2941
notes/Gathering-weak-npm-credentials.md at master · ChALkeR/notes
Or how I obtained direct publish access to 14% of npm packages (including popular ones).
The estimated number of packages potentially reachable through dependency chains is 54%.
javascript  npm  security  js  breach  infosec  netsec  hacks 
12 hours ago
Lock Down Sinon Stub | Better world by better software
function notAllowed () {
const args = JSON.stringify(...arguments)
throw new Error(`Not allowed to call this function with arguments
${args}
`);
}
js  javascript  testing  tests  sinon  npm 
yesterday
Archiveteam
How to back up and archive all the things
history  tools  web  backup  dataset  archive  downloader  blog  blogging 
29 days ago
Wappalyzer
Plugin / bookmarklet / npm lib to check a website for what technology it uses. JS libs, Nginx version, frameworks & platforms, etc
security  netsec  infosec  recon  chrome  plugin  nodejs  node  npm  browser 
4 weeks ago
javascript - how to show alternate image if source image is not found?
using onerror="" html attribute with non-existent image, you can inject js for pages that filter <script> out of user input. Fun!
stack_overflow  html  html5  javascript  js  security  netsec 
6 weeks ago
bkimminich/juice-shop - Buttons - Heroku Elements
OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws.

one-click deploy to Heroku!
security  netsec  infosec  pentest  webapp  heroku  owasp  ctf 
6 weeks ago
Tell Me When it Closes
Get 1 email when an issue or PR closes
(instead of getting a million emails by subscribing)
api  github  tools  notifications  email  thoughtbot  app  oauth 
6 weeks ago
Explore | Resource Watch
NatGeo's list of global datasets
dataset  bigdata  open_data  list 
6 weeks ago
Twitter
Typical U.S. homeowners are gaining more than $50 of equity in their homes during every eight-hour workday.... In…
from twitter_favs
6 weeks ago
Twitter
・ 。
🐝∴。
 ・゚*。🐝・
  ・ *゚。   *
  ・ ゚*。・゚🐝。
   🐝・。°*. ゚
  ゚。·*・。 ゚*
   ゚ *.。🐝。🐝 ・
  * 🐝 。・゚*.。
     * 🐝 ゚・。 * 。…
from twitter_favs
6 weeks ago
Twitter
Curriculum: How To Appear Human For Up To Two Hours, 10 Ways To Beat The Voight Kampff Test, What Humans Really Sou…
from twitter_favs
6 weeks ago
Twitter
Everyone at home kept watching Netflix using my profile. Messed up all my lists and history... so I renamed “Dad” t…
from twitter_favs
6 weeks ago
Twitter
Hacker Uses Exploit to Generate Verge Cryptocurrency Out of Thin Air
cryptocurrency  XVG  from twitter_favs
7 weeks ago
Twitter
RT : Facebook wanted anonymized medical records from hospitals so they could hash it against Facebook profile data, effe…
from twitter
7 weeks ago
Twitter
RT : "we don't have a preference for the language (or languages) you use during the interview"

I'm ready
from twitter_favs
7 weeks ago
Twitter
RT : don't take hims baby

📸ig: lunathemoonface
from twitter
7 weeks ago
Twitter
RT : have gotten multiple reports that Dropbox SF is on lockdown due to an active shooter in the area. if you work near…
from twitter
7 weeks ago
WordLock Analysis - Google Sheets
All English words you can make with 4 & 5-letter word locks
security  infosec  lockpicking  opsec  physical_security  puzzles 
7 weeks ago
Twitter
When you try to understand a new programming language.
from twitter_favs
7 weeks ago
Twitter
If I hear one more person say something like “Posse Comitatus is what makes us a democracy” I’m going to start thro…
from twitter_favs
7 weeks ago
Game of Hacks | Checkmarx
Can you spot the vulnerabilities in this code?
game  games  programming  security  netsec  infosec  education  learning 
7 weeks ago
Twitter
Oh dammit to hell, I *liked* Calibri! Whatever, still better than Roboto
from twitter
7 weeks ago
« earlier      
academic algorithm algorithms amazon analytics animation api app apple architecture article audio aws background bash best_practices bigdata blog blogging book books bot browser chat chatbot chatops cheatsheet chef chrome ci cli cloud code coding color command_line concurrent configuration crypto cs css culture dashboard data data_science data_structures database dataset db debug debugging deploy design design_patterns dev development devops dns docker documentation ebook ec2 editor education effects elastic elasticsearch elixir elk email encryption environment erlang etl example fb font fonts framework free frontend functional funny game gamedev games gaming gem gems generator git github go golang graphics guide hacks heroku html html5 i18n image images infosec interviewing interviews ios it java javascript jekyll jquery js kafka kibana language learning lecture library linux list local logging logstash mac machine_learning macos math memory metrics monitoring music music_production netsec network neural_net node nodejs npm open_data open_source opensource ops optimization osx pattern patterns pentest performance physics plugin politics postgres production programming python rails railsconf react reactjs recon redis reference regex rspec ruby rubygems saas sass science screencast script scss search security server shell shopping slack software spec speed sql static statistics style styleguide styles sysadmin talk talks terminal terraform test testing tests tips toolkit tools tutorial twitter type typography ui unicode unix upgrade ux video visualization web wifi zsh

Copy this bookmark:



description:


tags: