Skip to content

Instantly share code, notes, and snippets.

View arainho's full-sized avatar

André Rainho arainho

135 followers · 22 following
View GitHub Profile
@arainho
arainho / pihole_on_vps.sh
Last active January 18, 2023 19:40
pi-hole on vps
#!/usr/bin/env bash
# 🕵️🕵️🕵️ Check
# 1. read https://docs.pi-hole.net/ftldns/interfaces/
# 2. go to www.virustotal.com and check 'https://install.pi-hole.net'
# port 22 is open everywhere
# port 53 is open only for the value of 'YOUR_HOME_EXTERNAL_IP'
### ✏️✏️✏️ fill out
@arainho
arainho / rpi4_share_internet.sh
Created May 18, 2022 07:32
Share Raspberry LAN internet with usbarmory
#!/bin/bash
WAN_IFACE="eth0"
USB_IFACE="usb0"
# apply config's
ip addr del 169.254.177.31/16 dev usb0
ip addr add 10.0.0.2/255.255.255.0 broadcast 10.0.0.255 dev usb0
sysctl net.ipv4.ip_forward=1
@arainho
arainho / install_vault.sh
Last active June 24, 2020 09:11
Script to install Vault
#!/usr/bin/env bash
export VERSION=1.4.2
wget https://releases.hashicorp.com/vault/${VERSION}/vault_${VERSION}_linux_amd64.zip
# unzip the package and remove the zip file:
unzip vault_${VERSION}_linux_amd64.zip && rm vault_${VERSION}_linux_amd64.zip
# vault runs as a single binary named vault, other files in the package can be safely removed
ls -al | grep vault
@arainho
arainho / archlinux_hardening.sh
Last active December 27, 2023 12:22
ArchLinux - Hardening
# https://wiki.archlinux.org/index.php/Firejail
# https://linux-audit.com/audit-and-harden-your-ssh-configuration/
sudo firecfg
mkdir -p /etc/pacman.d/hooks/
sudo bash -c 'cat > /etc/pacman.d/hooks/firejail.hook' << EOF
[Trigger]
Type = Path
Operation = Install
Operation = Upgrade
@arainho
arainho / archlinux_unbound.sh
Last active April 15, 2020 16:41
Unbound setup on ArchLinux
# Unbound is a validating, recursive, and caching DNS resolver.
https://wiki.archlinux.org/index.php/Unbound
# install unbound, expat
sudo pacman -Syy --noconfirm unbound expat ldns bind-tools
# setup etckeeper
sudo pacman -Syy --noconfirm etckeeper
git config --global user.email "me@armory"
git config --global user.name "Me Myself and I"
@arainho
arainho / void_interlock.sh
Last active February 19, 2021 16:57
Setup interlock on 'Void Linux'
#!/usb/bin/env bash
# Setup interlock on USB armory (armv7) for 'Void Linux' or 'ArchLinux.'
# INTERLOCK - file encryption front end
#luks partition start
PARTITION_START="6820MB"
#use this tag for signal support
INTERLOCK_REPO_TAG="v2019.01.30"
@arainho
arainho / macoc_fortress_debug.sh
Last active March 28, 2020 00:50
macOS-Fortress debug script
#!/usr/bin/env bash
echo ''
echo -n "blackhole ... "
export http_proxy=""
if curl -s --head http://localhost:8119/ | head -n1 | grep -E "(200 OK)" --color > /dev/null > /dev/null
then
echo "http://localhost:8119 [✅]"
else
echo "[❌]"
@arainho
arainho / pwnagotchi_install.sh
Last active March 28, 2024 18:08
install pwnagotchi on rpi4
#!/usr/bin/env bash
# install pwnagotchi on rpi4
WIFI_DEV="wlan1"
AUTO_MODE=true
DEBUG=false
PWN_GRID=false
PWN_GRID_REPORT=false
HOME_NETWORK="YourHomeNetworkMaybe"
@arainho
arainho / pihole_recursive_dns.sh
Last active January 23, 2023 16:44
Pi-hole as All-Around DNS Solution - raspbian little
#!/usr/bin/env bash
## Setting up Pi-hole as a recursive DNS server solution¶
## https://docs.pi-hole.net/guides/unbound/
## 1. The first thing you need to do is to install the recursive DNS resolver:
sudo apt update
sudo apt -y install unbound
## 2. Important: Download the current root hints file
@arainho
arainho / setup-interlock.sh
Last active March 24, 2020 00:51
Setup interlock on usbarmory debian image
#!/usb/bin/env bash
# Setup interlock on 'usbarmory-debian-base_image'
# INTERLOCK - file encryption front end
INTERLOCK_REPO_TAG="v2019.01.30" # use this tag for signal support
# add andrea (inversepath) gpg key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 73C9E98B25B61D15
wget http://keys.inversepath.com/gpg-andrea.asc -O gpg-andrea.asc