Skip to content

Instantly share code, notes, and snippets.

View BitPopCoin's full-sized avatar

BitPop BitPopCoin

12 followers · 9 following
View GitHub Profile
@cprima
cprima / README.md
Last active November 4, 2025 10:37
Bypass X-Frame-Options: PHP Proxy for iframe Embedding

PHP Proxy Script for Iframe Embedding

Description

This PHP script is a server-side proxy designed to bypass restrictions that prevent embedding external websites within iframes. Many websites use security headers (e.g., X-Frame-Options or Content-Security-Policy) to block their content from being displayed in iframes, leading to errors like "Content refused to connect." when trying to embed them directly. This proxy script retrieves the content server-side, modifies it, and delivers it to the iframe, effectively circumventing these restrictions.

Use Case

This script is particularly useful for integrating external web pages into Reveal.js presentations. Reveal.js allows the use of iframes to display content during slideshows. However, embedding some web pages directly often fails due to security restrictions. By using this proxy script, users can include external content seamlessly in their presentations without encountering connection errors.

Why is This Needed

@win3zz
win3zz / GitHub-Leaked-API-Keys-and-Secrets.md
Last active December 8, 2025 15:44

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@hedleysmith
hedleysmith / h2load_installation.sh
Last active November 23, 2023 08:06
Installing nghttp2 & h2load on Ubuntu 14.04
#! /bin/bash
sudo apt-get update
sudo apt-get install g++ make binutils autoconf automake autotools-dev libtool pkg-config zlib1g-dev libcunit1-dev libssl-dev libxml2-dev libev-dev libevent-dev -y
git clone https://github.com/nghttp2/nghttp2.git && cd nghttp2
autoreconf -i
automake
autoconf
./configure --enable-apps
make
@pejrak
pejrak / fullnode.md
Created October 9, 2014 13:37 — forked from romanz/fullnode.md

Bitcoin Full Node on AWS Free Tier

Provisioning

  • Launch one T2 micro instance, using Ubuntu 14.04 LTS AMI.
  • Open SSH and Bitcoin Protocol TCP ports: 22, 8333.
  • Attach 40GB EBS (General-Purpose SSD) volume for blockchain storage to /dev/sdf.

The pricing should be ~3$ for the first year (assuming 30GB upload per month). See here for more details.

@skyzer
skyzer / gist:24f80640e99070ec83bc
Last active March 21, 2020 19:54
<?php
function get_html_contents($full_url) {
return str_get_html($full_url); // simplehtmldom's function
}
function get_full_result_block($html) {
return $html->find('div#center_col', 0);
}
function get_topstuff($whole_result) {
@romanz
romanz / fullnode.md
Last active August 5, 2025 04:09
Bitcoin Full Node on AWS Free Tier

Bitcoin Full Node on AWS Free Tier

Provisioning

  • Launch one T2 micro instance, using Ubuntu 14.04 LTS AMI.
  • Open SSH and Bitcoin Protocol TCP ports: 22, 8333.
  • Attach 40GB EBS (General-Purpose SSD) volume for blockchain storage to /dev/sdf.

The pricing should be ~3$ for the first year (assuming 30GB upload per month). See here for more details.

@nojvek
nojvek / Tinder Auto-liker
Last active November 12, 2021 18:28
Tinder Auto-liker script
<?php
// Licence: WTFPL ! http://www.wtfpl.net/about/
$fbAuth = array("facebook_id" => "123456789", "facebook_token" => "<Use charles proxy to do man-in-middle SSL sniffing and extract fb token>");
// Do the magic.
$tinderToken = tinderCall("auth", "token", $fbAuth); // Authenticate
$authToken = "X-Auth-Token: $tinderToken\r\nAuthorization: Token token=\"$tinderToken\"\r\n";
@rtt
rtt / tinder-api-documentation.md
Last active October 6, 2025 20:20
Tinder API Documentation

Tinder API documentation

Note: this was written in April/May 2014 and the API may has definitely changed since. I have nothing to do with Tinder, nor its API, and I do not offer any support for anything you may build on top of this. Proceed with caution

http://rsty.org/

I've sniffed most of the Tinder API to see how it works. You can use this to create bots (etc) very trivially. Some example python bot code is here -> https://gist.github.com/rtt/5a2e0cfa638c938cca59 (horribly quick and dirty, you've been warned!)