Skip to content

Instantly share code, notes, and snippets.

View AvasDream's full-sized avatar
🎯
Focusing

AvasDream

🎯
Focusing
131 followers · 161 following
View GitHub Profile
@AvasDream
AvasDream / dorks.md
Last active September 27, 2022 21:44
Google Dorks Summary

Google Dorks for high Impact vulns

Arbitary File Upload in BuilderEngine

Query 13.11.19 - 86 Results

Packetstorm

inurl:/elfinder/elfinder.html+intitle:"elFinder 2.0"
@AvasDream
AvasDream / tmy.md
Last active November 23, 2019 09:02
Read Typical Meteorological Year from csv file. Extract month of TYM out of another csv file append tym month per year and convert to xslx.

Convert Data

Source

import os 
from datetime import datetime
import pandas as pd
from xlsxwriter.workbook import Workbook
import csv
@AvasDream
AvasDream / init-docker.py
Created October 29, 2019 10:27
Script to automatically install docker and set the tls certificates.
#!/bin/bash
echo "Start Installation"
sudo true
sudo apt update
if [ $? -eq 0 ]; then
echo "Updated sucessfully"
else
echo "Failed"
exit 1
@AvasDream
AvasDream / summary.md
Created September 9, 2019 08:25
Web application testing summary.

1.1 Explore Visible Content

  • Enable passive spidering/monitoring
  • Browse the entire application in the normal way (visiting every link/URL; interacting with every function)
    • Browse with JS enabled/disabled
    • Browse with Cookies enabled/disabled
  • If authentication is in use: Create an account, use this account to access protected functionality
  • While browsing monitor requests/responses understanding kinds of data
@AvasDream
AvasDream / pythonic.md
Last active September 4, 2019 12:39
Cheatsheet for python best practices

Motivation

Weeks of programming can save you hours of planning.

Indeed, the ratio of time spent reading versus writing is well over 10 to 1. We are constantly reading old code as part of the effort to write new code. ...[Therefore,] making it easy to read makes it easier to write.

Clean code is not written by following a set of rules. You don’t become a software craftsman by learning a list of heuristics. Professionalism and craftsmanship come from values that drive disciplines.

And last but not least sometimes i am reading my old code and get the feeling my past-self hates my future-self.

@AvasDream
AvasDream / nmap_to_html.sh
Last active August 13, 2019 10:09
Bash script to convert nmap xml output to html
#!/bin/bash
if [ $# -eq 0 ]
then
echo "No arguments supplied!"
echo "Usage:"
echo "./nmap_to_html <IP Range>"
exit 1
fi
@AvasDream
AvasDream / hacky_docker.md
Last active October 16, 2019 10:40
Hacky docker stuff

Delete all Images on Windows with Powershell

docker ps -aq | foreach {docker rm $_}

Set the timezone in a Dockerfile

@AvasDream
AvasDream / win-privacy.md
Last active June 15, 2019 12:06
Windows 10 Privacy

DNS

Set Encrypted DNS Server

netsh interface ip add dns name="Ethernet" addr=1.1.1.1 index=1

netsh interface ip add dns name="Ethernet" addr=208.67.222.123 index=2

@AvasDream
AvasDream / sss.md
Last active November 23, 2019 09:05
python scripts for
@AvasDream
AvasDream / log-analysis.md
Last active August 31, 2023 07:36
Monitor your ssh login attempts with Fail2ban and make a graph with python and the shodan api.

Analyse SSH Logins

We are looking at the auth.log file in /var/log/auth.log.

All the login attempts were captured in a time frame of ~3 Hours.

Get all Ips from logfile.

sudo cat /var/log/auth.log | grep "Failed password" | awk -F 'from' '{print $2}' | cut -d" " -f2 &gt; failed-login-ips.txt