Skip to content

Instantly share code, notes, and snippets.

View thuandt's full-sized avatar
💀
This.isDevOps(powah_code=36)

Thuan Duong thuandt

💀
This.isDevOps(powah_code=36)
109 followers · 5 following
View GitHub Profile
@djspiewak
djspiewak / quick-tips-optimizing-jvm.md
Last active April 28, 2025 17:07

Quick Tips for Fast Code on the JVM

I was talking to a coworker recently about general techniques that almost always form the core of any effort to write very fast, down-to-the-metal hot path code on the JVM, and they pointed out that there really isn't a particularly good place to go for this information. It occurred to me that, really, I had more or less picked up all of it by word of mouth and experience, and there just aren't any good reference sources on the topic. So… here's my word of mouth.

This is by no means a comprehensive gist. It's also important to understand that the techniques that I outline in here are not 100% absolute either. Performance on the JVM is an incredibly complicated subject, and while there are rules that almost always hold true, the "almost" remains very salient. Also, for many or even most applications, there will be other techniques that I'm not mentioning which will have a greater impact. JMH, Java Flight Recorder, and a good profiler are your very best friend! Mea

@AutumnSun1996
AutumnSun1996 / server.py
Created May 4, 2023 14:07
prefect server with apikey and basic auth
"""A simple wrapper for prefect server, with apikey and basic auth check.
usage:
```bash
# Allow prefect cli to access the server with same PREFECT_API_KEY.
PREFECT_API_KEY=XX
# base64 encoded `username:password`. Allow users to access the server with user:password.
PREFECT_BASIC_AUTH=XX
# start server
uvicorn --host $PREFECT_SERVER_API_HOST --port $PREFECT_SERVER_API_PORT --factory server:create_auth_app
@win3zz
win3zz / GitHub-Leaked-API-Keys-and-Secrets.md
Last active May 10, 2025 05:50

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.