Flask OAuthLib Examples
https://github.com/lepture/flask-oauthlib/blob/master/example/github.pyhttps://github.com/bjourne/vvm/blob/master/app/users/views.py
https://github.com/bjourne/vvm/blob/master/app/users/views.py
Override get_query based on GET parameter - Flask-Admin
This will change the results in a flask-admin index view based on GET parameters. In most cases, using filters to do this is probably a better idea.
Changing A Single GET Parameter In Request - Flask
SQLAlchemy Performance Tip
http://www.mobify.com/blog/sqlalchemy-memory-magic/"If you can process the results of database queries iteratively (and very often you can), stream the results"
"Since the data needs to travel over the network from the database whether it's streamed or not, this doesn't add a huge overhead, but we'll see that it reduces memory requirements."
Example (using Flask-SQLAlchemy):
db.engine.execution_options(stream_results=True).execute(query)
However, that's not the full story when it comes to MySQLdb (MySQL-python). http://stackoverflow.com/a/3699677
If you're going to do this with mysql, I recommend using oursql: https://pypi.python.org/pypi/oursql
Enable Threading - Flask
http://stackoverflow.com/a/14823968/1364191If you're going to be expecting more than one user on your flask server, you need to enable threading like this: app.run(host='0.0.0.0', port=5000, threaded=True)
Unfortunately, the threading makes Ctrl+C not work sometimes and I'll have to kill the thread manually.
For better solutions for production, check out these WSGI solutions: http://flask.pocoo.org/docs/0.10/deploying/wsgi-standalone/
Mosh - SSH Without Dropped Connections
https://mosh.mit.edu/Warning: As of 10/17/2014, it's still in development and they haven't implemented scrollback yet. However, you can use screen and view the scrollback with Ctrl+A then Esc.
Things I Learned From DEFCON
Pentoo - Linux distro for pen testing.
VMware fusion - Most of the presenters were using a Macbook with VMware fusion managing their VMs.
Chinavasion - One of the presentations mentioned this in the context of dealextreme, I'm assuming this site is similar.
Kali linux - Another distro for pen testing.
Open bts
Sqlmap (SQLi injection) - Python tool used to tell if php pages were vulnerable to SQLi injection.
C99 shell - PHP interface for shell level system functions.
b374k shell - Another shell which allows an user to run file system, database, and shell commands from a web interface.
Accunetix (xss)
Business logic flaws in mobile operators
Doskey /history - Will show you all the previous commands typed into command prompt.
Maria DB - When oracle took over MySQL, it forked and maria db is still run by the previous developers.
Firefox imacro - A presenter said he uses this for all of his bots.
Burp repeater - Looks similar to fiddler, allows repeating http packets. Maybe only for Mac.
Fritzing
Groupie and Geocouch (couch dB) - This was used in combination with the unity engine to display clusters of map points in a video game.
Steganography - The word for hiding data inside of other files. A presenter showed how histograms could be used.
Femtocells - A personal cell tower. One of the presentations talked about how to use a femtocell to intercept text messages to a Verizon (CDMA) phone.
Shark - Has something to do with a hadoop, good for storing large amounts of data.
SuperTimeline
VMware fusion - Most of the presenters were using a Macbook with VMware fusion managing their VMs.
Chinavasion - One of the presentations mentioned this in the context of dealextreme, I'm assuming this site is similar.
Kali linux - Another distro for pen testing.
Open bts
Sqlmap (SQLi injection) - Python tool used to tell if php pages were vulnerable to SQLi injection.
C99 shell - PHP interface for shell level system functions.
b374k shell - Another shell which allows an user to run file system, database, and shell commands from a web interface.
Accunetix (xss)
Business logic flaws in mobile operators
Doskey /history - Will show you all the previous commands typed into command prompt.
Maria DB - When oracle took over MySQL, it forked and maria db is still run by the previous developers.
Firefox imacro - A presenter said he uses this for all of his bots.
Burp repeater - Looks similar to fiddler, allows repeating http packets. Maybe only for Mac.
Fritzing
Groupie and Geocouch (couch dB) - This was used in combination with the unity engine to display clusters of map points in a video game.
Steganography - The word for hiding data inside of other files. A presenter showed how histograms could be used.
Femtocells - A personal cell tower. One of the presentations talked about how to use a femtocell to intercept text messages to a Verizon (CDMA) phone.
Shark - Has something to do with a hadoop, good for storing large amounts of data.
SuperTimeline
Alembic Cheat Sheet - Python/SQLAlchemy
alembic revision --autogenerate -m "<your message>"alembic upgrade head
Problem: FAILED: Target database is not up to date.
Solution: alembic upgrade head
Problem: No such revision '5000106def16'
Solution:
- sqlite3 db.sqlite3
- drop table alembic_version; (and exit, ctrl+d)
- alembic upgrade head
Failed to fetch http://security.ubuntu.com
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/quantal-security/main/binary-amd64/Packages 404 Not Found [IP: 91.189.91.14 80]This is happening because you're on an unsupported/old version of Ubuntu.
One way to fix it:
- nano /etc/apt/sources.list
- Change all entries referring to http://archive.ubuntu.com/ubuntu to http://old-releases.ubuntu.com/ubuntu
Best Python Tricks
https://gist.github.com/JeffPaine/6213790Most of the examples involve making your code much faster by using iterators instead of creating copies of the data. Example: xrange
Here's the video: https://www.youtube.com/watch?v=OSGv2VnC0go