Skip to content

Instantly share code, notes, and snippets.

View pfqueiros's full-sized avatar

Pedro Queirós pfqueiros

5 followers · 11 following
View GitHub Profile
@martinheld
martinheld / GraphQL introspection query via curl.md
Last active August 15, 2025 00:10
GraphQL introspection query via curl

GraphQL introspection query via curl

cat introspection_query.json

{ 
  "query": "query IntrospectionQuery {
      __schema {
        queryType { name }
        mutationType { name }
@ricardojba
ricardojba / windows_hardening.cmd
Last active March 8, 2026 07:31
A Windows hardening script
::##########################################################################################################################
::
:: This script can ruin your day, if you run it without fully understanding what it does, you don't know what you are doing,
::
:: OR BOTH!!!
::
:: YOU HAVE BEEN WARNED!!!!!!!!!!
::
:: This script is provided "AS IS" with no warranties, and confers no rights.
:: Feel free to challenge me, disagree with me, or tell me I'm completely nuts in the comments section,
@Bogdaan
Bogdaan / spycss-poc.py
Created February 3, 2018 22:04
Generate special CSS, witch sends user input to the remote server
#!/usr/bin/env python
#
# Generates:
# 1. input[value^="XXX"] rules
# 2. custom font "spyFont"
#
# See php examples at - https://github.com/Bogdaan/spycss
# Author Novikov Bogdan <hcbogdan@gmail.com>
@haccer
haccer / scanio.sh
Last active July 3, 2025 21:27
PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar
#!/bin/bash
# Usage : ./scanio.sh <save file>
# Example: ./scanio.sh cname_list.txt
# Premium
function ech() {
spinner=( "|" "/" "-" "\\" )
while true; do
for i in ${spinner[@]}; do
echo -ne "\r[$i] $1"
@mdang
mdang / SDLC.md
Last active January 10, 2025 10:52
Lesson: SDLC

The Software Development Life Cycle

Learning Objectives

Conceptual

  • Explain what SDLC is and why we use it
  • Provide a general overview of what "Agile" means and compare it to Waterfall
  • Explain what SCRUM is, and how it relates to agile.
  • Describe the process of requirements gathering.
  • Explain what a user story is, and what specific points it should include.
@sivel
sivel / better-ssh-authorized-keys-management.md
Last active March 4, 2026 16:39
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server: