Skip to content

Instantly share code, notes, and snippets.

View yeukhon's full-sized avatar

Yeuk Hon Wong yeukhon

  • TikTok USDS / ByteDance
  • New York, NY
  • 08:41 (UTC -05:00)
View GitHub Profile
@cdunklau
cdunklau / coroutine_limiter.py
Last active October 19, 2017 23:41
Constrain number of simultanous HTTP requests with asyncio
import asyncio
import itertools
import aiohttp
import async_timeout
async def fetch_with_response_delay(session, delay):
if not 0 <= delay <= 10:
raise ValueError('Delay must be between 0 and 10 inclusive')
# Install https://www.vaultproject.io/
brew install vault
# Start dev vault server in a separate terminal
vault server -dev
# ==> Vault server configuration:
# ...
# Unseal Key: 7ACQHhLZY5ivzNzhMruX9kSa+VXCah3y87hl3dPSWFk=
# Root Token: 858a6658-682e-345a-e4c4-a6e14e6f7853
@vasanthk
vasanthk / System Design.md
Last active November 19, 2024 10:54
System Design Cheatsheet

System Design Cheatsheet

Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps

  1. Clarify and agree on the scope of the system
  • User cases (description of sequences of events that, taken together, lead to a system doing something useful)
    • Who is going to use it?
    • How are they going to use it?
@z0mbix
z0mbix / tcpdump-es-capture
Created December 19, 2014 14:45
Capture Elasticsearch Queries
# tcpdump -A -nn -s 0 'tcp dst port 9200 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
14:32:33.525122 IP 127.0.0.1.49777 > 127.0.0.1.9200: Flags [P.], seq 313752908:313753888, ack 2465010394, win 257, options [nop,nop,TS val 2684167067 ecr 2684167066], length 980
E...^.@[email protected]#...}L...............
..#...#.GET /index/_search HTTP/1.1
Host: 127.0.0.1:9200
Accept: */*
Content-Length: 845
Content-Type: application/x-www-form-urlencoded
@bdclark
bdclark / hipchat_notify.py
Last active July 29, 2018 17:58
Example python function to notify HipChat room using API version 2
#!/usr/bin/env python
from __future__ import print_function
import requests
import sys
import json
def hipchat_notify(token, room, message, color='yellow', notify=False,
format='text', host='api.hipchat.com'):
# to use:
# 1. put this file in ~/callstatement/callstatement.py
# 2. make a file ~/Library/Python/2.7/site-packages/derp.pth with this as the contents:
# "/Users/USER/callstatement/\nimport callstatement\n"
# 3. export PYTHONIOENCODING="callstatement_utf8"
# warning: EXTREMELY NASTY DO NOT USE IN PRODUCTION CODE
# WILL BREAK EVERYTHING I AM NOT RESPONSIBLE IF
# YOU'RE FOOLISH ENOUGH TO ACTUALLY TRY TO USE
# THIS
@jsantell
jsantell / task-in-sdk.js
Last active August 29, 2015 14:01
Using Task.jsm in SDK
const { Task } = Cu.import("resource://gre/modules/Task.jsm", {});
const { defer, all } = require("sdk/core/promise");
const { setTimeout } = require("sdk/timers");
Task.spawn(function *() {
let item1 = yield getItem(1);
let [item2, item3] = yield all([getItem(2), getItem(3)]);
console.log(item1, item2, item3); // 1, 2, 3
}).then(function () {
console.log('all items processed')
@epixoip
epixoip / cloudflare_challenge
Last active December 2, 2023 11:53
How I obtained the private key for www.cloudflarechallenge.com
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.
@joernchen
joernchen / bounty.txt
Created February 22, 2014 16:17
Bounty writeup
GitHub RCE by Environment variable injection Bug Bounty writeup
Disclaimer: I'll keep this really short but I hope you'll get the key points.
GitHub blogged a while ago about some internal tool called gerve:
https://github.com/blog/530-how-we-made-github-fast
Upon git+sshing to github.com gerve basically looks up your permission
on the repo you want to interact with. Then it bounces you further in
another forced SSH session to the back end where the repo actually is.
@dutc
dutc / notes.md
Last active July 1, 2022 20:57
CPython workshop

themes

  1. CPython for greater understanding of the Python programming language (but "reference implementations always overspecify") Reading source to solve problems
  2. getting involved, contributing to the project

introduction

This workshop will cover the basics of the CPython runtime and interpreter. There is an enormous amount of material to cover, and I'll try to to rush through as much as I can.