Skip to content

Instantly share code, notes, and snippets.

View carlosotgz's full-sized avatar

Carlos Ortigoza carlosotgz

6 followers · 6 following
  • Monzo
  • Barcelona, Spain
View GitHub Profile
@vavkamil
vavkamil / blind-xss-cloudflare-worker.js
Last active November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request))
})
////////////////////////////////////////////////////////////////////////////////////////////////////
// ! DON'T LEAK THE SECRETS !
// Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/
const telegram_token = "*****REDACTED*****";
const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage";
@mcattarinussi
mcattarinussi / gpg-ssh-setup.md
Last active March 16, 2026 19:11
A setup guide to use a personal gpg key for ssh authentication

GPG - SSH setup

Generating the master key

Here we create the master key. We want only Certify capability: we use the master key only to create the subkeys, Sign - Encrypt - Authenticate capabilities will be assigned to the subkeys.

Run the following command to start the master key generation process. Select the set your own capabilities creation process (type 8)

  ▶ gpg --full-generate-key --expert

gpg (GnuPG) 2.2.9; Copyright (C) 2018 Free Software Foundation, Inc.

@curi0usJack
curi0usJack / .htaccess
Last active February 20, 2026 06:04
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#