Tiago Pedrosa @IPB.PT
RAM 4GB+ CPU 2+ HD 100GB
Tiago Pedrosa pedrosa-t
pedrosa-t
/ Installation of kali 2020.1 on VMware.md
Last active
December 2, 2022 20:22
pedrosa-t
/ Labtainers Install and Update.md
Last active
November 10, 2022 10:52
Tiago Pedrosa @IPB.PT
Labtainers provide controlled and consistent execution environments in which students perform labs entirely within the confines of their computer, regardless of the Linux distribution and packages installed on the student's computer or VM. The only requirement is that the Linux system supports Docker.[1]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Copyright 2015 Brent Longborough | |
| # Part of gitinfo2 package Version 2 | |
| # Release 2.0.7 2015-11-22 | |
| # Please read gitinfo2.pdf for licencing and other details | |
| # ----------------------------------------------------- | |
| # Post-{commit,checkout,merge} hook for the gitinfo2 package | |
| # | |
| # Get the first tag found in the history from the current HEAD | |
| FIRSTTAG=$(git describe --tags --always --dirty='-*' 2>/dev/null) |
pedrosa-t
/ gist:73ac06a93f5ea5f8802c26fe68b67b1f
Created
April 6, 2020 11:42
— forked from CristinaSolana/gist:1885435
Keeping a fork up to date
pedrosa-t
/ github_bugbountyhunting.md
Created
August 18, 2017 13:16
— forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
pedrosa-t
/ five_minutes.yml
Last active
August 29, 2015 14:23
— forked from ryane/five_minutes.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: all | |
| vars: | |
| UBUNTU_COMMON_ROOT_PASSWORD: 'xxxxx' | |
| UBUNTU_COMMON_DEPLOY_PASSWORD: 'xxxxx' | |
| UBUNTU_COMMON_LOGWATCH_EMAIL: user@example.com | |
| ubuntu_common_deploy_user_name: deploy | |
| ubuntu_common_deploy_public_keys: | |
| - ~/.ssh/id_rsa.pub |
pedrosa-t
/ cidr2regex.py
Last active
August 29, 2015 14:21
— forked from waffle2k/cidr2regex.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| ''' Not my script, found on the Internet, and rediscovered on my hard drive | |
| ''' | |
| import sys | |
| def cidr_to_regex(cidr): | |
| ip, prefix = cidr.split('/') | |
| base = 0 | |
| for val in map(int, ip.split('.')): |
I hereby claim:
- I am pedrosa-t on github.
- I am pedrosa (https://keybase.io/pedrosa) on keybase.
- I have a public key whose fingerprint is 721A 4FCF 5729 56D1 A8DD 98B8 00A9 71FC E4FA F4C8
To claim this, I am signing this object: