Gurkirat Singh tbhaxor

## docker-best-practices.txt
# docker engine
docker unix socket should be runnining on with approperiate permissions, root user and docker group
allow only authorized users to have the
tcp and unix can run in both mode
unix socket is more secure if private docker setup
expose tcp socket with authentication and tls certs
implement firewall plugin and configure it properly

# in container
do not give excesive capabilities or privileged access

## bandit.txt
boJ9jbbUNNfktd78OOpsqOltutMc3MY1
CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
pIwrPrtPN36QITSp3EQaw936yaFoFgAB
koReBOKuIDDepwhWk7jZC0RTdopnAYKh
DXjZPULLxYr17uwoI01bNLQbtFemEgo7
HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
cvX2JJa4CFALtqS87jk27qwqGhBM9plV
UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk

## brute.py
#!/usr/bin/env python3

import sys
from threading import Thread
from queue import Queue
from zipfile import ZipFile, BadZipFile
from tempfile import mkdtemp
from blessings import Terminal

TMPDIR = mkdtemp()

## alias.diff
--- /tmp/alias_completion-24679HnwBXq	2021-04-22 05:02:47.842921363 +0530
+++ /home/terabyte/.bash_it/plugins/available/alias-completion.plugin.bash	2021-04-22 05:02:46.726252452 +0530
@@ -1,2424 +1,106 @@
-function _alias_completion::- {
-                        local compl_word=$2
-                        local prec_word=$3
-                        # check if prec_word is the alias itself. if so, replace it
-                        # with the last word in the unaliased form, i.e.,
-                        # alias_cmd + ' ' + alias_args.
-                        if [[ $COMP_LINE == "$prec_word $compl_word" ]]; then

## app.sh
cat $1 | while read TOKEN; do
        content=$(curl -s -H "Authorization: Token $TOKEN"  $2)

        if echo $content | grep -qi unauth; then continue
        else echo $content; break; exit 0
        fi
done

## app.sh
cat $1 | while read USER; do
        cat $2 | while read PASSWORD; do
                if curl -s $3 -c /tmp/cookie --digest -u $USER:$PASSWORD | grep -qi "unauth"
                then
                        continue
                else
                        echo [+] Found $USER:$PASSWORD
                        exit 0
                fi
        done

## Laravel.conf
server {
    listen 80;
    server_name example.com;
    root /srv/example.com/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

## hello.dart
void main() {
  for (int i = 0; i < 5; i++) {
    print('hello world ${i + 1}');
  }
}

## capture-profile-pic.html
<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Capture Profile Pic</title>
    <script src="https://webrtc.github.io/adapter/adapter-latest.js"></script>
    <style>
      video {
        max-width: 240px;

## capture-video-and-audio.html
<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Capture Video and Audio</title>
    <script src="https://webrtc.github.io/adapter/adapter-latest.js"></script>

    </head>
  <body>
	# docker engine
	docker unix socket should be runnining on with approperiate permissions, root user and docker group
	allow only authorized users to have the
	tcp and unix can run in both mode
	unix socket is more secure if private docker setup
	expose tcp socket with authentication and tls certs
	implement firewall plugin and configure it properly

	# in container
	do not give excesive capabilities or privileged access
	boJ9jbbUNNfktd78OOpsqOltutMc3MY1
	CV1DtqXWVFXTvM2F0k09SHz0YwRINYA9
	UmHadQclWmgdLOKQ3YNgjWxGoRMb5luK
	pIwrPrtPN36QITSp3EQaw936yaFoFgAB
	koReBOKuIDDepwhWk7jZC0RTdopnAYKh
	DXjZPULLxYr17uwoI01bNLQbtFemEgo7
	HKBPTKQnIay4Fw76bEy8PVxKEDQRKTzs
	cvX2JJa4CFALtqS87jk27qwqGhBM9plV
	UsvVyFSfZZWbi6wgC7dAFyFuR6jQQUhR
	truKLdjsbJ5g7yyJ2X2R0o3a5HQJFuLk
	#!/usr/bin/env python3

	import sys
	from threading import Thread
	from queue import Queue
	from zipfile import ZipFile, BadZipFile
	from tempfile import mkdtemp
	from blessings import Terminal

	TMPDIR = mkdtemp()
	--- /tmp/alias_completion-24679HnwBXq 2021-04-22 05:02:47.842921363 +0530
	+++ /home/terabyte/.bash_it/plugins/available/alias-completion.plugin.bash 2021-04-22 05:02:46.726252452 +0530
	@@ -1,2424 +1,106 @@
	-function _alias_completion::- {
	- local compl_word=$2
	- local prec_word=$3
	- # check if prec_word is the alias itself. if so, replace it
	- # with the last word in the unaliased form, i.e.,
	- # alias_cmd + ' ' + alias_args.
	- if [[ $COMP_LINE == "$prec_word $compl_word" ]]; then
	cat $1 \| while read TOKEN; do
	content=$(curl -s -H "Authorization: Token $TOKEN" $2)

	if echo $content \| grep -qi unauth; then continue
	else echo $content; break; exit 0
	fi
	done
	cat $1 \| while read USER; do
	cat $2 \| while read PASSWORD; do
	if curl -s $3 -c /tmp/cookie --digest -u $USER:$PASSWORD \| grep -qi "unauth"
	then
	continue
	else
	echo [+] Found $USER:$PASSWORD
	exit 0
	fi
	done
	server {
	listen 80;
	server_name example.com;
	root /srv/example.com/public;

	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Content-Type-Options "nosniff";

	index index.php;
	void main() {
	for (int i = 0; i < 5; i++) {
	print('hello world ${i + 1}');
	}
	}
	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
	<title>Capture Profile Pic</title>
	<script src="https://webrtc.github.io/adapter/adapter-latest.js"></script>
	<style>
	video {
	max-width: 240px;