Skip to content

Instantly share code, notes, and snippets.

View Matir's full-sized avatar

David Tomaschik Matir

736 followers · 46 following
View GitHub Profile
@atoponce
atoponce / word-lists.md
Last active April 29, 2026 18:49
A list of notable and primarily English word lists that can be used for building passphrases.

Passphrase Word Lists

Introduction

This document outlines a number of different word lists for passphrase generation, encoding of binary data, and other uses. This document is grouped and sorted by the number of unique words in each word list, fewest unique words first.

Licensing Note

Some of these word lists are placed in the public domain, others are copyrighted with various licenses. Please refer to the license of each word

@ruanbekker
ruanbekker / k3s_on_alpine.md
Last active September 17, 2025 05:13
Install k3s on Alpine Linux 
$ apk add --no-cache curl
$ echo "cgroup /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab

$ cat > /etc/cgconfig.conf <<EOF
mount {
  cpuacct = /cgroup/cpuacct;
  memory = /cgroup/memory;
  devices = /cgroup/devices;
  freezer = /cgroup/freezer;
@lbrame
lbrame / podman_arch_rootless.md
Created February 11, 2020 17:47
Running rootless unprivileged Podman containers on Arch Linux

Setting up podman rootless containers on Arch Linux

Podman is a container engine that is similar to and fully compatible with Docker that has the peculiarity of not requiring a daemon to run and to allow for rootless containers, which are often deemed safer than privileged containers running as root. Podman is a drop-in replacement for Docker that even supports the same syntax and it has good support from Red Hat.

However, running podman rootless containers on Arch Linux may not be obvious, so I'm writing the instructions I have used to achieve that here.

Podman works using control groups and users from which said containers need to be launched need to be assigned an appropriate range of subordinate user and group IDs. On Arch Linux, these files are not present and they need to be created.

From a root shell:

@kekru
kekru / 01nginx-tls-sni.md
Last active May 13, 2026 15:06
nginx TLS SNI routing, based on subdomain pattern

Nginx TLS SNI routing, based on subdomain pattern

Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.

prerequisites

  • at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
  • check nginx -V for the following: 
    ...
TLS SNI support enabled
@i3v
i3v / cdm_fio.sh
Last active May 15, 2024 13:10
Reproducing CrystalDiskMark tests with fio - fixes for https://unix.stackexchange.com/revisions/480191/9
#!/bin/bash
# This script is based on https://unix.stackexchange.com/revisions/480191/9 .
# The following changes proved to be necessary to make it work on CentOS 7:
# * removed disk info (model, size) - not very useful, might not work in many cases.
# * using "bw" instead of "bw_bytes" to support fio version 3.1 (those availible through yum @base)
# * escaping exclamation mark in sed command
# * the ".fiomark.txt" is not auto-removed
LOOPS=5 #How many times to run each test
@nmaupu
nmaupu / create-debian-usb-key.sh
Last active February 11, 2024 14:34
Create Debian USB key automatic installation (preseed)
#!/usr/bin/env bash
set -e -x -o pipefail
DIRNAME="$(dirname $0)"
DISK="$1"
: "${DEBIAN_RELEASE:=stretch}"
: "${DEBIAN_VERSION:=9.2.1}"
: "${DEBIAN_MIRROR:=http://ftp.debian.org}"
@pajswigger
pajswigger / crlf-fixup.py
Created October 31, 2017 14:31
from burp import IBurpExtender, IHttpListener
class BurpExtender(IBurpExtender, IHttpListener):
def registerExtenderCallbacks(self, callbacks):
self.callbacks = callbacks
callbacks.registerHttpListener(self)
def processHttpMessage(self, toolFlag, messageIsRequest, message):
helpers = self.callbacks.getHelpers()
@ageis
ageis / YubiKey-GPG-SSH-guide.md
Last active February 22, 2026 15:25
Technical guide for using YubiKey series 4 for GPG and SSH

YubiKey 4 series GPG and SSH setup guide

Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.

You'll probably be working with a single smartcard, so you'll want only one primary key (1. Sign & Certify) and two associated subkeys (2. Encrypt, 3. Authenticate). I've published a Bash function which automates this slightly special key generation process.

@SansGuidon
SansGuidon / gpg cheat sheet.md
Last active November 5, 2023 09:28
GPG Cheat Sheet

Basics

generate key in batch mode using a custom profile

gpg --gen-key --batch gpgspecs

create a file with your fingerprint info and display the related information. A fingerprint is used as a robust key identifier

gpg --fingerprint

Best practices

@sskylar
sskylar / tags.html
Last active January 26, 2021 13:40
Sort Jekyll tags by popularity (number of posts)
<ul>
{% capture tags %}
{% for tag in site.tags %}
<li data-sort="{{ site.posts.size | minus: tag[1].size | prepend: '0000' | slice: -4, 4 }}">
<a href="/{{ site.tag_page_dir }}/{{ tag[0] | slugify: 'pretty' }}">{{ tag[0] }} <span>{{ tag[1].size }}</span></a>
</li>
{% endfor %}
{% endcapture %}
{{ tags | split:'</li>' | sort | join:'</li>' }}
</ul>