3m3x 3m3x
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail # https://vaneyckt.io/posts/safer_bash_scripts_with_set_euxo_pipefail/ | |
| mkdir ~/src ~/bin | |
| cd ~/src | |
| # | |
| # General tools | |
| # | |
| sudo add-apt-repository ppa:neovim-ppa/unstable |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Display more rows than the limit from a dataframe | |
| with pd.option_context("display.max_rows", 1000): | |
| display(my_data_frame) |
3m3x
/ tidbits.py
Last active
October 13, 2019 17:13
A motley crew of useful things you might want to do (in Python)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Make 1024 binary numbers | |
| # | |
| import itertools | |
| binary_numbers = [''.join(digits) | |
| for digits in itertools.product(*[['0', '1'] for _ in range(10)])] | |
| print(binary_numbers) | |
| # | |
| # Use types to enforce types of values used in an LRU cache |
3m3x
/ mal_filename_post.py
Last active
September 10, 2019 12:26
Malicious POSTing with the requests library
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import requests | |
| LOGIN_URL = 'http://localhost:8888/login' | |
| sesh = requests.Session() # create cookie-persisting session | |
| login_page = sesh.get(LOGIN_URL) | |
| assert login_page.status_code == 200 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Anonymously read and write to S3 bucket | |
| aws s3 ls s3://$RANDOM_BUCKET/ --region us-east-1 --no-sign-request | |
| aws s3 cp $HOME/my_file.js s3://$RANDOM_BUCKET/js/ --region us-east-1 --no-sign-request | |
| # Show all hosted zones | |
| aws route53 list-hosted-zones | jq '.HostedZones [] .Name' | |
| # Show route tables | |
| aws ec2 describe-route-tables | \jq '.RouteTables | .[] | .Routes [] | .GatewayId + " " + .DestinationCidrBlock' | sort | uniq |
3m3x
/ nmap-scan-diff.sh
Created
September 13, 2019 11:45
Nmap a target periodically and be updated on any changes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Taken from https://nmap.org/book/ndiff-man-periodic.html | |
| # | |
| # Add the following to your crontab to run the scan at 1PM each day: | |
| # | |
| # 0 13 * * * /home/YOUR_HOME_DIR/bin/nmap-scan-diff.sh | |
| # | |
| TARGETS="192.168.1.1" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export API_TOKEN=YOUR_WPVULNDB_API_TOKEN | |
| # Get all vuln info foor Wordpress 5.2.3 | |
| curl -H "Authorization: Token token=$API_TOKEN" https://wpvulndb.com/api/v3/wordpresses/523 | |
| # Get all of the vulnerabilities that affect a particular plugin | |
| curl -H "Authorization: Token token=API_TOKEN" https://wpvulndb.com/api/v3/plugins/eshop | |
| # Get all of the vulnerabilities that affect a particular theme | |
| curl -H "Authorization: Token token=API_TOKEN" https://wpvulndb.com/api/v3/themes/pagelines |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Look up all DNS records | |
| nslookup -type=any example.com | |
| dig example.com ANY +noall +answer | |
| # Get your current IP from the Internet's point of view | |
| curl -s http://ifconfig.co |
3m3x
/ proc_cheat_sheet.sh
Last active
September 20, 2019 08:40
Useful commands to run against /proc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Obtain the (IPv4) addresses for all network interfaces | |
| awk '/32 host/ { print f } {f=$2}' <<< "$(</proc/net/fib_trie)" | |
| # Get info about the CPU | |
| cat /proc/cpuinfo | |
| # List the available filesystems | |
| cat /proc/filesystems | |
| # See what filesystems are mounted |
3m3x
/ Google-Functions-filesystem.txt
Created
September 20, 2019 09:51
Filesystem layout of a Google Functions container
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / | |
| /bin | |
| /bin/bash | |
| /bin/bunzip2 | |
| /bin/bzcat | |
| /bin/bzcmp | |
| /bin/bzdiff | |
| /bin/bzegrep | |
| /bin/bzexe | |
| /bin/bzfgrep |
OlderNewer