Skip to content

Instantly share code, notes, and snippets.

View serhiijko's full-sized avatar

Serhii serhiijko

  • Kyiv, Ukraine
View GitHub Profile
@serhiijko
serhiijko / gist:7cd4ff545045941146ec28992023525a
Created June 2, 2019 04:13 — forked from sftranna/gist:2dae207cc9912f7b64fec88bacb7066d
Here is my public file code
<?php
/**
* The public-facing functionality of the plugin.
*
* @link
* @since 1.0.0
*
* @package plugin_name
@serhiijko
serhiijko / waybackurls.py
Created May 18, 2019 07:59 — forked from mhmdiaa/waybackurls.py
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@serhiijko
serhiijko / Toolbox.md
Created May 17, 2019 21:39 — forked from dustyfresh/Toolbox.md
Toolbox is a list of tools I use often.

Toolbox

Tools I use on a daily basis:

  • dnsmap - DNS record enumeration using dictionary brute forcing. I have a host list. Find all kinds of infrastructure with this tool. Opensource.

  • Spiderfoot - Full intelligence gathering suite. Open source. Nice UI.

  • Arachni - Web application scanner. Has a nice web interface and can run distributely.

  • WPScan - WordPress specific attack tool

@serhiijko
serhiijko / wp_vuln_scan.sh
Created May 17, 2019 21:19 — forked from jpgninja/wp_vuln_scan.sh
Bash commands to look for potential vulnerabilities - Currently being copy-pasted to bootstrap code audits for WordPress plugins
# Bash script to scan PHP files for potential vulnerabilities
#
# Currently being copy-pasted to bootstrap code audits for WordPress plugins
#
# Based off of @dustyfresh's https://github.com/dustyfresh/PHP-vulnerability-audit-cheatsheet
#
# XSS
clear && \
@serhiijko
serhiijko / awesm.md
Created May 17, 2019 21:12 — forked from matula/awesm.md
Awesome PHP stuff in one Gist
@serhiijko
serhiijko / letsencrypt_2019.md
Created May 17, 2019 21:12 — forked from cecilemuller/letsencrypt_2020.md
How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SSL rating)

How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SLL rating)

Virtual hosts

Let's say you want to host domains first.com and second.com.

Create folders for their files:

@serhiijko
serhiijko / functions.php
Created May 16, 2019 23:07 — forked from jaredatch/functions.php
WordPress Search Autocomplete using admin-ajax.php
<?php
/**
* Enqueue scripts and styles.
*
* @since 1.0.0
*/
function ja_global_enqueues() {
wp_enqueue_style(
'jquery-auto-complete',
@serhiijko
serhiijko / .htaccess
Created January 5, 2019 11:26 — forked from ScottPhillips/.htaccess
Common .htaccess Redirects
#301 Redirects for .htaccess
#Redirect a single page:
Redirect 301 /pagename.php http://www.domain.com/pagename.html
#Redirect an entire site:
Redirect 301 / http://www.domain.com/
#Redirect an entire site to a sub folder
Redirect 301 / http://www.domain.com/subfolder/
@serhiijko
serhiijko / wget-snapshotpage.md
Created December 28, 2018 15:38 — forked from dannguyen/wget-snapshotpage.md
Use wget to snapshot a page and its necessary visual dependencies

Use wget to mirror a single page and its visible dependencies (images, styles)

Money graphic via State of Florida CFO Vendor Payment Search

Graphic via State of Florida CFO Vendor Payment Search (flair.myfloridacfo.com)

This is a quick command I use to snapshot webpages that have a fun image I want to keep for my own collection of WTFViz. Why not just right-click and save the image? Oftentimes, the webpage in which the image is embedded contains necessary context, such as captions and links to important documentation just incase you forget what exactly that fun graphic was trying to explain.

@serhiijko
serhiijko / remember-passphrase.sh
Created November 3, 2018 20:21 — forked from khoatran/remember-passphrase.sh
Remember passphrase of your ssh key
ssh-add ~/.ssh/id_rsa &>/dev/null