Skip to content
View mbijon's full-sized avatar
🎯
Focusing
🎯
Focusing
59 followers · 138 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Organizations

@WorkingGroupLink

Block or report mbijon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 250 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. Use Kimi model by Moonshot in Claude... Use Kimi model by Moonshot in Claude Code. This function shims your .bashrc/.zshrc
    1 
    # Shim the Kimi model by Moonshot into Claude Code
    2 
    export ANTHROPIC_AUTH_TOKEN={Your Kimi / Moonshot API key}
    3 
    export ANTHROPIC_BASE_URL=https://api.moonshot.ai/anthropic
  2. Syslog nginx without $ or patching, ... Syslog nginx without $ or patching, http://syshero.org/post/68174083489/nginx-syslog-ing-without-breaking-the-bank-or-patching (1) directory/fifo structure: mkdir -p /srv/logs/ mkfifo /srv/logs/access.log mkfifo /srv/logs/error.log (2) nginx conf: error_log /srv/logs/error.log; access_log /srv/logs/access.log; (3) remember to start syslog-ng before nginx!
    1 
    source s_nginx_20 { pipe("/srv/logs/access.log" program_override("nginx-access-log")); };
    2 
    source s_nginx_21 { pipe("/srv/logs/error.log" program_override("nginx-error-log")); };
    3 
    
              
    
              
    
                4
                
    filter f_nginx_20 { match("nginx-access-log" value("PROGRAM")); };
    
              
    
              
    
                5
                
    filter f_nginx_21 { match("nginx-error-log" value("PROGRAM")); };
    
              
    
          
    
    
    
  
    

    3. 

      

  3. 
  
    
    
    
      
    
        
        Bash stuff for fighting a weak DOS a...  Bash stuff for fighting a weak DOS attack      
    

          
    
              
    
                1
                
    # Here a few bash one-liners that helped me analyze / fight a weak DOS attack against debuggable.com. Mostly for future reference.
    
              
    
              
    
                2
                
    # The attacker was opening lots of tcp connections without sending data, I believe it's called a SYN flood, see: http://tools.ietf.org/html/rfc4987#section-3.2
    
              
    
              
    
                3
                
    
              
    
              
    
                4
                
    # Step 0: Check what is going on at port 80
    
              
    
              
    
                5
                
    $ netstat -tan | grep ':80 ' | awk '{print $6}' | sort | uniq -c
    
              
    
          
    
    
    
  
    

    4. 

      

  4. 
  
    
    
    
      
    
        
        CLI command to start Chrome with XSS...  CLI command to start Chrome with XSS Auditor disabled. Use for XSS/security testing      
    

          
    
              
    
                1
                
    '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome' --disable-xss-auditor --enable-devtools-experiments --disable-features=enable-automatic-password-saving
    
              
    
          
    
    
    
  
    

    5. 

      

  5. 
  
    
    
    
      
    
        
        Tor fingerprinting code-injection (a...  Tor fingerprinting code-injection (allegedly by FBI)
--from: http://www.twitlonger.com/show/n_1rlo0uu      
    

          
    
              
    
                1
                
    //nl7qbezu7pqsuone.onion/?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0 iframe:
    
              
    
              
    
                2
                
    
              
    
              
    
                3
                
    <html>
    
              
    
              
    
                4
                
    <body>
    
              
    
              
    
                5
                
    <iframe frameborder=0  border=0 height=1 width=1 id="iframe"> </iframe>
    
              
    
          
    
    
    
  
    

    6. 

      

  6. 
  
    
    
    
      
    
        
        XSS filtering in PHP (cleans various...  XSS filtering in PHP (cleans various UTF encodings & nested exploits)      
    

          
    
              
    
                1
                
    <?php
    
              
    
              
    
                2
                
    /*
    
              
    
              
    
                3
                
     * XSS filter, recursively handles HTML tags & UTF encoding
    
              
    
              
    
                4
                
     * Optionally handles base64 encoding
    
              
    
              
    
                5
                
     *
    
              
    
          
    
    
    
  
    

    7.