Skip to content

🥦 kościelniak.pro

Main Navigation/uses

Appearance

Sidebar Navigation

whoami

About

Digital Garden

Experiments

Experiments

dot-cross

Ideas

Open Source

Zelda AI

Knowledge

3d printing

Fixing Tevo Tarantula: Part 1

JXA

ADHD

Ai

AI

Llm

LLMs and calculations

ChatML

Embedding

Emergence

GPT

Hallucinations

One-shot / Few-shot

Prompt structure

Prompt

Self consistency

Temperature

Token window

Tokenisation

Undeterministic nature of LLMs

Neural-networks

Convolutional Neural Network

Recursive-neural-network

Telegram Bot with Make

Useful prompts

Whisper

Beatmaking

CSS

Databases

DBML

DBMS

MySQL Cheatsheet

Primary Key

Design-patterns

Behavioural

Memento

Design Patterns

Structural

Adapter

Firebase

Funny

Git

Git reset

Graph-ql

Apollo Client

Caching in Apollo Client

GraphQL Documentation

GraphQL Document

GraphQL

GraphQL Queries

GraphQL Server

TypeDefs

HTML

Http

HTTP Headers

HTTP

URL vs URI

Javascript

Arrow fn vs regular one

JavaScript

Object.freeze

Testing

Configuring-jest

Code Coverage in Jest

Configuring Jest for testing JS applications

Cypress

Fundamentals of testing with Cypress and Testing Library

Custom Cypress commands

Cy.request fn

Debugging tests in Cypress

First test in Cypress

Install React Dev Tools in Cypress

Testing login flow in Cypress

Testing registration flow in Cypress

Fundamentals

DOM Testing Library

Pyramid of Testing

Simple testing framework in JS

Jest

Using fake data in tests

Integration tests using Testing Library

TDD with UI in React Testing Library

Testing components with Jest and React Testing Library

Testing custom React hooks

Testing React portals

Testing Redux

Mocking

Static Analysis

Testing JavaScript

Wat

Yarn vs npm

Kotlin

Architecture Components

Challenges with threads in Android

Companion object

CoroutineScope

Coroutines

Data class

Deferred

Dispatcher

Extension functions

GlobalScope

Job

LifecycleScope

Menu

Primary constructor

Testing coroutines

Threads in Android

WorkManager

Async

Data-store

DataStore

Proto DataStore

Preferences-datastore

Databases

DAO

Data entities

Database class

Entity class

Testing databases

ViewModel

ViewModelScope

Migration object

Migration strategy

Kotlin

Main-safety

Repository

RunBlocking

Suspend

Testing

Instrumentation tests

Instrumentation

Local tests

Rule

Volatile variable

Lexical

Linux

Jailkit

Linux-from-scratch

Introduction

Fetching necessary packages

Final preparations

Building the Cross Compilation Toolchain

Linux From Scratch

Pocket-chip

Package manager and SSH

Installing Web Browser

St

C.H.I.P. as conference badge

Pocket C.H.I.P

Screenshots via SSH

Zsh

Remove empty subdirectories

Linux

Machine-learning

OpenCV

Markdown-it

Networks

ARP

Subnetworks

Off-sec

Foxy-proxy-basic

Glossary

Certificate Authority

CSIRT

Cross-Site Request Forgery

/etc/hosts

Fuzzing

Hacktivism

Hashing

ICMP

In-band vs Out-band

Payload

Security operations center

Time To Live

Vetting

Hardening

Firewall

Offsec

Osint

OSINT

Pentesting

Black hats

Blind XSS

Command Injection

DOM-based XSS

Incident Response

LFI/RFI prevention

Local File Inclusion

Null Byte Injection

Path Traversal

Pentesting

Practical XSS example

Purple Team

Recce

Active Reconnaissance

Passive Reccoinassance

Recce with web browser

Reconnaissance

Red team

Red vs Blue Teams

Reflected XSS

Remote File Inclusion

Rules of Engagement

Statement of Work

SQLi

Server-side Request Forgery

Stored XSS

The Unified Kill Chain

XSS

Tools

Arp-scan

Burp

Burp Suite

Burp Comparer

Useful configuration settings

Burp Decoder

Burp Extender

Burp Intruder

Burp Macros

Burp Proxy

Burp Repeater

Burp Sequencer

Dig

DNSDumpster

Masscan

Netcat

Nmap

Discovering live hosts with Nmap

Enumerating hosts

Nmap Host Discovery using ARP

Nmap Host Discovery Using ICMP

Nmap Host Discovery Using TCP

Nmap

Port

Advanced Port Scanning with NMap

Port scanning with NMap

Reverse DNS lookup

Nmap's Scripting Engine

Spoofing and Decoys with Nmap

TCP header

Nslookup

Ping

Shodan.io

Telnet

Traceroute

WHOIS

Write-ups

Dvwa

DVWA: XSS Reflected (low)

PicoCTF

Flag_shop

GET aHEAD

HashingJobApp

Matryoshka-dolls

Thm

LFI CTF

LFI CTF 2

LFI CTF 3

Remote Code Execution CTF

Oop

Abstraction

Coupling

CQS

Encapsulation

Inheritance

Interface

Polymorphism

SOLID

Single Responsibility Principle

Unified Modeling Language

Others

Microsoft SmartScreen

Assetto Corsa Launchers

Assetto Corsa telemetry

Bus factor

JSON Web Token

Optimistic updates

Pure function

Reddit

Side Effects

Kill with Exit Code != 0

Performance

Memoisation

Php

Install PHP 7.4 in 2023

Php.ini

PHP tips

React

Children

Class component's lifecycle

Class components

Class vs Functional components

Code splitting

Component state vs Class fields

Containers vs Presentation Components

Context API

Error-boundaries

Functional-components

Higher Order Components

Hooks

React.useContext

React.useEffect

React.useReducer

React.useRef

React.useState

Custom hooks

Hook-rules

UseCallback

UseMemo

React Hooks

Key prop

Packages

Apisauce

Axios

Integration-with-non-react-libs

Moize

React-query

QueryClient

Demo of React Query + YNAB

React Query

UseMutation hook

UseQuery hook

Performance optimisation in React

Portals

Profiling React

Prop drilling

Props

Pure Component

React.memo

React Window

React.Children

React.Fragment

React.Suspense

React.forwardRef()

React.lazy()

React

Reconciliation

Refs

Render props

StrictMode

Super()

Synthetic Events

Virtual DOM

React-native

Input

Linking libraries

Native Modules (Android)

Native-modules-ios

Native-modules

React Native

RegExp

REST

Skateboarding

Software-architecture

Library Oriented Architecture

Swift

Tailwind CSS

Threads

Concurrency

Race condition

Challenges with Threads

Thread

Typescript

Async/await

Fetch API

Json-server

Promise

Type vs Interface

Yup

Web3

ABI

Chainlink

QuickNode

The API Connectivity problem

Blockchain

Crypto wallet

Decentralized Oracle Network

Ethereum

ERC721 standard

Burning tokens

Eth_accounts

Eth_requestAccounts

Ethereum

Gas fee

Goerli Testnet

Ethereum network methods

Tokens

Frontend

Providers

Signers

Ethers.js

Front-end for web3

Oracle

SPDX License Identifier

Single point of failure

Smart contracts

Solidity

Hardhat

SafeMath

Address function

Approve fn

Assert fn

BalanceOf function

Comments

DApp

Ownership transfer in ERC721

Ether keyword

Event

Function

Inheritance

Libraries

Mapping

Modifiers

Msg.sender

Overflows & Underflows

OwnerOf

Payable modifier

Pragma

Randomness

Require function

Solidity

State Variable

Struct packing

TransferFrom function

Variable types

View function modifier

Transaction

Web3

Webdev

DOM

Chrome Debugger

Wordpress

Woo-commerce

Debugging

WooCommerce

Wp-cli

Reading

Reading List

Booknotes

Codzienność na Autopilocie

Create or Hate

Finansowy Ninja 🇵🇱

Jak się wybudować i nie zwariować 🇵🇱

The Life-changing Magic of Tidying Up

Make: The Indie Maker Handbook

One Small Step Can Change Your Life: The Kaizen Way

The Subtle Art of Not Giving a Fuck

How do I read?

Tools

Apps

Apps

Arc

BetterTouchTool

Kindle

Neovide

Obsidian

Raycast

Session

VitePress

VS Code

Automation

Automation

Karabiner

Keyboard-maestro

Keyboard Maestro

Macros

Copy Arc Url as MD

Copy Samples to MPC

Script-kit

Arc: Default Theme

ScriptKit

Shortcuts

Automate grayscale for apps

Shortcuts

Toggle pomodoro in Session

Cli

Bat

Fd

Fzf

Lolcat

Rsync

Tmux

Yabai

Z

Zsh

Hardware

Desk

Hardware

IPad Mini 6

IPhone 13 Pro Max

Keychron K2

MacBook Pro 14"

Mortuary

Philips 346B

Stream Deck 2

On this page

Table of Contents for current page

Offsec

Most of the content here is based on TryHackMe.com room descriptions with other bits of knowledge I obtained along the way.

Resources

vulp3cula's hacker's grimoire
https://github.com/vavkamil/awesome-vulnerable-apps
https://secure77.de/
Łamanie haseł logowania do webaplikacji. Niebezpieczny Poradnik Pentestera S01E01
Unknow's HackMe series
Poisontap
GTFOBins
Demo: Brute-forcing a macOS user’s real name from a browser using mDNS
https://pentesting.zeyu2001.com/
https://old.reddit.com/r/hacking/wiki/index