Skip to content

Instantly share code, notes, and snippets.

View gadoi's full-sized avatar

gadoi gadoi

34 followers · 78 following
  • home
View GitHub Profile
@dstf
dstf / gist:2c3310e2095da096de31e05eacaa032a
Created December 3, 2020 16:20
Secure your server debian / wordpress
Creating strong passwords i would recommend using a browser extensions as password generator.
-Configuring Auto-Update:
apt install unattended-upgrades
systemctl enable unattended-upgrades
systemctl status unattended-upgrades
nano /etc/apt/apt.conf.d/50unattended-upgrades
@nginx-gists
nginx-gists / ubuntu_install.sh
Last active May 30, 2024 01:38
Automating Installation of WordPress with NGINX Unit on Ubuntu
#!/usr/bin/env bash
if [ "$EUID" -ne 0 ];then
>&2 echo "This script requires root level access to run"
exit 1
fi
if [ -z "${WORDPRESS_DB_PASSWORD}" ]; then
>&2 echo "WORDPRESS_DB_PASSWORD must be set"
>&2 echo "Here is a random one that you can paste:"
@artizirk
artizirk / debug.md
Last active April 19, 2024 18:05
Debug WireGuard Linux kernel module
@amanjuman
amanjuman / Pihole Nginx Config
Last active March 26, 2024 21:41
Pihole Nginx Config
curl -sSL https://install.pi-hole.net | bash
sudo apt-get -y install software-properties-common python3-certbot-nginx nginx php7.2-fpm php7.2-cgi php7.2-xml php7.2-sqlite3 php7.2-intl apache2-utils
sudo certbot --nginx --agree-tos --register-unsafely-without-email --no-redirect -d subdomain.example.com
htpasswd -c /etc/nginx/.htpasswd user
chown -R www-data:www-data /var/www/html
usermod -aG pihole www-data
chmod -R 755 /var/www/html
server
{
@talyguryn
talyguryn / wildcard-ssl-certificate.md
Last active October 29, 2023 08:57
How to get a wildcard ssl certificate and set up Nginx.

How to get and install a wildcard SSL certificate

In this guide you can find how to resolve the following issues.

Feel free to ask any questions in the comments section below.

@dvdknaap
dvdknaap / kali.md
Last active October 15, 2022 09:47
RootTricks

install all tools

  • apt install kali-linux-all

.git folder downloader

  • git clone https://github.com/internetwache/GitTools.git

Check ports with nmap

  • nmap -sC -sV -oA initial 10.10.10.78
  • nmap -sV -sC -oA nmap-tcp 10.10.10.84
  • nmap -T4 -A -v -p 0-10000 10.10.10.8
@HarmJ0y
HarmJ0y / PowerView-3.0-tricks.ps1
Last active May 30, 2024 18:21
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@cecilemuller
cecilemuller / letsencrypt_2020.md
Last active April 15, 2024 02:19
How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SSL rating)

How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SLL rating)

Virtual hosts

Let's say you want to host domains first.com and second.com.

Create folders for their files:

@ambroisemaupate
ambroisemaupate / security.conf
Last active May 23, 2024 05:32
Nginx CSP example
# config to don't allow the browser to render the page inside an frame or iframe
# and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
# if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
# https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
add_header X-Frame-Options SAMEORIGIN;
# when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
# to disable content-type sniffing on some browsers.
# https://www.owasp.org/index.php/List_of_useful_HTTP_headers
# currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx