Skip to content

Instantly share code, notes, and snippets.

View todb's full-sized avatar

Tod Beardsley todb

183 followers · 2 following
View GitHub Profile
@todb
todb / cpill.rb
Last active October 3, 2015 17:08
CyanidePill -- poison your own DNS
#!/usr/bin/env ruby
# Note, this must be run as root, and is super dangerous.
# You should not use it. It was written in about 75 minutes total.
# Copyright (c) 2012 Tod Beardsley
# Licensed under the Ruby license.
require 'packetfu'
require 'net/dns'
@todb
todb / .bashrc
Created April 30, 2012 02:50
Stick this in your bashrc and don't wonder what branch/ruby/gemset you're using
# Git and RVM prompting
function git-current-branch {
git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/(\1) /'
}
export PS1="[\$(~/.rvm/bin/rvm-prompt v p g)] \$(git-current-branch)$PS1"
@todb
todb / sync-upstream.md
Created January 15, 2014 15:26
Keeping in sync with upstream, the Web UI way
@todb
todb / compromised-wallet.md
Last active August 29, 2015 14:06
@todb
todb / keybase.md
Created April 13, 2023 15:26

Keybase proof

I hereby claim:

  • I am todb on github.
  • I am todb (https://keybase.io/todb) on keybase.
  • I have a public key whose fingerprint is 8E11 43A1 E501 BAAD B40B E413 A2E8 1F2C 096E 6434

To claim this, I am signing this object:

@todb
todb / slack_user_management.md
Last active June 5, 2023 14:23
Describes an idea for CVE-CNA Slack workspace user management

Slack usage

We started the cve-cna workspace waaaay back in 2017 as a means to offer a more modern messaging system for the world's CNAs in this new-fangled federated world. Access to Slack has always been pretty open with very little human intervention. In these five and a half years, as you can imagine, we've collected a fair number of individual users; 389 at last count. This is great!

But, as you might also imagine, not everyone who is registered in the Slack workspace is, in fact, a current CNA representative. A job change is the usual reason why someone is in there who isn't a CNA. There is a small handful of CVE Board members and CVE working group members who are not CNAs, as well. Finally, there is the occasional interested person who has never been a CNA who has joined our little Slack community for their own inscrutable reasons.

Auditing membership

One way of ensuring that Slack is more-or-less "private for CNAs" is to regularly audit the membership list. Slack e

@todb
todb / bio.md
Last active February 19, 2025 02:49
Tod Beardsley Standard Bio

Tod Beardsley is VP of Security Research at runZero, where he "kicks assets and fakes frames." Prior to 2025, he was the Section Chief for the Vulnerability Response section for CSD/VM/VRC at CISA, the Cybersecurity and Infrastructure Security Agency, part of the US government. He's also a founder and CNA point of contact for AHA!. He spends much of his time involved in vulnerability research and coordinated vulnerability disclosure (CVD). He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern ICS/OT implementations. He has held IT ops, security, software engineering, and management positions in large organizations such as the Rapid7, 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Tod is a CVE Board member, has authored several [research papers](https://www.linkedin.com/in/todb/#publi

@todb
todb / cat-rename.js
Created January 19, 2024 17:29
Javascript Bookmarklet to replace the cat's name in Rats in the Walls
// Run the below in the developer console while on
// https://www.hplovecraft.com/writings/texts/fiction/rw.aspx
// or, save it as a bookmarklet and run it that way.
// Exactly how bookmarklets work for you is browser specific.
// Feel free to drop your own cat's name into newCatName, below.
// Wonder why I wrote this? Go to https://podsothoth.club and listen
// to espisodes 43 and 44 to find out!
(function() {