Skip to content

Instantly share code, notes, and snippets.

View aashishrbhandari's full-sized avatar
🎯
Focusing

Ashish R Bhandari aashishrbhandari

🎯
Focusing
1 follower · 7 following
View GitHub Profile
@aashishrbhandari
aashishrbhandari / Web_Category_Data
Created July 20, 2021 09:16
http://www.squidguard.org/blacklists.html
4 List
MESD blacklists
http://squidguard.mesd.k12.or.us/blacklists.tgz
Status: Downloaded
Shalla's Blacklists (new site!)
@aashishrbhandari
aashishrbhandari / Certificate Creation Using OpenSSL
Created June 1, 2021 05:35
- Only Generate Keys
- Note: Important Point to Note here is
- We are aware about Assymetric Cryptography (Public Key Cryptography)
- Certificate uses PKI to Generate Certificates
- Meaning they Have a Public Key & a Private Key
- Public Key is a Part of the Whole Certificate (Kind of a Element of the Certificate)
- Private Key whereas is Store on the Server
- Over here when we generate a Key here the key itself have enough contraints to built the Public Key (i.e in Simple Words: It holds both the Public Key & the Private Key )
@aashishrbhandari
aashishrbhandari / SafeSquid Quick Cheatsheet
Created May 31, 2021 09:16
### SafeSquid Commands CheatSheet ####
# Stop SafeSquid Properly, Since Monit will Start SafeSquid, We therefore have to Stop Monit First
/etc/init.d/monit stop; /etc/init.d/safesquid stop
# Remove All SSL Certificate (Root,Issuer,Server)
rm -rfv /var/db/safesquid/ssl/* /usr/local/safesquid/security/ssl/* /usr/local/safesquid/security/ssl/{identity,subca}
Monit
---------
@aashishrbhandari
aashishrbhandari / Create_CA_Intermediate_Server_Certs
Created May 29, 2021 05:28
##### Sign Process
##### CA -> Intermediate CA -> Server
# Create a Root CA
##############
# Create CA
##############
openssl req \
-subj "/C=IN/ST=Maharashtra/L=Mumbai City/O=Information Security Systems/OU=IT Services/CN=Test Root CA" \
-x509 \
@aashishrbhandari
aashishrbhandari / SafeSquid_Monit
Last active May 31, 2021 06:33
1) Send Email on Config XML Change via Monit (Template)
---------------------------------------------------------
set mailserver smtp.gmail.com port 587
username "temp@temp.com" password "tempPass"
using tls
set mail-format {
from: SafeSquid Config Update <support@safesquid.net>
reply-to: support@safesquid.net>
subject: SafeSquid Config Change Alert @ $DATE
@aashishrbhandari
aashishrbhandari / XSS_Few_Notes
Created May 17, 2021 14:30
When Try to do a XSS
I see that injecting
<script>alert(1)</script>
does not work and i was not able to understand it
so after some research i found the below one
Ref:
https://security.stackexchange.com/questions/199827/injecting-scriptalert1-script-to-owasp-juice-shop-doesnt-work
@aashishrbhandari
aashishrbhandari / Monit_Email_Alert
Created May 3, 2021 10:01
set mailserver smtp.gmail.com port 587
username "---" password "--"
using tls
set mail-format {
from: SafeSquid Config Update <support@safesquid.net>
reply-to: support@safesquid.net>
subject: SafeSquid Config Change Alert @ $DATE
message: SafeSquid Config Has been Changed.
}
@aashishrbhandari
aashishrbhandari / Tech_Terms_8_Oct_2020.txt
Created October 8, 2020 14:16
About FD
----------
From My Understandind: FD is like a Pointer to a Linux File
===============================================================
The u flag simply means that the FD is read-write; w means write-only, r means read-only.
In Simple Words How Kerberos Auth Works:
------------------------------------------
Link: https://apereo.github.io/cas/5.3.x/installation/SPNEGO-Authentication.html
=======
@aashishrbhandari
aashishrbhandari / all_about_tls.txt
Created September 24, 2020 07:38
# All About TLS
@aashishrbhandari
aashishrbhandari / 22-Sep-2020.blog
Last active September 22, 2020 13:11
Security Headers
- Access-Control-Allow-Origin
- This is required to be send by the remote web server
- https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
CORS
- <img src="https://www.google.com/favicon.ico"> -> Does not Fall in CORS Policy [meaning for this image it is not required to ]