diff --git a/README.md b/README.md
index db3aac2..060c19e 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@
-****
+---
## :notebook_with_decorative_cover: What is it?
@@ -58,7 +58,7 @@ These below rules may be better:
- easy to contribute to (Markdown + HTML ...)
- easy to find (simple TOC, maybe it's worth extending them?)
-Url marked **\*** is temporary unavailable. Please don't delete it without confirming that it has permanently expired.
+Url marked **\*** is temporarily unavailable. Please don't delete it without confirming that it has permanently expired.
Before adding a pull request, please see the **[contributing guidelines](.github/CONTRIBUTING.md)**. You should also remember about this:
@@ -148,7 +148,7 @@ Only main chapters:
:small_orange_diamond: Midnight Commander - is a visual file manager, licensed under GNU General Public License.
- :small_orange_diamond: ranger - is a VIM-inspired filemanager for the console.
+ :small_orange_diamond: ranger - is a VIM-inspired file manager for the console.
:small_orange_diamond: nnn - is a tiny, lightning fast, feature-packed file manager.
:small_orange_diamond: screen - is a full-screen window manager that multiplexes a physical terminal.
:small_orange_diamond: tmux - is a terminal multiplexer, lets you switch easily between several programs in one terminal.
@@ -1239,7 +1239,7 @@ CyberTalks - talks, interviews, and article about cybersecurity.
:small_orange_diamond: sqlmap - tool that automates the process of detecting and exploiting SQL injection flaws.
:small_orange_diamond: Recon-ng - is a full-featured Web Reconnaissance framework written in Python.
:small_orange_diamond: AutoRecon - is a network reconnaissance tool which performs automated enumeration of services.
- :small_orange_diamond: Faraday - an Integrated Multiuser Pentest Environment.
+ :small_orange_diamond: Faraday - an Integrated Multi User Pentest Environment.
:small_orange_diamond: Photon - incredibly fast crawler designed for OSINT.
:small_orange_diamond: XSStrike - most advanced XSS detection suite.
:small_orange_diamond: Sn1per - automated pentest framework for offensive security experts.
@@ -1323,7 +1323,7 @@ CyberTalks - talks, interviews, and article about cybersecurity.
:small_orange_diamond: OWASP ProActive Controls - OWASP Top 10 Proactive Controls 2018.
:small_orange_diamond: PENTESTING-BIBLE - hacking & penetration testing & red team & cyber security resources.
:small_orange_diamond: pentest-wiki - is a free online security knowledge library for pentesters/researchers.
- :small_orange_diamond: DEF CON Media Server - great stuff from DEFCON.
+ :small_orange_diamond: DEFCON Media Server - great stuff from DEFCON.
:small_orange_diamond: Awesome Malware Analysis - a curated list of awesome malware analysis tools and resources.
:small_orange_diamond: SQL Injection Cheat Sheet - detailed technical stuff about the many different variants of the SQL Injection.
:small_orange_diamond: Entersoft Knowledge Base - great and detailed reference about vulnerabilities.
@@ -1396,7 +1396,7 @@ CyberTalks - talks, interviews, and article about cybersecurity.
:small_orange_diamond: django-DefectDojo - is an open-source application vulnerability correlation and security orchestration tool.
:small_orange_diamond: Google Gruyere - web application exploits and defenses.
:small_orange_diamond: Bodhi - is a playground focused on learning the exploitation of client-side web vulnerabilities.
- :small_orange_diamond: Websploit - single vm lab with the purpose of combining several vulnerable appliations in one environment.
+ :small_orange_diamond: Websploit - single vm lab with the purpose of combining several vulnerable applications in one environment.
:small_orange_diamond: vulhub - pre-built Vulnerable Environments based on docker-compose.
:small_orange_diamond: CloudGoat 2 - the new & improved "Vulnerable by Design"
AWS deployment tool.
@@ -1544,49 +1544,49 @@ AWS deployment tool.
###### DNS Servers list (privacy)
-| IP | URL |
-| :--- | :--- |
-| **`84.200.69.80`** | [dns.watch](https://dns.watch/) |
-| **`94.247.43.254`** | [opennic.org](https://www.opennic.org/) |
-| **`64.6.64.6`** | [verisign.com](https://www.verisign.com/en_US/security-services/public-dns/index.xhtml) |
-| **`89.233.43.71`** | [censurfridns.dk](https://blog.uncensoreddns.org/) |
-| **`1.1.1.1`** | [cloudflare.com](https://1.1.1.1/) |
-| **`94.130.110.185`** | [dnsprivacy.at](https://dnsprivacy.at/) |
+| IP | URL |
+| :------------------- | :-------------------------------------------------------------------------------------- |
+| **`84.200.69.80`** | [dns.watch](https://dns.watch/) |
+| **`94.247.43.254`** | [opennic.org](https://www.opennic.org/) |
+| **`64.6.64.6`** | [verisign.com](https://www.verisign.com/en_US/security-services/public-dns/index.xhtml) |
+| **`89.233.43.71`** | [censurfridns.dk](https://blog.uncensoreddns.org/) |
+| **`1.1.1.1`** | [cloudflare.com](https://1.1.1.1/) |
+| **`94.130.110.185`** | [dnsprivacy.at](https://dnsprivacy.at/) |
###### TOP Browser extensions
-| Extension name | Description |
-| :--- | :--- |
-| **`IPvFoo`** | Display the server IP address and HTTPS information across all page elements. |
-| **`FoxyProxy`** | Simplifies configuring browsers to access proxy-servers. |
-| **`HTTPS Everywhere`** | Automatically use HTTPS security on many sites. |
-| **`uMatrix`** | Point & click to forbid/allow any class of requests made by your browser. |
-| **`uBlock Origin`** | An efficient blocker: easy on memory and CPU footprint. |
-| **`Session Buddy`** | Manage browser tabs and bookmarks with ease. |
-| **`SuperSorter`** | Sort bookmarks recursively, delete duplicates, merge folders, and more. |
-| **`Clear Cache`** | Clear your cache and browsing data. |
-| **`d3coder`** | Encoding/Decoding plugin for various types of encoding. |
-| **`Web Developer`** | Adds a toolbar button with various web developer tools. |
-| **`ThreatPinch Lookup`** | Add threat intelligence hover tool tips. |
+| Extension name | Description |
+| :--------------------------- | :---------------------------------------------------------------------------- |
+| **`IPvFoo`** | Display the server IP address and HTTPS information across all page elements. |
+| **`FoxyProxy`** | Simplifies configuring browsers to access proxy-servers. |
+| **`HTTPS Everywhere`** | Automatically use HTTPS security on many sites. |
+| **`uMatrix`** | Point & click to forbid/allow any class of requests made by your browser. |
+| **`uBlock Origin`** | An efficient blocker: easy on memory and CPU footprint. |
+| **`Session Buddy`** | Manage browser tabs and bookmarks with ease. |
+| **`SuperSorter`** | Sort bookmarks recursively, delete duplicates, merge folders, and more. |
+| **`Clear Cache`** | Clear your cache and browsing data. |
+| **`d3coder`** | Encoding/Decoding plugin for various types of encoding. |
+| **`Web Developer`** | Adds a toolbar button with various web developer tools. |
+| **`ThreatPinch Lookup`** | Add threat intelligence hover tooltips. |
###### TOP Burp extensions
-| Extension name | Description |
-| :--- | :--- |
-| **`Active Scan++`** | Extends Burp's active and passive scanning capabilities. |
-| **`Autorize`** | Automatically detects authorization enforcement. |
-| **`AuthMatrix`** | A simple matrix grid to define the desired levels of access privilege. |
-| **`Logger++`** | Logs requests and responses for all Burp tools in a sortable table. |
-| **`Bypass WAF`** | Adds headers useful for bypassing some WAF devices. |
-| **`JSON Beautifier`** | Beautifies JSON content in the HTTP message viewer. |
-| **`JSON Web Tokens`** | Enables Burp to decode and manipulate JSON web tokens. |
-| **`CSP Auditor`** | Displays CSP headers for responses, and passively reports CSP weaknesses. |
-| **`CSP-Bypass`** | Passively scans for CSP headers that contain known bypasses. |
-| **`Hackvertor`** | Converts data using a tag-based configuration to apply various encoding. |
-| **`HTML5 Auditor`** | Scans for usage of risky HTML5 features. |
-| **`Software Vulnerability Scanner`** | Vulnerability scanner based on vulners.com audit API. |
-| **`Turbo Intruder`** | Is a powerful bruteforcing tool. |
-| **`Upload Scanner`** | Upload a number of different file types, laced with different forms of payload. |
+| Extension name | Description |
+| :----------------------------------- | :------------------------------------------------------------------------------ |
+| **`Active Scan++`** | Extends Burp's active and passive scanning capabilities. |
+| **`Autorize`** | Automatically detects authorization enforcement. |
+| **`AuthMatrix`** | A simple matrix grid to define the desired levels of access privilege. |
+| **`Logger++`** | Logs requests and responses for all Burp tools in a sortable table. |
+| **`Bypass WAF`** | Adds headers useful for bypassing some WAF devices. |
+| **`JSON Beautifier`** | Beautifies JSON content in the HTTP message viewer. |
+| **`JSON Web Tokens`** | Enables Burp to decode and manipulate JSON web tokens. |
+| **`CSP Auditor`** | Displays CSP headers for responses, and passively reports CSP weaknesses. |
+| **`CSP-Bypass`** | Passively scans for CSP headers that contain known bypasses. |
+| **`Hackvertor`** | Converts data using a tag-based configuration to apply various encoding. |
+| **`HTML5 Auditor`** | Scans for usage of risky HTML5 features. |
+| **`Software Vulnerability Scanner`** | Vulnerability scanner based on vulners.com audit API. |
+| **`Turbo Intruder`** | Is a powerful bruteforcing tool. |
+| **`Upload Scanner`** | Upload a number of different file types, laced with different forms of payload. |
###### Hack Mozilla Firefox address bar
@@ -1626,7 +1626,7 @@ http://192.168.257 → 192.168.1.1
http://192.168.516 → 192.168.2.4
```
- > This bypasses WAF filters for SSRF, open-redirect, etc where any IP as input gets blacklisted.
+> This bypasses WAF filters for SSRF, open-redirect, etc where any IP as input gets blacklisted.
For more information please see [How to Obscure Any URL](http://www.pc-help.org/obscure.htm) and [Magic IP Address Shortcuts](https://stuff-things.net/2014/09/25/magic-ip-address-shortcuts/).
@@ -1658,60 +1658,60 @@ text :arrow_left: encoded
##### Table of Contents
- * [terminal](#tool-terminal)
- * [busybox](#tool-busybox)
- * [mount](#tool-mount)
- * [fuser](#tool-fuser)
- * [lsof](#tool-lsof)
- * [ps](#tool-ps)
- * [top](#tool-top)
- * [vmstat](#tool-vmstat)
- * [iostat](#tool-iostat)
- * [strace](#tool-strace)
- * [kill](#tool-kill)
- * [find](#tool-find)
- * [diff](#tool-diff)
- * [vimdiff](#tool-vimdiff)
- * [tail](#tool-tail)
- * [cpulimit](#tool-cpulimit)
- * [pwdx](#tool-pwdx)
- * [tr](#tool-tr)
- * [chmod](#tool-chmod)
- * [who](#tool-who)
- * [last](#tool-last)
- * [screen](#tool-screen)
- * [script](#tool-script)
- * [du](#tool-du)
- * [inotifywait](#tool-inotifywait)
- * [openssl](#tool-openssl)
- * [secure-delete](#tool-secure-delete)
- * [dd](#tool-dd)
- * [gpg](#tool-gpg)
- * [system-other](#tool-system-other)
- * [curl](#tool-curl)
- * [httpie](#tool-httpie)
- * [ssh](#tool-ssh)
- * [linux-dev](#tool-linux-dev)
- * [tcpdump](#tool-tcpdump)
- * [tcpick](#tool-tcpick)
- * [ngrep](#tool-ngrep)
- * [hping3](#tool-hping3)
- * [nmap](#tool-nmap)
- * [netcat](#tool-netcat)
- * [socat](#tool-socat)
- * [p0f](#tool-p0f)
- * [gnutls-cli](#tool-gnutls-cli)
- * [netstat](#tool-netstat)
- * [rsync](#tool-rsync)
- * [host](#tool-host)
- * [dig](#tool-dig)
- * [certbot](#tool-certbot)
- * [network-other](#tool-network-other)
- * [git](#tool-git)
- * [awk](#tool-awk)
- * [sed](#tool-sed)
- * [grep](#tool-grep)
- * [perl](#tool-perl)
+- [terminal](#tool-terminal)
+- [busybox](#tool-busybox)
+- [mount](#tool-mount)
+- [fuser](#tool-fuser)
+- [lsof](#tool-lsof)
+- [ps](#tool-ps)
+- [top](#tool-top)
+- [vmstat](#tool-vmstat)
+- [iostat](#tool-iostat)
+- [strace](#tool-strace)
+- [kill](#tool-kill)
+- [find](#tool-find)
+- [diff](#tool-diff)
+- [vimdiff](#tool-vimdiff)
+- [tail](#tool-tail)
+- [cpulimit](#tool-cpulimit)
+- [pwdx](#tool-pwdx)
+- [tr](#tool-tr)
+- [chmod](#tool-chmod)
+- [who](#tool-who)
+- [last](#tool-last)
+- [screen](#tool-screen)
+- [script](#tool-script)
+- [du](#tool-du)
+- [inotifywait](#tool-inotifywait)
+- [openssl](#tool-openssl)
+- [secure-delete](#tool-secure-delete)
+- [dd](#tool-dd)
+- [gpg](#tool-gpg)
+- [system-other](#tool-system-other)
+- [curl](#tool-curl)
+- [httpie](#tool-httpie)
+- [ssh](#tool-ssh)
+- [linux-dev](#tool-linux-dev)
+- [tcpdump](#tool-tcpdump)
+- [tcpick](#tool-tcpick)
+- [ngrep](#tool-ngrep)
+- [hping3](#tool-hping3)
+- [nmap](#tool-nmap)
+- [netcat](#tool-netcat)
+- [socat](#tool-socat)
+- [p0f](#tool-p0f)
+- [gnutls-cli](#tool-gnutls-cli)
+- [netstat](#tool-netstat)
+- [rsync](#tool-rsync)
+- [host](#tool-host)
+- [dig](#tool-dig)
+- [certbot](#tool-certbot)
+- [network-other](#tool-network-other)
+- [git](#tool-git)
+- [awk](#tool-awk)
+- [sed](#tool-sed)
+- [grep](#tool-grep)
+- [perl](#tool-perl)
##### Tool: [terminal](https://en.wikipedia.org/wiki/Linux_console)
@@ -1783,7 +1783,7 @@ http.?://.+:.+@.*\
export PROMPT_COMMAND="sterile"
```
- > Look also: [A naive utility to censor credentials in command history](https://github.com/lbonanomi/go/blob/master/revisionist.go).
+> Look also: [A naive utility to censor credentials in command history](https://github.com/lbonanomi/go/blob/master/revisionist.go).
###### Quickly backup a file
@@ -1891,9 +1891,9 @@ unset MAIL; export MAILCHECK=1; export MAILPATH='$FILE_TO_WATCH?$MESSAGE'
busybox httpd -p $PORT -h $HOME [-c httpd.conf]
```
-___
+---
-##### Tool: [mount](https://en.wikipedia.org/wiki/Mount_(Unix))
+##### Tool: [mount]()
###### Mount a temporary ram partition
@@ -1901,8 +1901,8 @@ ___
mount -t tmpfs tmpfs /mnt -o size=64M
```
- * `-t` - filesystem type
- * `-o` - mount options
+- `-t` - filesystem type
+- `-o` - mount options
###### Remount a filesystem as read/write
@@ -1910,9 +1910,9 @@ mount -t tmpfs tmpfs /mnt -o size=64M
mount -o remount,rw /
```
-___
+---
-##### Tool: [fuser](https://en.wikipedia.org/wiki/Fuser_(Unix))
+##### Tool: [fuser]()
###### Show which processes use the files/directories
@@ -1927,7 +1927,7 @@ fuser -v /home/supervisor
fuser -ki filename
```
- * `-i` - interactive option
+- `-i` - interactive option
###### Kills a process that is locking a file with specific signal
@@ -1935,7 +1935,7 @@ fuser -ki filename
fuser -k -HUP filename
```
- * `--list-signals` - list available signal names
+- `--list-signals` - list available signal names
###### Show what PID is listening on specific port
@@ -1949,7 +1949,7 @@ fuser -v 53/udp
fuser -mv /var/www
```
-___
+---
##### Tool: [lsof](https://en.wikipedia.org/wiki/Lsof)
@@ -2015,9 +2015,9 @@ sort -n -u | tail | column -t
lsof -p | grep cwd
```
-___
+---
-##### Tool: [ps](https://en.wikipedia.org/wiki/Ps_(Unix))
+##### Tool: [ps]()
###### Show a 4-way scrollable process tree with full details
@@ -2037,9 +2037,9 @@ ps hax -o user | sort | uniq -c | sort -r
ps -lfC nginx
```
-___
+---
-##### Tool: [find](https://en.wikipedia.org/wiki/Find_(Unix))
+##### Tool: [find]()
###### Find files that have been modified on your system in the past 60 minutes
@@ -2148,9 +2148,9 @@ find . -depth -name '*test*' -execdir bash -c 'mv -v "$1" "${1//foo/bar}"' _ {}
find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -la {} \;
```
-___
+---
-##### Tool: [top](https://en.wikipedia.org/wiki/Top_(software))
+##### Tool: [top]()
###### Use top to monitor only all processes with the specific string
@@ -2158,9 +2158,9 @@ ___
top -p $(pgrep -d , )
```
- * `` - process containing string (eg. nginx, worker)
+- `` - process containing string (eg. nginx, worker)
-___
+---
##### Tool: [vmstat](https://en.wikipedia.org/wiki/Vmstat)
@@ -2170,11 +2170,11 @@ ___
vmstat 2 20 -t -w
```
- * `2` - number of times with a defined time interval (delay)
- * `20` - each execution of the command (count)
- * `-t` - show timestamp
- * `-w` - wide output
- * `-S M` - output of the fields in megabytes instead of kilobytes
+- `2` - number of times with a defined time interval (delay)
+- `20` - each execution of the command (count)
+- `-t` - show timestamp
+- `-w` - wide output
+- `-S M` - output of the fields in megabytes instead of kilobytes
###### Show current system utilization will get refreshed every 5 seconds
@@ -2208,10 +2208,10 @@ vmstat -m
iostat 2 10 -t -m
```
- * `2` - number of times with a defined time interval (delay)
- * `10` - each execution of the command (count)
- * `-t` - show timestamp
- * `-m` - fields in megabytes (`-k` - in kilobytes, default)
+- `2` - number of times with a defined time interval (delay)
+- `10` - each execution of the command (count)
+- `-t` - show timestamp
+- `-m` - fields in megabytes (`-k` - in kilobytes, default)
###### Show information only about the CPU utilization
@@ -2231,7 +2231,7 @@ iostat 2 10 -t -m -d
iostat -N
```
-___
+---
##### Tool: [strace](https://en.wikipedia.org/wiki/Strace)
@@ -2277,9 +2277,9 @@ strace -f -e trace=bind nc -l 80
strace -f -e trace=network nc -lu 80
```
-___
+---
-##### Tool: [kill](https://en.wikipedia.org/wiki/Kill_(command))
+##### Tool: [kill]()
###### Kill a process running on port
@@ -2287,7 +2287,7 @@ ___
kill -9 $(lsof -i : | awk '{l=$2} END {print l}')
```
-___
+---
##### Tool: [diff](https://en.wikipedia.org/wiki/Diff)
@@ -2303,7 +2303,7 @@ diff <(cd directory1 && find | sort) <(cd directory2 && find | sort)
diff <(cat /etc/passwd) <(cut -f2 /etc/passwd)
```
-___
+---
##### Tool: [vimdiff](http://vimdoc.sourceforge.net/htmldoc/diff.html)
@@ -2312,6 +2312,7 @@ ___
```bash
vimdiff file1 file2
```
+
###### Compare two JSON files
```bash
@@ -2319,6 +2320,7 @@ vimdiff <(jq -S . A.json) <(jq -S . B.json)
```
###### Compare Hex dump
+
```bash
d(){ vimdiff <(f $1) <(f $2);};f(){ hexdump -C $1|cut -d' ' -f3-|tr -s ' ';}; d ~/bin1 ~/bin2
```
@@ -2329,15 +2331,15 @@ Save [diffchar](https://raw.githubusercontent.com/vim-scripts/diffchar.vim/maste
Click `F7` to switch between diff modes
-Usefull `vimdiff` commands:
+Useful `vimdiff` commands:
-* `qa` to exit all windows
-* `:vertical resize 70` to resize window
-* set window width `Ctrl+W [N columns]+(Shift+)<\>`
+- `qa` to exit all windows
+- `:vertical resize 70` to resize window
+- set window width `Ctrl+W [N columns]+(Shift+)<\>`
-___
+---
-##### Tool: [tail](https://en.wikipedia.org/wiki/Tail_(Unix))
+##### Tool: [tail]()
###### Annotate tail -f with timestamps
@@ -2357,9 +2359,9 @@ tail -10000 access_log | awk '{print $1}' | sort | uniq -c | sort -n | tail
tail -n 100 -f /path/to/logfile | grep "HTTP/[1-2].[0-1]\" [5]"
```
-___
+---
-##### Tool: [tar](https://en.wikipedia.org/wiki/Tar_(computing))
+##### Tool: [tar]()
###### System backup with exclude specific directories
@@ -2378,9 +2380,9 @@ tar cvpf /backup/snapshot-$(date +%d%m%Y%s).tgz --directory=/ \
--exclude=mnt/* --exclude=tmp/* --use-compress-program=pigz .
```
-___
+---
-##### Tool: [dump](https://en.wikipedia.org/wiki/Dump_(program))
+##### Tool: [dump]()
###### System backup to file
@@ -2395,7 +2397,7 @@ cd /
restore -rf /backup/system$(date +%d%m%Y%s).lzo
```
-___
+---
##### Tool: [cpulimit](http://cpulimit.sourceforge.net/)
@@ -2405,7 +2407,7 @@ ___
cpulimit -p pid -l 50
```
-___
+---
##### Tool: [pwdx](https://www.cyberciti.biz/faq/unix-linux-pwdx-command-examples-usage-syntax/)
@@ -2415,7 +2417,7 @@ ___
pwdx
```
-___
+---
##### Tool: [taskset](https://www.cyberciti.biz/faq/taskset-cpu-affinity-command/)
@@ -2425,9 +2427,9 @@ ___
taskset -c 0
```
-___
+---
-##### Tool: [tr](https://en.wikipedia.org/wiki/Tr_(Unix))
+##### Tool: [tr]()
###### Show directories in the PATH, one per line
@@ -2435,7 +2437,7 @@ ___
tr : '\n' <<<$PATH
```
-___
+---
##### Tool: [chmod](https://en.wikipedia.org/wiki/Chmod)
@@ -2460,9 +2462,9 @@ cp /bin/chmod chmod.01
setfacl --set u::rwx,g::---,o::--- /bin/chmod
```
-___
+---
-##### Tool: [who](https://en.wikipedia.org/wiki/Who_(Unix))
+##### Tool: [who]()
###### Find last reboot time
@@ -2476,7 +2478,7 @@ who -b
[[ $(who -m | awk '{ print $1 }') == $(whoami) ]] || echo "You are su-ed to $(whoami)"
```
-___
+---
##### Tool: [last](https://www.howtoforge.com/linux-last-command/)
@@ -2487,7 +2489,7 @@ ___
grep -A1 reboot | head -2 | grep -q shutdown && echo "Expected reboot" || echo "Panic reboot"
```
-___
+---
##### Tool: [screen](https://en.wikipedia.org/wiki/GNU_Screen)
@@ -2503,9 +2505,9 @@ screen -d -m
screen -r -d
```
-___
+---
-##### Tool: [script](https://en.wikipedia.org/wiki/Script_(Unix))
+##### Tool: [script]()
###### Record and replay terminal session
@@ -2521,7 +2523,7 @@ script --timing=session.time session.log
scriptreplay --timing=session.time session.log
```
-___
+---
##### Tool: [du](https://en.wikipedia.org/wiki/GNU_Screen)
@@ -2534,7 +2536,7 @@ awk '{split("K M G",v); s=1; while($1>1024){$1/=1024; s++} print int($1)" "v[s]"
head -n 20
```
-___
+---
##### Tool: [inotifywait](https://en.wikipedia.org/wiki/GNU_Screen)
@@ -2544,7 +2546,7 @@ ___
while true ; do inotifywait -r -e MODIFY dir/ && ls dir/ ; done;
```
-___
+---
##### Tool: [openssl](https://www.openssl.org/)
@@ -2655,7 +2657,7 @@ openssl req -out ${_fd_csr} -new -key ${_fd} )
###### Generate CSR (metadata from existing certificate)
- > Where `private.key` is the existing private key. As you can see you do not generate this CSR from your certificate (public key). Also you do not generate the "same" CSR, just a new one to request a new certificate.
+> Where `private.key` is the existing private key. As you can see you do not generate this CSR from your certificate (public key). Also you do not generate the "same" CSR, just a new one to request a new certificate.
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; _fd_crt="cert.crt" ; \
@@ -2939,7 +2941,7 @@ openssl x509 -noout -modulus -in certificate.crt | openssl md5) | uniq
openssl req -noout -modulus -in request.csr | openssl md5) | uniq
```
-___
+---
##### Tool: [secure-delete](https://wiki.archlinux.org/index.php/Securely_wipe_disk)
@@ -2973,9 +2975,9 @@ sdmem -v
swapoff /dev/sda5 && sswap -vz /dev/sda5
```
-___
+---
-##### Tool: [dd](https://en.wikipedia.org/wiki/Dd_(Unix))
+##### Tool: [dd]()
###### Show dd status every so often
@@ -2990,7 +2992,7 @@ watch --interval 5 killall -USR1 dd
echo "string" | dd of=filename
```
-___
+---
##### Tool: [gpg](https://www.gnupg.org/)
@@ -3000,8 +3002,8 @@ ___
gpg --export --armor "" > username.pkey
```
- * `--export` - export all keys from all keyrings or specific key
- * `-a|--armor` - create ASCII armored output
+- `--export` - export all keys from all keyrings or specific key
+- `-a|--armor` - create ASCII armored output
###### Encrypt file
@@ -3009,8 +3011,8 @@ gpg --export --armor "" > username.pkey
gpg -e -r "" dump.sql
```
- * `-e|--encrypt` - encrypt data
- * `-r|--recipient` - encrypt for specific
+- `-e|--encrypt` - encrypt data
+- `-r|--recipient` - encrypt for specific
###### Decrypt file
@@ -3018,8 +3020,8 @@ gpg -e -r "" dump.sql
gpg -o dump.sql -d dump.sql.gpg
```
- * `-o|--output` - use as output file
- * `-d|--decrypt` - decrypt data (default)
+- `-o|--output` - use as output file
+- `-d|--decrypt` - decrypt data (default)
###### Search recipient
@@ -3027,8 +3029,8 @@ gpg -o dump.sql -d dump.sql.gpg
gpg --keyserver hkp://keyserver.ubuntu.com --search-keys ""
```
- * `--keyserver` - set specific key server
- * `--search-keys` - search for keys on a key server
+- `--keyserver` - set specific key server
+- `--search-keys` - search for keys on a key server
###### List all of the packets in an encrypted file
@@ -3037,7 +3039,7 @@ gpg --batch --list-packets archive.gpg
gpg2 --batch --list-packets archive.gpg
```
-___
+---
##### Tool: [system-other](https://github.com/trimstray/the-book-of-secret-knowledge#tool-system-other)
@@ -3071,30 +3073,30 @@ readlink -f /proc//exe
curl -Iks https://www.google.com
```
- * `-I` - show response headers only
- * `-k` - insecure connection when using ssl
- * `-s` - silent mode (not display body)
+- `-I` - show response headers only
+- `-k` - insecure connection when using ssl
+- `-s` - silent mode (not display body)
```bash
curl -Iks --location -X GET -A "x-agent" https://www.google.com
```
- * `--location` - follow redirects
- * `-X` - set method
- * `-A` - set user-agent
+- `--location` - follow redirects
+- `-X` - set method
+- `-A` - set user-agent
```bash
curl -Iks --location -X GET -A "x-agent" --proxy http://127.0.0.1:16379 https://www.google.com
```
- * `--proxy [socks5://|http://]` - set proxy server
+- `--proxy [socks5://|http://]` - set proxy server
```bash
curl -o file.pdf -C - https://example.com/Aiju2goo0Ja2.pdf
```
- * `-o` - write output to file
- * `-C` - resume the transfer
+- `-o` - write output to file
+- `-C` - resume the transfer
###### Find your external IP address (external services)
@@ -3154,7 +3156,7 @@ done
unset _domain_list _dns_list
```
-___
+---
##### Tool: [httpie](https://httpie.org/)
@@ -3162,25 +3164,25 @@ ___
http -p Hh https://www.google.com
```
- * `-p` - print request and response headers
- * `H` - request headers
- * `B` - request body
- * `h` - response headers
- * `b` - response body
+- `-p` - print request and response headers
+ - `H` - request headers
+ - `B` - request body
+ - `h` - response headers
+ - `b` - response body
```bash
http -p Hh https://www.google.com --follow --verify no
```
- * `-F, --follow` - follow redirects
- * `--verify no` - skip SSL verification
+- `-F, --follow` - follow redirects
+- `--verify no` - skip SSL verification
```bash
http -p Hh https://www.google.com --follow --verify no \
--proxy http:http://127.0.0.1:16379
```
- * `--proxy [http:]` - set proxy server
+- `--proxy [http:]` - set proxy server
##### Tool: [ssh](https://www.openssh.com/)
@@ -3308,9 +3310,9 @@ host1> ssh -nNT -L 9051:db.d.x:5432 node.d.y
host1> psql -U db_user -d db_dev -p 9051 -h localhost
```
- * `-n` - redirects stdin from `/dev/null`
- * `-N` - do not execute a remote command
- * `-T` - disable pseudo-terminal allocation
+- `-n` - redirects stdin from `/dev/null`
+- `-N` - do not execute a remote command
+- `-T` - disable pseudo-terminal allocation
###### SSH remote port forwarding
@@ -3322,7 +3324,7 @@ host1> ssh -nNT -R 9051:db.d.x:5432 node.d.y
host2> psql -U postgres -d postgres -p 8000 -h localhost
```
-___
+---
##### Tool: [linux-dev](https://www.tldp.org/LDP/abs/html/devref1.html)
@@ -3332,9 +3334,9 @@ ___
timeout 1 bash -c "//" >/dev/null 2>&1 ; echo $?
```
- * `` - set remote host
- * `` - set destination port
+- `` - set remote host
+- `` - set destination port
###### Read and write to TCP or UDP sockets with common bash tools
@@ -3342,7 +3344,7 @@ timeout 1 bash -c "//" >/dev/null 2>&1 ; echo $?
exec 5<>/dev/tcp//; cat <&5 & cat >&5; exec 5>&-
```
-___
+---
##### Tool: [tcpdump](http://www.tcpdump.org/)
@@ -3352,13 +3354,13 @@ ___
tcpdump -ne -i eth0 -Q in host 192.168.252.1 and port 443
```
- * `-n` - don't convert addresses (`-nn` will not resolve hostnames or ports)
- * `-e` - print the link-level headers
- * `-i [iface|any]` - set interface
- * `-Q|-D [in|out|inout]` - choose send/receive direction (`-D` - for old tcpdump versions)
- * `host [ip|hostname]` - set host, also `[host not]`
- * `[and|or]` - set logic
- * `port [1-65535]` - set port number, also `[port not]`
+- `-n` - don't convert addresses (`-nn` will not resolve hostnames or ports)
+- `-e` - print the link-level headers
+- `-i [iface|any]` - set interface
+- `-Q|-D [in|out|inout]` - choose send/receive direction (`-D` - for old tcpdump versions)
+- `host [ip|hostname]` - set host, also `[host not]`
+- `[and|or]` - set logic
+- `port [1-65535]` - set port number, also `[port not]`
###### Filter incoming (on interface) traffic (specific ) and write to a file
@@ -3366,8 +3368,8 @@ tcpdump -ne -i eth0 -Q in host 192.168.252.1 and port 443
tcpdump -ne -i eth0 -Q in host 192.168.252.1 and port 443 -c 5 -w tcpdump.pcap
```
- * `-c [num]` - capture only num number of packets
- * `-w [filename]` - write packets to file, `-r [filename]` - reading from file
+- `-c [num]` - capture only num number of packets
+- `-w [filename]` - write packets to file, `-r [filename]` - reading from file
###### Capture all ICMP packets
@@ -3426,8 +3428,8 @@ tcpdump -ei eth0 -s 0 -v -n -l | egrep -i "POST /|GET /|Host:"
tcpdump -ei eth0 -w /tmp/capture-%H.pcap -G 3600 -C 200
```
- * `-G ` - pcap will be created every `` seconds
- * `-C ` - close the current pcap and open a new one if is larger than ``
+- `-G ` - pcap will be created every `` seconds
+- `-C ` - close the current pcap and open a new one if is larger than ``
###### Top hosts by packets
@@ -3441,7 +3443,7 @@ tcpdump -ei enp0s25 -nnn -t -c 200 | cut -f 1,2,3,4 -d '.' | sort | uniq -c | so
tcpdump -nei eth0 'not (src net (10 or 172.16/12 or 192.168/16) and dst net (10 or 172.16/12 or 192.168/16))'
```
-___
+---
##### Tool: [tcpick](http://tcpick.sourceforge.net/)
@@ -3451,7 +3453,7 @@ ___
while true ; do tcpick -a -C -r dump.pcap ; sleep 2 ; clear ; done
```
-___
+---
##### Tool: [ngrep](http://ngrep.sourceforge.net/usage.html)
@@ -3459,41 +3461,41 @@ ___
ngrep -d eth0 "www.domain.com" port 443
```
- * `-d [iface|any]` - set interface
- * `[domain]` - set hostname
- * `port [1-65535]` - set port number
+- `-d [iface|any]` - set interface
+- `[domain]` - set hostname
+- `port [1-65535]` - set port number
```bash
ngrep -d eth0 "www.domain.com" src host 10.240.20.2 and port 443
```
- * `(host [ip|hostname])` - filter by ip or hostname
- * `(port [1-65535])` - filter by port number
+- `(host [ip|hostname])` - filter by ip or hostname
+- `(port [1-65535])` - filter by port number
```bash
ngrep -d eth0 -qt -O ngrep.pcap "www.domain.com" port 443
```
- * `-q` - quiet mode (only payloads)
- * `-t` - added timestamps
- * `-O [filename]` - save output to file, `-I [filename]` - reading from file
+- `-q` - quiet mode (only payloads)
+- `-t` - added timestamps
+- `-O [filename]` - save output to file, `-I [filename]` - reading from file
```bash
ngrep -d eth0 -qt 'HTTP' 'tcp'
```
- * `HTTP` - show http headers
- * `tcp|udp` - set protocol
- * `[src|dst] host [ip|hostname]` - set direction for specific node
+- `HTTP` - show http headers
+- `tcp|udp` - set protocol
+- `[src|dst] host [ip|hostname]` - set direction for specific node
```bash
ngrep -l -q -d eth0 -i "User-Agent: curl*"
```
- * `-l` - stdout line buffered
- * `-i` - case-insensitive search
+- `-l` - stdout line buffered
+- `-i` - case-insensitive search
-___
+---
##### Tool: [hping3](http://www.hping.org/)
@@ -3501,36 +3503,36 @@ ___
hping3 -V -p 80 -s 5050 www.google.com
```
- * `-V|--verbose` - verbose mode
- * `-p|--destport` - set destination port
- * `-s|--baseport` - set source port
- * `` - set scan type
- * `-F|--fin` - set FIN flag, port open if no reply
- * `-S|--syn` - set SYN flag
- * `-P|--push` - set PUSH flag
- * `-A|--ack` - set ACK flag (use when ping is blocked, RST response back if the port is open)
- * `-U|--urg` - set URG flag
- * `-Y|--ymas` - set Y unused flag (0x80 - nullscan), port open if no reply
- * `-M 0 -UPF` - set TCP sequence number and scan type (URG+PUSH+FIN), port open if no reply
+- `-V|--verbose` - verbose mode
+- `-p|--destport` - set destination port
+- `-s|--baseport` - set source port
+- `` - set scan type
+ - `-F|--fin` - set FIN flag, port open if no reply
+ - `-S|--syn` - set SYN flag
+ - `-P|--push` - set PUSH flag
+ - `-A|--ack` - set ACK flag (use when ping is blocked, RST response back if the port is open)
+ - `-U|--urg` - set URG flag
+ - `-Y|--ymas` - set Y unused flag (0x80 - nullscan), port open if no reply
+ - `-M 0 -UPF` - set TCP sequence number and scan type (URG+PUSH+FIN), port open if no reply
```bash
hping3 -V -c 1 -1 -C 8 www.google.com
```
- * `-c [num]` - packet count
- * `-1` - set ICMP mode
- * `-C|--icmptype [icmp-num]` - set icmp type (default icmp-echo = 8)
+- `-c [num]` - packet count
+- `-1` - set ICMP mode
+- `-C|--icmptype [icmp-num]` - set icmp type (default icmp-echo = 8)
```bash
hping3 -V -c 1000000 -d 120 -S -w 64 -p 80 --flood --rand-source
```
- * `--flood` - sent packets as fast as possible (don't show replies)
- * `--rand-source` - random source address mode
- * `-d --data` - data size
- * `-w|--win` - winsize (default 64)
+- `--flood` - sent packets as fast as possible (don't show replies)
+- `--rand-source` - random source address mode
+- `-d --data` - data size
+- `-w|--win` - winsize (default 64)
-___
+---
##### Tool: [nmap](https://nmap.org/)
@@ -3610,7 +3612,7 @@ _nmap_nse_scripts_args+="http-waf-fingerprint.intensive=1"
nmap --script="$_nmap_nse_scripts" --script-args="$_nmap_nse_scripts_args" -p "$_ports" "$_hosts"
```
-___
+---
##### Tool: [netcat](http://netcat.sourceforge.net/)
@@ -3618,28 +3620,28 @@ ___
nc -kl 5000
```
- * `-l` - listen for an incoming connection
- * `-k` - listening after client has disconnected
- * `>filename.out` - save receive data to file (optional)
+- `-l` - listen for an incoming connection
+- `-k` - listening after client has disconnected
+- `>filename.out` - save receive data to file (optional)
```bash
nc 192.168.0.1 5051 < filename.in
```
- * `< filename.in` - send data to remote host
+- `< filename.in` - send data to remote host
```bash
nc -vz 10.240.30.3 5000
```
- * `-v` - verbose output
- * `-z` - scan for listening daemons
+- `-v` - verbose output
+- `-z` - scan for listening daemons
```bash
nc -vzu 10.240.30.3 1-65535
```
- * `-u` - scan only udp ports
+- `-u` - scan only udp ports
###### Transfer data file (archive)
@@ -3675,7 +3677,7 @@ while true ; do nc -l -p 1500 -c 'echo -e "HTTP/1.1 200 OK\n\n $(date)"' ; done
###### Simple HTTP Server
- > Restarts web server after each request - remove `while` condition for only single connection.
+> Restarts web server after each request - remove `while` condition for only single connection.
```bash
cat > index.html << __EOF__
@@ -3707,7 +3709,7 @@ nc -l -p 5000 \
; done
```
- * `-p` - port number
+- `-p` - port number
###### Simple HTTP Proxy (single connection)
@@ -3776,7 +3778,7 @@ nc -l -u -p 2000 -c "nc -u [ip|hostname] 3000"
nc -l -u -p 2000 -c "nc [ip|hostname] 3000"
```
-___
+---
##### Tool: [gnutls-cli](https://gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html)
@@ -3792,7 +3794,7 @@ gnutls-cli -p 443 google.com
gnutls-cli --disable-sni -p 443 google.com
```
-___
+---
##### Tool: [socat](http://www.dest-unreach.org/socat/doc/socat.html)
@@ -3802,10 +3804,10 @@ ___
socat - TCP4:10.240.30.3:22
```
- * `-` - standard input (STDIO)
- * `TCP4:` - set tcp4 connection with specific params
- * `[hostname|ip]` - set hostname/ip
- * `[1-65535]` - set port number
+- `-` - standard input (STDIO)
+- `TCP4:` - set tcp4 connection with specific params
+ - `[hostname|ip]` - set hostname/ip
+ - `[1-65535]` - set port number
###### Redirecting TCP-traffic to a UNIX domain socket under Linux
@@ -3813,17 +3815,17 @@ socat - TCP4:10.240.30.3:22
socat TCP-LISTEN:1234,bind=127.0.0.1,reuseaddr,fork,su=nobody,range=127.0.0.0/8 UNIX-CLIENT:/tmp/foo
```
- * `TCP-LISTEN:` - set tcp listen with specific params
- * `[1-65535]` - set port number
- * `bind=[hostname|ip]` - set bind hostname/ip
- * `reuseaddr` - allows other sockets to bind to an address
- * `fork` - keeps the parent process attempting to produce more connections
- * `su=nobody` - set user
- * `range=[ip-range]` - ip range
- * `UNIX-CLIENT:` - communicates with the specified peer socket
- * `filename` - define socket
+- `TCP-LISTEN:` - set tcp listen with specific params
+ - `[1-65535]` - set port number
+ - `bind=[hostname|ip]` - set bind hostname/ip
+ - `reuseaddr` - allows other sockets to bind to an address
+ - `fork` - keeps the parent process attempting to produce more connections
+ - `su=nobody` - set user
+ - `range=[ip-range]` - ip range
+- `UNIX-CLIENT:` - communicates with the specified peer socket
+ - `filename` - define socket
-___
+---
##### Tool: [p0f](http://lcamtuf.coredump.cx/p0f3/)
@@ -3833,12 +3835,12 @@ ___
p0f -i enp0s25 -p -d -o /dump/enp0s25.log
```
- * `-i` - listen on the specified interface
- * `-p` - set interface in promiscuous mode
- * `-d` - fork into background
- * `-o` - output file
+- `-i` - listen on the specified interface
+- `-p` - set interface in promiscuous mode
+- `-d` - fork into background
+- `-o` - output file
-___
+---
##### Tool: [netstat](https://en.wikipedia.org/wiki/Netstat)
@@ -3861,7 +3863,7 @@ watch "netstat -plan | grep :443 | awk {'print \$5'} | cut -d: -f 1 | sort | uni
netstat -nlt | grep 'tcp ' | grep -Eo "[1-9][0-9]*" | xargs -I {} sh -c "echo "" | nc -v -n -w1 127.0.0.1 {}"
```
-___
+---
##### Tool: [rsync](https://en.wikipedia.org/wiki/Rsync)
@@ -3871,9 +3873,9 @@ ___
rsync --rsync-path 'sudo rsync' username@hostname:/path/to/dir/ /local/
```
-___
+---
-##### Tool: [host](https://en.wikipedia.org/wiki/Host_(Unix))
+##### Tool: [host]()
###### Resolves the domain name (using external dns server)
@@ -3887,9 +3889,9 @@ host google.com 9.9.9.9
host -t soa google.com 9.9.9.9
```
-___
+---
-##### Tool: [dig](https://en.wikipedia.org/wiki/Dig_(command))
+##### Tool: [dig]()
###### Resolves the domain name (short output)
@@ -3921,7 +3923,7 @@ dig google.com ANY +noall +answer
dig -x 172.217.16.14 +short
```
-___
+---
##### Tool: [certbot](https://certbot.eff.org/)
@@ -3943,7 +3945,7 @@ certbot certonly --manual --preferred-challenges=dns -d example.com -d *.example
certbot certonly -d example.com -d www.example.com --rsa-key-size 4096
```
-___
+---
##### Tool: [network-other](https://github.com/trimstray/the-book-of-secret-knowledge#tool-network-other)
@@ -3982,7 +3984,7 @@ git log --graph \
--abbrev-commit
```
-___
+---
##### Tool: [python](https://www.python.org/)
@@ -4078,7 +4080,7 @@ awk 'length($0)>80{print FNR,$0}' filename
awk 'length < 80' filename
```
-###### Print double new lines a file
+###### Print double newlines in a file
```bash
awk '1; { print "" }' filename
@@ -4174,7 +4176,7 @@ awk '/'$(date -d "1 hours ago" "+%d\\/%b\\/%Y:%H:%M")'/,/'$(date "+%d\\/%b\\/%Y:
/var/log/httpd/access_log
```
-___
+---
##### Tool: [sed](http://www.grymoire.com/Unix/Sed.html)
@@ -4227,7 +4229,7 @@ while read line ; do printf "%s" "$line " ; done < file
sed '/start/,+4d' /path/to/file
```
-___
+---
##### Tool: [grep](http://www.grymoire.com/Unix/Grep.html)