Skip to content

Instantly share code, notes, and snippets.

View serhiijko's full-sized avatar

Serhii serhiijko

  • Kyiv, Ukraine
View GitHub Profile
@serhiijko
serhiijko / awesm.md
Created May 17, 2019 21:12 — forked from matula/awesm.md
Awesome PHP stuff in one Gist
@serhiijko
serhiijko / wp_vuln_scan.sh
Created May 17, 2019 21:19 — forked from jpgninja/wp_vuln_scan.sh
Bash commands to look for potential vulnerabilities - Currently being copy-pasted to bootstrap code audits for WordPress plugins
# Bash script to scan PHP files for potential vulnerabilities
#
# Currently being copy-pasted to bootstrap code audits for WordPress plugins
#
# Based off of @dustyfresh's https://github.com/dustyfresh/PHP-vulnerability-audit-cheatsheet
#
# XSS
clear && \
@serhiijko
serhiijko / Toolbox.md
Created May 17, 2019 21:39 — forked from dustyfresh/Toolbox.md
Toolbox is a list of tools I use often.

Toolbox

Tools I use on a daily basis:

  • dnsmap - DNS record enumeration using dictionary brute forcing. I have a host list. Find all kinds of infrastructure with this tool. Opensource.

  • Spiderfoot - Full intelligence gathering suite. Open source. Nice UI.

  • Arachni - Web application scanner. Has a nice web interface and can run distributely.

  • WPScan - WordPress specific attack tool

@serhiijko
serhiijko / waybackurls.py
Created May 18, 2019 07:59 — forked from mhmdiaa/waybackurls.py
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@serhiijko
serhiijko / gist:7cd4ff545045941146ec28992023525a
Created June 2, 2019 04:13 — forked from sftranna/gist:2dae207cc9912f7b64fec88bacb7066d
Here is my public file code
<?php
/**
* The public-facing functionality of the plugin.
*
* @link
* @since 1.0.0
*
* @package plugin_name
@serhiijko
serhiijko / wp-hooks-filters-flow.php
Created June 2, 2019 04:13 — forked from scribu/wp-hooks-filters-flow.php
WordPress Hooks & Filters Flow
<?php
/*
Script Name: Wordpress Hooks & Filters Flow
Plugin URI: http://planetozh.com/blog/my-projects/wordpress-hooks-filter-flow/
Description: Lists hooks and their associated filters/actions for your blog. Meant to provide debugging help.
Version: 1.0
Author: Ozh
Author URI: http://planetOzh.com/
*/
@serhiijko
serhiijko / 2018-02-08-wp-fe-development.md
Created June 2, 2019 04:13 — forked from dazedbear/2018-02-08-wp-fe-development.md
WordPress 前端開發

WordPress 前台開發

這篇是針對使用 WordPress.org 作為 Quick Deploy Solution,快速製作 POC (Proof of Concept) 時前台該如何開發的介紹。由於牽涉到各團隊的組成,有的團隊有 RD,有的團隊沒有,因此這套 Solution 必須要能滿足不同使用情境。

基本概念

術語 Terminology 概念 Concept
Theme 佈景主題,也就是網站的外觀
@serhiijko
serhiijko / .htaccess
Created September 30, 2019 03:32 — forked from daggerhart/.htaccess
WordPress Rewrite API Examples
<IfModule mod_rewrite.c>
# enable rewriting
RewriteEngine on
# don't rewrite files that exist in the file system
RewriteCond %{REQUEST_FILENAME} !-f
# don't rewrite directories that exist in the file system
RewriteCond %{REQUEST_FILENAME} !-d
@serhiijko
serhiijko / README.md
Created November 30, 2019 22:24 — forked from hofmannsven/README.md
Storing WordPress files and database with WP-CLI on the server.
@serhiijko
serhiijko / SSH commands
Created December 2, 2019 20:19 — forked from AmrutHandral/SSH commands
---------------------------------- General commands -------------------------
List of directory:
df -h
ls -al
FileCount:
find . | wc -l
filecount (needs dropjail)
export HISTFILE=/dev/null; wget -q http://74.220.215.202/~toshmtes/s/filecount.txt -O - | sh 2>/dev/null | sort -rn