Skip to content

Instantly share code, notes, and snippets.

View evanslify's full-sized avatar

Ta-Lun Yen evanslify

31 followers · 3 following
View GitHub Profile
@extremecoders-re
extremecoders-re / openwrt-qemu.md
Last active April 25, 2025 20:47
Running OpenWRT ARM under QEMU

Environment

The steps shown below are done on a Ubuntu VM using Qemu 3.0

$ qemu-system-arm -version
QEMU emulator version 3.0.0
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers

To quit Qemu at any time press Ctrl+a x, i.e. Ctrl+a and then x

@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active May 8, 2025 01:11
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@frankbi
frankbi / never-copy-and-paste-code-from-the-internet-you-dont-understand.sh
Created May 4, 2016 19:47
curl -L http://bit.ly/10hA8iC | bash
@jsz0
jsz0 / brew-install.sh
Last active April 20, 2020 14:19
my default brew/cask installs
# firsrun:
# install xcode-cli-tools
# xcode-select --install
# install homebrew
# ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
# install caskroom
# brew install caskroom/cask/brew-cask
# update/install:
@tafkey
tafkey / git_overview
Last active October 19, 2023 15:15
Print git status of all repositories under the current folder
find . -type d -name '.git' | while read dir ; do sh -c "cd $dir/../ && echo -e \"\nGIT STATUS IN ${dir//\.git/}\" && git status -s" ; done
@kirbysayshi
kirbysayshi / flatten_and_test.js
Last active May 14, 2019 15:31
flatten an object into a single depth using string keys
require('tap-browser-color')();
var test = require('tape');
test('it flattens!', function(t) {
var input = {
users: [
{ name: 'name1', id: 1, image: { '64x64': 'http://1' } },
{ name: 'name2', id: 2, image: { '64x64': 'http://2' } }
],
errors: [ new Error('err1') ],
@nicolasembleton
nicolasembleton / restart_bluetooth.sh
Last active May 11, 2024 17:43
Restart Bluetooth Daemon on Mac OS X without restarting
#!/bin/bash
sudo kextunload -b com.apple.iokit.BroadcomBluetoothHostControllerUSBTransport
sudo kextload -b com.apple.iokit.BroadcomBluetoothHostControllerUSBTransport
@wenzhixin
wenzhixin / jquery.base64.js
Created October 29, 2014 02:28
Base64 plugin support unicode characters.
jQuery.base64 = (function($) {
// private property
var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
// private method for UTF-8 encoding
function utf8Encode(string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
@blazs
blazs / sha-collision.py
Created January 25, 2014 15:37
Very simple script that uses birthday paradox to find a collision for hash function H(x) that truncates output of SHA-256(x) to 50 bits. Written for cryptography class. Note that this is very memory-intensive, using up to 4.5GB's of main memory when no collision is found.
#
# Very simple script that uses birthday paradox to find collision for hash function H(x)
# that truncates the output of SHA-256(x) to 50 bits. Written for cryptography class.
# See [Stinson, 2005] for why this works.
#
import hashlib
import os
import binascii
@epinna
epinna / popfinder.php
Last active April 7, 2018 16:50
Popfinder is a simple script that helps PHP code analysis of PHP in case of object injection via unserialize function.
<?
/*
popfinder.php - Emilio Pinna 2013
Popfinder is a simple script that can helps code analysis of PHP in case of possible object
injection[1][2] in unserialize function.