Skip to content

Instantly share code, notes, and snippets.

View dzmitry-savitski's full-sized avatar

Dzmitry Savitski dzmitry-savitski

26 followers · 9 following
View GitHub Profile
@dzmitry-savitski
dzmitry-savitski / decrypt.js
Created April 9, 2025 14:13
Decrypt jwt
import { jwtDecrypt } from 'jose';
// Your base64-encoded 256-bit key (should decode to 32 bytes)
const base64Key = 'yourBase64EncodedKeyHere'; // example: "3q2+7w==..."
// Decode base64 to a Uint8Array
const key = Uint8Array.from(Buffer.from(base64Key, 'base64'));
// Your JWE compact token
const token = 'eyJalgIjoiZGlyIiwiZW5jIjoiQTI1NkdDTSJ9..<IV>.<ciphertext>.<tag>';
@dzmitry-savitski
dzmitry-savitski / gss.groovy
Created March 31, 2025 20:56
GSS groovy check
import javax.security.auth.login.LoginContext
import javax.security.auth.login.Configuration
import javax.security.auth.callback.*
import com.sun.security.auth.callback.TextCallbackHandler
class PasswordCallbackHandler implements CallbackHandler {
private String username
private String password
PasswordCallbackHandler(String username, String password) {
@dzmitry-savitski
dzmitry-savitski / cyberark.groovy
Created March 26, 2025 17:16
Groovy CyberArk example
import javax.net.ssl.*
import java.security.KeyStore
import java.io.*
import java.net.URL
// --- Configuration ---
def apiUrl = "https://<pvwa-url>/AIMWebService/api/Accounts"
def appId = "MyAppID"
def safe = "MySafe"
def objectName = "MyAccount"
@dzmitry-savitski
dzmitry-savitski / new.js
Last active January 30, 2025 20:28
puppeteer examle
const browser = await puppeteer.launch({ headless: false });
const page = await browser.newPage();
let openedAt = null;
let redirectedAt = null;
let endedAt = null;
// Promise to track when a redirect happens
let redirectPromise = new Promise(resolve => {
page.on('response', response => {
@dzmitry-savitski
dzmitry-savitski / client.py
Created November 8, 2024 21:57
Python Oauth 2.0 device code grant flow with PKCE client
import requests
import hashlib
import base64
import time
import urllib.parse
# Configuration
CLIENT_ID = 'your_client_id'
AUTHORIZATION_SERVER = 'https://authorization-server.com'
DEVICE_CODE_URL = f'{AUTHORIZATION_SERVER}/oauth/device/code'
@dzmitry-savitski
dzmitry-savitski / healhtcheck.java
Last active May 15, 2024 15:23
GSS healthcheck
https://github.com/ymartin59/java-kerberos-sfudemo/blob/df1f7dfd4801b06f1debc923e1cce4416ec02a7c/src/main/java/sfudemo/KerberosDemo.java#L154
@dzmitry-savitski
dzmitry-savitski / oracle.sh
Created December 15, 2023 13:02
#!/bin/bash
while true
do
oci resource-manager job create-apply-job --stack-id ocid1.ormstack.oc1.iad.<id> --execution-plan-strategy AUTO_APPROVED
sleep 300
done
@dzmitry-savitski
dzmitry-savitski / studocu.com unblur
Created November 4, 2023 11:50
Studocu uBlock Origin unblur, remove banner, latest 2023
studocu.com##div[style="display: block; user-select: none; filter: blur(4px);"]:style(filter: none !important;)
studocu.com##[id^="pf"] > [class^="_"]
@dzmitry-savitski
dzmitry-savitski / jenkins_decrypt.py
Created October 2, 2022 00:12
Jenkins decrypt credentials.xml python 3
#!/usr/bin/env python3
import re
import sys
import base64
from hashlib import sha256
from binascii import hexlify, unhexlify
from Crypto.Cipher import AES
MAGIC = b"::::MAGIC::::"
@dzmitry-savitski
dzmitry-savitski / user-name-rules.txt
Last active August 2, 2024 10:25
Generate user name lists suitable for brute force attacks from first name and last name using these John the Ripper rules
# Generate loins from First name & Last name wordlist (case insensitive)
# https://dzmitry-savitski.github.io/2020/04/generate-a-user-name-list-for-brute-force-from-first-and-last-name
[List.Rules:Login-Generator-i]
# johndoe
%1?w l Dp
# john_doe
%1?w l op_