xero

                     ,_ ,_==▄▂
                  ,  ▂▃▄▄▅▅▅▂▅¾.            /    /
                   ▄▆<´  "»▓▓▓%\       / /   / /
                 ,▅7"     ´>▓▓▓%   /  / > / >/%
                 ▐¶▓       ,»▓▓¾´  /> %/%// /  /
                  ▓▃▅▅

joepie91

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

croepha

// This will open up a prompt for text to send to a console session on digital ocean
//  Useful for long passwords
(function () {        
        var t = prompt("Enter text to be sent to console, (This wont send the enter keystroke)").split("");
        function f() {
                
                var character = t.shift();
                var i=[];
                var code = character.charCodeAt();
                var needs_shift = "!@#$%^&*()_+{}:\"<>?~|".indexOf(character) !== -1

chrismdp

# You don't need Fog in Ruby or some other library to upload to S3 -- shell works perfectly fine
# This is how I upload my new Sol Trader builds (http://soltrader.net)
# Based on a modified script from here: http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash

S3KEY="my aws key"
S3SECRET="my aws secret" # pass these in

function putS3
{
  path=$1

kennwhite

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

akras14

Git Cheat Sheet

Commands

Getting Started

git init

or

grugq

Operational PGP

This is a guide on how to email securely.

There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.

bojieli

/* Heartbleed OpenSSL vulnerbility POC
 * CVE-2014-0160
 *
 * You need to modify OpenSSL client code: ssl/t1_lib.c, function tls1_heartbeat
 *   Previous line: \/\* Payload length (18 bytes here) \*\/
 *   Old line: s2n(payload, p);
 *   New line: s2n(65536 - 100, p); // pretend that we have so many bytes of payload...
 *
 * To compile:
 *   gcc -g -o testssl -Iinclude -L. -lssl ssl/*.o testssl.c

takeshixx

#!/usr/bin/env python2
"""
Author: takeshix <[email protected]>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]).

Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""

import sys,struct,socket
from argparse import ArgumentParser

sergeifilippov

server {
    server_name     $domain_name;
    root            /var/www;
    index           index.html index.php;
    access_log      /var/log/nginx/access.log;
    error_log       /var/log/nginx/error.log;

    # Cache static files for as long as possible
    location ~* \.(?:xml|ogg|mp3|mp4|ogv|svg|svgz|eot|otf|woff|ttf|css|js|jpg|jpeg|gif|png|ico)$ {
            try_files $uri =404;