Skip to content

Instantly share code, notes, and snippets.

View FutureBody's full-sized avatar

FutureBody

51 followers · 478 following
View GitHub Profile
@FutureBody
FutureBody / Generic keys
Created October 9, 2024 03:28 — forked from h4x0r-dz/Generic keys
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@FutureBody
FutureBody / カーネルパラメータチューニング項目整理.md
Created July 15, 2024 07:25 — forked from matsukaz/カーネルパラメータチューニング項目整理.md
sysctl

sysctlで設定可能な項目について調査した内容。

@FutureBody
FutureBody / gist:93093b615f419a2667521dd84e64956f
Created July 15, 2024 07:24 — forked from kwilczynski/gist:5871135
Few tweaks ...
/etc/sysctl.conf:
kernel.printk = 4 4 1 7
kernel.printk_ratelimit = 5
kernel.printk_ratelimit_burst = 10
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
@FutureBody
FutureBody / pipeline_trick.md
Created January 26, 2024 06:55 — forked from izabera/pipeline_trick.md

A funky shell thingy that I've never seen before

So you're in posix sh and you want to do the equivalent of this in bash:

foo | tee >(bar) >(baz) >/dev/null

(Suppose that bar and baz don't produce output. Add redirections where needed if that's not the case.)

@FutureBody
FutureBody / async_sqlite.py
Created January 19, 2024 06:06 — forked from xsduan/async_sqlite.py
peewee-async sqlite connection doohicky
"""
Temporary module to allow for sqlite databases during development. Remove once
we get an actual database.
"""
import peewee
from peewee_async import AsyncDatabase
import playhouse.sqlite_ext as sqlite_ext
try:
import aiosqlite
@FutureBody
FutureBody / tcpdump.py
Created November 30, 2023 11:25 — forked from gteissier/tcpdump.py
Pythonic tcpdump: copy, paste, and enjoy
#!/usr/bin/env python
'''
It has been tested with either py2 or py3.
Beware ancient versions of Linux kernel which may not support SOCK_NONBLOCK
or the memory mapped ring buffer.
BPF filter listed below is compiled form of "not port 22"
if you want to change it, do something like
@FutureBody
FutureBody / pyrawcap.py
Created November 29, 2023 11:32 — forked from DiabloHorn/pyrawcap.py
Python sniffer using only raw sockets
#!/usr/bin/env python
#DiabloHorn https://diablohorn.com
#raw python pcap creater
#based on
# http://askldjd.com/2014/01/15/a-reasonably-fast-python-ip-sniffer/
#additional references
# http://www.kanadas.com/program-e/2014/08/raw_socket_communication_on_li.html
import sys
import time
@FutureBody
FutureBody / gist:98e4566ad8ac90fb5d6b85755bcad25d
Created October 12, 2023 10:19 — forked from mtigas/gist:952344
Mini tutorial for configuring client-side SSL certificates.

Client-side SSL

For excessively paranoid client authentication.

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

@FutureBody
FutureBody / GitHub-Leaked-API-Keys-and-Secrets.md
Created June 19, 2023 02:46 — forked from win3zz/GitHub-Leaked-API-Keys-and-Secrets.md

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@FutureBody
FutureBody / nginx ip_hash策略
Created June 13, 2023 11:25 — forked from banjin/nginx ip_hash策略
在工作中经常使用Nginx的IP_hash策略做负载均衡,所以记录一下使用中的疑惑。
当对后端的多台动态应用服务器做负载均衡时,ip_hash指令能够将某个客户端IP的请求通过哈希算法定位到同一台后端服务器上。这样,当来自某个IP的用户在后端Web服务器A上登录后,再访问该站点的其他URL,能够保证其访问的还是后端Web服务器A。
如果不采用ip_hash指令,假设来自某个IP的用户在后端Web服务器A上登录后,再访问该站点的其他URL,有可能被定向到后端Web服务器B,C...上,由于用户登录后SESSION信息是记录在服务器A上的,B,C...上没有,这时就会提示用户来登录
在ip_hash策略中,它选择最初的server的方法是根据请求客户真个IP计算出一个哈希值,再根据哈希值选择后台的服务器。
1)由IP计算哈希值的算法如下, 其中公式中hash初始值为89,iphp->addr[i]表示客户真个IP, 通过三次哈希计算得出一个IP的哈希值:
  for (i = 0; i < 3; i++) {
  hash = (hash * 113 + iphp->addr[i]) % 6271;