Skip to content

Instantly share code, notes, and snippets.

View yaleman's full-sized avatar
🦀
Terribl. Really terribl.

James Hodgkinson yaleman

🦀
Terribl. Really terribl.
61 followers · 34 following
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 16, 2024 12:28
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@merlinmann
merlinmann / wisdom.md
Last active August 1, 2024 01:08
Merlin's Wisdom Project (Draft)

Merlin's Wisdom Project

Or: “Everybody likes being given a glass of water.”

By Merlin Mann.

It's only advice for you because it had to be advice for me.

@sm-Fifteen
sm-Fifteen / whats_a_yubikey.md
Last active September 16, 2024 19:49
"What the heck is a Yubikey and why did I buy one?": A user guide

"What the heck is a Yubikey and why did I buy one?": A user guide

(EDIT: Besides Reddit, I've also put this up on Github Gist)

So while looking for information on security keys before getting one myself, I got very confused reading about all the different modes and advertised features of Yubikeys and other similar dongles. The official documentation tends to be surprisingly convoluted at times, weirdly organized and oddly shy about a few of the limitations of these keys (which I'm making a point of putting front and center). Now that I have one, I decided to write down everything I figured out in order to help myself (and hopefully some other people reading this) make sense of all this.

Since I'm partly writing these notes for myself, there might be some back and forth between "exp

@kyhwana
kyhwana / blocksigners.sh
Last active June 21, 2023 11:41
Block RMS support letter signers
#replace "<PAT TOKEN>" with your github PAT token, tested with "Update ALL user data" PAT token.
curl -q https://rms-support-letter.github.io/ | grep "href" | grep "github.com" | grep -v "\/\[" | awk -F "https://github.com/" '{ print $2 }' | awk -F "\"\>" '{ print $1 }' | sed 's/\///g' | sed '/^$/d' | xargs -I USER curl -i -X PUT -H "Authorization: token <pat token here>" -H "Accept: application/vnd.github.v3+json" https://api.github.com/user/blocks/USER
@NZKoz
NZKoz / solar87
Created March 28, 2013 01:38
Riyadh Solar Time
# <pre>
# This file is in the public domain, so clarified as of
# 2009-05-17 by Arthur David Olson.
# So much for footnotes about Saudi Arabia.
# Apparent noon times below are for Riyadh; your mileage will vary.
# Times were computed using formulas in the U.S. Naval Observatory's
# Almanac for Computers 1987; the formulas "will give EqT to an accuracy of
# [plus or minus two] seconds during the current year."
#
@jboner
jboner / latency.txt
Last active November 18, 2024 08:23
Latency Numbers Every Programmer Should Know
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD