require '[clj-http.client :as http])
	(require '[clojure.core.async :as a])
	(require '[clojure.string :as string])
	(require '[clojure.java.io :as io])
	(import '[java.io InputStream])

	(def event-mask (re-pattern (str "(?s).+?\r\n\r\n")))

	(defn- parse-event [raw-event]
	(->> (re-seq #"(.): (.)\n?" raw-event)

	(defproject sse-example "0.1.0-SNAPSHOT"
	:dependencies [[org.clojure/clojure "1.8.0"]
	[cheshire "5.5.0"]
	[org.glassfish.jersey.media/jersey-media-sse "2.22.2"]])