ishideo

🚀 GNU Parallel Mastery: The Ultimate Cheat Sheet

📊 Basic Usage

Command	Description	Example
`parallel echo ::: A B C`	🔤 Process items in parallel	Output: A, B, C (in any order)
`parallel echo {} ::: *.txt`	🔍 Use {} as placeholder	Echoes names of all .txt files
`cat file.txt \| parallel echo`	📥 Read input from stdin	Processes each line of file.txt
`parallel -j4 command ::: item1 item2 item3`	🔢 Limit to 4 jobs at a time	Runs 'command' on items, max 4 parallel

UPDATE:

2023/12/18: This script has been improved and moved to the following repository:

https://github.com/shinsenter/docker-squash

Make your Docker images smaller by reducing the number of layers

Processing JSON using jq

jq is useful to slice, filter, map and transform structured json data.

Installing jq

On Mac OS

brew install jq

Penetrating Testing/Assessment Workflow & other fun infosec stuff

https://github.com/jivoi/pentest

My feeble attempt to organize (in a somewhat logical fashion) the vast amount of information, tools, resources, tip and tricks surrounding penetration testing, vulnerability assessment, and information security as a whole*

Reconnaissance
- Passive/Semi-Passive
  - Tools
Discover - https://github.com/leebaird/discover

nmap --top-ports <#ports> -v -oG - localhost

Top 100:

7,9,13,21-23,25-26,37,53,79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157

Top 1000:

	╔╦╗╦ ╦ ╔╗ ┬ ┬┌─┐ ╔╗ ┌─┐┬ ┬┌┐┌┬┐┬ ┬ ╦═╗┌─┐┌─┐┌─┐┬ ┬┬─┐┌─┐┌─┐┌─┐
	║║║╚╦╝ ╠╩╗│ ││ ┬ ╠╩╗│ ││ │││││ └┬┘ ╠╦╝├┤ └─┐│ ││ │├┬┘│ ├┤ └─┐
	╩ ╩ ╩ ╚═╝└─┘└─┘ ╚═╝└─┘└─┘┘└┘┴ ┴ ╩╚═└─┘└─┘└─┘└─┘┴└─└─┘└─┘└─┘

	//
	()==========>>======================================--
	\\


	2FA Bypass

	#!/usr/bin/env bb
	;; Script to search ddg.
	;; Takes a search term then asks you to select a bang.

	;; Copyright John Cooper
	;; This program is free software: you can redistribute it and/or modify it under the terms of the
	;; GNU General Public License as published by the Free Software Foundation,
	;; either version 3 of the License, or (at your option) any later version.
	;; This program is distributed in the hope that it will be useful,
	;; but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

	function reverseIp6 {
	echo "$1" \| awk -F: 'BEGIN {OFS=""; }{addCount = 9 - NF; for(i=1; i<=NF;i++){if(length($i) == 0){ for(j=1;j<=addCount;j++){$i = ($i "0000");} } else { $i = substr(("0000" $i), length($i)+5-4);}}; print}' \| rev \| sed -e "s/./&./g"
	}


	$(reverseIp6 "2001:db8:85a3::8a2e:370:7334")"ip6.arpa."
	#Result: 4.3.3.7.0.7.3.0.e.2.a.8.0.0.0.0.0.0.0.0.3.a.5.8.8.b.d.0.1.0.0.2.ip6.arpa.

	----------------------------------------------------------------------------------------------------
	OWASP Top Ten https://owasp.org/www-project-top-ten/
	The CWE Top 25
	https://www.sans.org/top25-software-errors/
	2022 CWE Top 25 Most Dangerous Software Weaknesses
	https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html
	OSSTMM 3 – The Open Source Security Testing Methodology Manual
	https://www.isecom.org/OSSTMM.3.pdf
	OWASP Web Security Testing Guide
	https://owasp.org/www-project-web-security-testing-guide/

	#!/bin/bash
	#
	# ex: ./zgrab.sh www.contoso.com 443

	echo $1 \| zgrab2 http --retry-https --port $2 \| awk '{first=substr($0,1,1);gsub(/./,"{\"port\":'"$2"',",first);end=substr($0,2);print first end}'