Last active
October 20, 2020 11:12
-
-
Save sn4k3-meyer/669bf9308506316f6a3f594415482615 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| aqua=$(tput setaf 14); | |
| PS3='Please enter your choice: ' | |
| options=(${aqua}"aws-keys" "base64" "cors" "debug-pages" "firebase" "fw" "go-functions" "http-auth" "ip" "json-sec" "meg-headers" "php-curl" "php-errors" "php-serialized" "php-sinks" "php-sources" "s3-buckets" "sec" "servers" "strings" "takeovers" "upload-fields" "urls" "Clickjacking" "quit") | |
| select opt in "${options[@]}" | |
| do | |
| case $opt in | |
| "aws-keys") | |
| grep --color=auto -HanrE "([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}" | |
| ;; | |
| "base64") | |
| grep --color=auto -HnroE "([^A-Za-z0-9+/]|^)(eyJ|YTo|Tzo|PD[89]|aHR0cHM6L|aHR0cDo|rO0)[%a-zA-Z0-9+/]+={0,2}" * | |
| ;; | |
| "cors") | |
| grep --color=auto -HnriE "Access-Control-Allow" * | |
| ;; | |
| "debug-pages") | |
| grep --color=auto -HnraiE '(Application-Trace|Routing Error|DEBUG\"? ?[=:] ?True|Caused by:|stack trace:|Microsoft .NET Framework|Traceback|[0-9]:in `|#!/us|WebApplicationException|java\\.lang\\.|phpinfo|swaggerUi|on line [0-9]|SQLSTATE)' | |
| ;; | |
| "firebase") | |
| grep --color=auto -Hnri 'firebaseio.com' | |
| ;; | |
| "fw") | |
| grep --color=auto -HnriE ["django","laravel","symfony","graphite","grafana","X-Drupal-Cache","struts","code?igniter","cake?php","grails","elastic?search","kibana","log?stash","tomcat","jenkins","hudson","com.atlassian.jira","Apache Subversion","Chef Server","RabbitMQ Management","Mongo","Travis CI - Enterprise","BMC Remedy","artifactory"] | |
| ;; | |
| "go-functions") | |
| grep --color=auto -HnriE "func [a-z0-9_]+\\(" | |
| ;; | |
| "http-auth") | |
| grep --color=auto -hrioaE "[a-z0-9_/\\.:-]+@[a-z0-9-]+\\.[a-z0-9.-]+" | |
| ;; | |
| "ip") | |
| grep --color=auto -HnroE "([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" | |
| ;; | |
| "json-sec") | |
| grep --color=auto -harioE "(\\\\?\"|"|%22)[a-z0-9_-]*(api[_-]?key|S3|aws_|secret|passw|auth)[a-z0-9_-]*(\\\\?\"|"|%22): ?(\\\\?\"|"|%22)[^\"&]+(\\\\?\"|"|%22)" | |
| ;; | |
| "meg-headers") | |
| grep --color=auto -hroiE "^\u003c [a-z0-9_\\-]+: .*" | |
| ;; | |
| "php-curl") | |
| grep --color=auto -HnrE "CURLOPT_(HTTPHEADER|HEADER|COOKIE|RANGE|REFERER|USERAGENT|PROXYHEADER)" | |
| ;; | |
| "php-errors") | |
| grep --color=auto -HnriE '(["php warning","php error","fatal error","uncaught exception","include_path","undefined index","undefined variable","\\?php", "<\\?[^x]","stack trace\\:","expects parameter [0-9]*","Debug Trace"])' | |
| ;; | |
| "php-serialized") | |
| grep --color=auto -HnrE ["a:[0-9]+:{","O:[0-9]+:\"","s:[0-9]+:\""] | |
| ;; | |
| "php-sinks") | |
| grep --color=auto -HnriE "[^a-z0-9_](system|exec|popen|pcntl_exec|eval|create_function|unserialize|file_exists|md5_file|filemtime|filesize|assert) ?\\(" | |
| ;; | |
| "php-sources") | |
| grep --color=auto -HnrE ["\\$_(POST|GET|COOKIE|REQUEST|SERVER|FILES)","php://(input|stdin)"] | |
| ;; | |
| "s3-buckets") | |
| grep --color=auto -hrioaE ["[a-z0-9.-]+\\.s3\\.amazonaws\\.com","[a-z0-9.-]+\\.s3-[a-z0-9-]\\.amazonaws\\.com","[a-z0-9.-]+\\.s3-website[.-](eu|ap|us|ca|sa|cn)","//s3\\.amazonaws\\.com/[a-z0-9._-]+","//s3-[a-z0-9-]+\\.amazonaws\\.com/[a-z0-9._-]+"] | |
| ;; | |
| "sec") | |
| grep --color=auto -HanriE "(aws_access|aws_secret|api[_-]?key|ListBucketResult|S3_ACCESS_KEY|Authorization:|RSA PRIVATE|Index of|aws_|secret|ssh-rsa AA)" | |
| ;; | |
| "servers") | |
| grep --color=auto -hri "server: " | |
| ;; | |
| "strings") | |
| grep --color=auto -hroiaE -e "\"[^\"]+\"" -e "'[^']+'" | |
| ;; | |
| "takeovers") | |
| grep --color=auto -HnriE '(["There is no app configured at that hostname", "NoSuchBucket", "No Such Account", "You re Almost There", "a GitHub Pages site here", "There s nothing here", "project not found", "Your CNAME settings", "InvalidBucketName", "PermanentRedirect", "The specified bucket does not exist", "Repository not found", "Sorry, We Couldn t Find That Page", "The feed has not been found.", "The thing you were looking for is no longer here, or never was", "Please renew your subscription", "There isn t a Github Pages site here.", "We could not find what you re looking for.", "No settings were found for this company:", "No such app", "is not a registered InCloud YouTrack", "Unrecognized domain", "project not found", "This UserVoice subdomain is currently available!", "Do you want to register", "Help Center Closed"])' | |
| ;; | |
| "upload-fields") | |
| grep --color=auto -HnriE "\u003cinput[^\u003e]+type=[\"']?file[\"']?" | |
| ;; | |
| "urls") | |
| grep --color=auto -oriahE "https?://[^\"\\'> ]+" | |
| ;; | |
| "Clickjacking") | |
| grep --color=auto -HnriE "frame-ancestors" | |
| ;; | |
| "quit") | |
| break | |
| ;; | |
| *) echo "Invalid option $REPLY";; | |
| esac | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment