Skip to content

Instantly share code, notes, and snippets.

View reaandrew's full-sized avatar

Andrew Rea reaandrew

31 followers · 17 following
View GitHub Profile
@reaandrew
reaandrew / zoomable-starburst.html
Last active December 31, 2023 05:43
Zoomable Starburst with count in label
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
<style>
#chart{
width: 100%;
height: 600px;
}
@reaandrew
reaandrew / nginx-downloads.txt
Last active May 5, 2022 11:34
nginx-downloads
curl -LO https://github.com/PCRE2Project/pcre2/releases/download/pcre2-10.40/pcre2-10.40.tar.gz
curl -LO http://zlib.net/zlib-1.2.12.tar.gz
curl -LO https://www.openssl.org/source/openssl-3.0.3.tar.gz
curl -LO https://nginx.org/download/nginx-1.21.6.tar.gz
@reaandrew
reaandrew / chmod-x-chmod.md
Last active October 5, 2021 18:27
chmod -x /usr/bin/chmod

I was asked this question years ago (and didnt know the answer then) and just recently I found a question and answer on Stackoverflow which basically solved this using python so I thought it would be fun to draw it out a little further.

Once you have executed chmod -x /usr/bin/chmod (or in other words you have removed executable permissions from a common tool that is used to change the permissions of files including execution) you will no longer be able to use it to make things executable including chmod.

The general answer to this question is that you need to flip the correct permission bits in order to make it executable again. chmod itself is a tool which uses underlying system calls to achieve its goal. You can also do that with other languages very easily.

NOTE I am using the stat command to output the file access rights in both octal (%a) and human readable (%A) format.

command output
@reaandrew
reaandrew / info.md
Last active December 11, 2019 10:43
Info Gathering Tools

The Harvester

https://github.com/laramies/theHarvester

theHarvester -d test.com -b baidu,bing,bingapi,censys,crtsh,dnsdumpster,dogpile,duckduckgo,github-code,google,hunter,intelx,linkedin,linkedin_links,netcraft,otx,securityTrails,threatcrowd,trello,twitter,vhost,virustotal,yahoo -f results.html -c

Sublistr

@reaandrew
reaandrew / git-commands.sh
Last active October 8, 2019 12:23
Git Commands In One Script
#!/bin/bash
# https://bitbucket.org/BitPusher16/dotfiles/raw/49a01d929dcaebcca68bbb1859b4ac1aea93b073/refs/git/git_examples.sh
##########
# contents
##########
# contents
# notes
@reaandrew
reaandrew / scan_tooling_for_domain.sh
Created September 26, 2019 15:09
scan_tooling_for_domain
#!/usr/bin/env bash
DOMAIN_NAME="$1"
if [[ -z "$DOMAIN_NAME" ]]; then
echo "Must supply domain name"
exit 1
fi
{
TMP_PATH=$(mktemp -d)
@reaandrew
reaandrew / argument_handling.sh
Created September 4, 2019 13:22
Argument Handling
while [ -n "$1" ]; do
case "$1" in
--project-key|-k)
PROJECT_KEY="$2" ;;
--title|-t)
PAGE_TITLE="$2" ;;
--ancestor|-a)
ANCESTOR_ID="{'id':'$2'}" ;;
--id|-i)
ID="'id':'$2',"
@reaandrew
reaandrew / jq.fu.sh
Created August 21, 2019 10:47
JQ Fu
for i in `find ./ -name "*.yml"`; do echo "$i\n" && (yq . $i 2>/dev/null | jq -r '."blue-badge" | keys[] as $k | select(.[$k].url|contains(null))' 2>/dev/null || :) && echo ""; done;
@reaandrew
reaandrew / MAGIC.txt
Created August 7, 2019 15:14
MAGIC
Resolution:
Increased the local port range using below command:
echo 1024 65000 > /proc/sys/net/ipv4/ip_local_port_range
This allows more local ports to be available.
Enable fast recycling TIME_WAIT sockets as below:
$ sudo sysctl -w net.ipv4.tcp_tw_recycle =1
@reaandrew
reaandrew / sec-lists-variable-search.md
Last active May 20, 2019 11:11
Sec List Variable Search 
ag -i "($(curl -s https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Variables/secret-keywords.txt | paste -sd '|'))[\s]?[\:\=]+[\s]?[\"\']?[\w]+[\"\']?[^\,]$"

You could also add --ignore "*test*" to eliminate some false positives but this could be dangerous if you have real creds in test.