Skip to content

Instantly share code, notes, and snippets.

View skydiator's full-sized avatar

Stephen W. skydiator

4 followers · 0 following
View GitHub Profile
@skydiator
skydiator / bash_strict_mode.md
Created September 29, 2021 00:10 — forked from mohanpedala/bash_strict_mode.md
set -e, -u, -o, -x pipefail explanation

set -e, -u, -x, -o pipefail

The set lines

  • These lines deliberately cause your script to fail. Wait, what? Believe me, this is a good thing.
  • With these settings, certain common errors will cause the script to immediately fail, explicitly and loudly. Otherwise, you can get hidden bugs that are discovered only when they blow up in production.
  • set -euxo pipefail is short for:
set -e
set -u
@skydiator
skydiator / cas-auth.js
Created June 8, 2021 17:23 — forked from tfcporciuncula/cas-auth.js
CAS authentication script for OWASP Zed Attack Proxy (ZAP or ZAProxy)
/*
* This script is intended to handle CAS (http://jasig.github.io/cas) authentication via ZAP.
*
* When working with CAS, a single POST request with the credentials is not enough to trigger the authentication.
* When we GET the login page, some input values used by CAS are generated (the login ticket and some Spring Web
* Flow related parameters), and they must be included in the POST request for the authentication to work. So
* this script basically sends a GET to the login page, parses its response looking for the values generated by
* CAS, and sends a POST request with these values and the credentials.
*
* This is enough to trigger the authentication, but it's not enough to enable a successfull authenticated scan