Skip to content
View mbijon's full-sized avatar
🎯
Focusing
🎯
Focusing
63 followers · 141 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Organizations

@WorkingGroupLink

Block or report mbijon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. heatseeker heatseeker Public

    Don't step in lava! Navigate from the bottom-left to the top-right based on the heat of each tile. ARC-AGI-3 challenge game.

    TypeScript 2

  2. JsonFmt JsonFmt Public

    VSCode extension to format JSON, JSONC and JSONL for human-readability

    TypeScript

  3. Use Kimi model by Moonshot in Claude... Use Kimi model by Moonshot in Claude Code. This function shims your .bashrc/.zshrc
    1 
    # Shim the Kimi model by Moonshot into Claude Code
    2 
    export ANTHROPIC_AUTH_TOKEN={Your Kimi / Moonshot API key}
    3 
    export ANTHROPIC_BASE_URL=https://api.moonshot.ai/anthropic
  4. Repo security pattern search commands Repo security pattern search commands
    1 
    # Secrets, Evals, and Unsafe practices
    2 
    grep -r "password\|secret\|api_key\|token" /repo -e .env -e .env.local --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" 2>/dev/null | head -20
    3 
    grep -r "http://" /repo/src --include="*.ts" --include="*.tsx" 2>/dev/null | grep -v "https://" | head -20
    4 
    grep -r "(eval|Function)\(|dangerouslySetInnerHTML|__html|v-html" /repo 2>/dev/null | head -20
    5 
    grep -r "public/**/*.html" /repo 2>/dev/null | head -20
  5. Bash stuff for fighting a weak DOS a... Bash stuff for fighting a weak DOS attack
    1 
    # Here a few bash one-liners that helped me analyze / fight a weak DOS attack against debuggable.com. Mostly for future reference.
    2 
    # The attacker was opening lots of tcp connections without sending data, I believe it's called a SYN flood, see: http://tools.ietf.org/html/rfc4987#section-3.2
    3 
    
              
    
              
    
                4
                
    # Step 0: Check what is going on at port 80
    
              
    
              
    
                5
                
    $ netstat -tan | grep ':80 ' | awk '{print $6}' | sort | uniq -c
    
              
    
          
    
    
    
  
    

    6. 

      

  6. 
  
    
    
    
      
    
        
        Syslog nginx without $ or patching, ...  Syslog nginx without $ or patching, http://syshero.org/post/68174083489/nginx-syslog-ing-without-breaking-the-bank-or-patching

(1) directory/fifo structure:

mkdir -p /srv/logs/

mkfifo /srv/logs/access.log

mkfifo /srv/logs/error.log

(2) nginx conf:

error_log /srv/logs/error.log;

access_log /srv/logs/access.log;

(3) remember to start syslog-ng before nginx!      
    

          
    
              
    
                1
                
    source s_nginx_20 { pipe("/srv/logs/access.log" program_override("nginx-access-log")); };
    
              
    
              
    
                2
                
    source s_nginx_21 { pipe("/srv/logs/error.log" program_override("nginx-error-log")); };
    
              
    
              
    
                3
                
    
              
    
              
    
                4
                
    filter f_nginx_20 { match("nginx-access-log" value("PROGRAM")); };
    
              
    
              
    
                5
                
    filter f_nginx_21 { match("nginx-error-log" value("PROGRAM")); };
    
              
    
          
    
    
    
  
    

    7.