Skip to content

Instantly share code, notes, and snippets.

View mrsinguyen's full-sized avatar
🎯
Focusing

Si Nguyen mrsinguyen

🎯
Focusing
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active April 7, 2025 09:15
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@adtac
adtac / Dockerfile
Last active April 7, 2025 15:29
#!/usr/bin/env docker run
#!/usr/bin/env -S bash -c "docker run -p 8080:8080 -it --rm \$(docker build --progress plain -f \$0 . 2>&1 | tee /dev/stderr | grep -oP 'sha256:[0-9a-f]*')"
# syntax = docker/dockerfile:1.4.0
FROM node:20
WORKDIR /root
RUN npm install sqlite3
@makhmudovrt
makhmudovrt / compose.yaml
Created October 25, 2023 18:33
Mongo 7 with a replica set with only one node in docker compose
version: "3.7"
services:
# simple
mongo:
image: mongo
command: mongod --replSet rs0 --bind_ip_all
healthcheck:
test: |
mongosh --eval "try { rs.status().ok } catch (e) { rs.initiate({ _id: 'rs0', members: [{ _id: 0, host: 'localhost:27017' }] }).ok }"

How to install game-porting-toolkit (aka proton for macOS)

You also might wanna just use Whisky which does this automatically

This guide works on macOS 13.4+ using Command Line Tools for XCode 15 Beta!

What is this?

In the recent WWDC, Apple announced and released the "game porting toolkit", which upon further inspection this is just a modified version of CrossOver's fork of wine which is a "compatibility layer" that allows you to run Windows applications on macOS and Linux.

@rain-1
rain-1 / LLM.md
Last active April 8, 2025 13:49
LLM Introduction: Learn Language Models

Purpose

Bootstrap knowledge of LLMs ASAP. With a bias/focus to GPT.

Avoid being a link dump. Try to provide only valuable well tuned information.

Prelude

Neural network links before starting with transformers.

@DavidWells
DavidWells / github-proxy-client.js
Last active March 3, 2025 17:47
Full Github REST api in 34 lines of code
/* Ultra lightweight Github REST Client */
// original inspiration via https://gist.github.com/v1vendi/75d5e5dad7a2d1ef3fcb48234e4528cb
const token = 'github-token-here'
const githubClient = generateAPI('https://api.github.com', {
headers: {
'User-Agent': 'xyz',
'Authorization': `bearer ${token}`
}
})
${ctx:loginId}
${map:type}
${filename}
${date:MM-dd-yyyy}
${docker:containerId}
${docker:containerName}
${docker:imageName}
${env:USER}
${event:Marker}
${mdc:UserId}
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active February 7, 2025 23:49
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
As noted by @murdats below, there are more URLs than just these 1440 ones, depending on the argument values
that are hashed (as the filenames below are MD5 hashes of a few arguments: red/blue pill color, HHMM time, etc.)
You can read details about the algorithm used to generate these URLs here:
https://news.ycombinator.com/item?id=28448335
---
00:00 https://thechoiceisyours.whatisthematrix.com/generated/v7/high/d43725991d28ffcab04aa716762cf6af.mp4
@ityonemo
ityonemo / test.md
Last active April 24, 2025 05:35
Zig in 30 minutes

A half-hour to learn Zig

This is inspired by https://fasterthanli.me/blog/2020/a-half-hour-to-learn-rust/

Basics

the command zig run my_code.zig will compile and immediately run your Zig program. Each of these cells contains a zig program that you can try to run (some of them contain compile-time errors that you can comment out to play with)