From c6424a10bac9c50ba9edd2fe28eaaf040d957f43 Mon Sep 17 00:00:00 2001 From: lbonanomi <5369016+lbonanomi@users.noreply.github.com> Date: Mon, 24 Dec 2018 10:06:35 -0500 Subject: [PATCH 1/9] ssh -tt $HOST bash Skip login scripts when SSHing, good for misconfigured .profiles or 100%-full disks. --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 4fd671f..79aa7e8 100644 --- a/README.md +++ b/README.md @@ -1627,6 +1627,12 @@ function _scg() { } ``` +###### SSH without processing any login scripts + +```bash +ssh -tt user@host bash +``` + ___ ##### Tool: [linux-dev](https://www.tldp.org/LDP/abs/html/devref1.html) From fb4b42c2e2f6ad6445a1681583efeb903f4b4b70 Mon Sep 17 00:00:00 2001 From: lbonanomi Date: Mon, 24 Dec 2018 10:26:13 -0500 Subject: [PATCH 2/9] SSH without profile processing --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 79aa7e8..4704183 100644 --- a/README.md +++ b/README.md @@ -1627,7 +1627,7 @@ function _scg() { } ``` -###### SSH without processing any login scripts +###### SSH login without processing any login scripts ```bash ssh -tt user@host bash From d667b0cb7f9795d8e79eb30f73006717246b69fd Mon Sep 17 00:00:00 2001 From: lbonanomi Date: Mon, 24 Dec 2018 10:33:34 -0500 Subject: [PATCH 3/9] SSH to host without processing user environment scripts. Signed-off-by: lbonanomi --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4704183..ac37549 100644 --- a/README.md +++ b/README.md @@ -1627,7 +1627,7 @@ function _scg() { } ``` -###### SSH login without processing any login scripts +###### SSH login without processing any login scripts ```bash ssh -tt user@host bash From 667368144b22371781a9dbbfa113acba868da83e Mon Sep 17 00:00:00 2001 From: "@trimstray" Date: Mon, 24 Dec 2018 21:53:43 +0100 Subject: [PATCH 4/9] removed last space from header --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ac37549..4704183 100644 --- a/README.md +++ b/README.md @@ -1627,7 +1627,7 @@ function _scg() { } ``` -###### SSH login without processing any login scripts +###### SSH login without processing any login scripts ```bash ssh -tt user@host bash From af8eede5347fdc117d2608c750e38d8fa1329767 Mon Sep 17 00:00:00 2001 From: Tommy Nguyen Date: Tue, 25 Dec 2018 01:47:50 -0500 Subject: [PATCH 5/9] Add link to Linux Guide and Hints - signed-off-by: Tommy Nguyen --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 4704183..093d874 100644 --- a/README.md +++ b/README.md @@ -374,6 +374,12 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Shell & Utilities - describes the commands and utilities offered to application programs by POSIX-conformant systems.

+##### :black_small_square: Linux + +

+  :small_orange_diamond: Linux Guide and Hints - tutorials on system administration in Fedora® and CentOS®, including OpenLDAP and FreeIPA.
+

+ ##### :black_small_square: Programming

From 23a2bc228b6559465fe999d729798a1e85d07546 Mon Sep 17 00:00:00 2001 From: trimstray Date: Tue, 25 Dec 2018 12:14:19 +0100 Subject: [PATCH 6/9] #34 - security of 3des for openssl - signed-off-by: trimstray --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4704183..7be3f34 100644 --- a/README.md +++ b/README.md @@ -1289,8 +1289,9 @@ openssl s_client -cipher 'AES128-SHA' -connect google.com:443 ###### Generate private key ```bash -# _ciph: des3, aes -( _ciph="des3" ; _fd="private.key" ; _len="2048" ; \ +# _ciph: des3, aes128, aes256 +# _len: 2048, 4096 +( _ciph="aes128" ; _fd="private.key" ; _len="4096" ; \ openssl genrsa -${_ciph} -out ${_fd} ${_len} ) ``` @@ -1311,7 +1312,7 @@ openssl rsa -pubout -in ${_fd} -out ${_fd_pub} ) ###### Generate private key + csr ```bash -( _fd="private.key" ; _fd_csr="request.csr" ; _len="2048" ; \ +( _fd="private.key" ; _fd_csr="request.csr" ; _len="4096" ; \ openssl req -out ${_fd_csr} -new -newkey rsa:${_len} -nodes -keyout ${_fd} ) ``` From 6562e06ee21646d44f2551c3a6108bcbd745f731 Mon Sep 17 00:00:00 2001 From: Divyesh Puri Date: Wed, 26 Dec 2018 01:07:51 +0530 Subject: [PATCH 7/9] Added PageSpeed Insights in performance section --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7be3f34..d80894b 100644 --- a/README.md +++ b/README.md @@ -323,6 +323,7 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo   :small_orange_diamond: Sucuri loadtimetester - test here the performance of any of your sites from across the globe.
  :small_orange_diamond: Pingdom Tools - analyze your site’s speed around the world.
+  :small_orange_diamond: PageSpeed Insights - analyze your site’s speed and make it faster.

##### :black_small_square: Mass scanners (search engines) From f284e674b75dc8a11f270bb403056643fd8ec0ba Mon Sep 17 00:00:00 2001 From: "@trimstray" Date: Tue, 25 Dec 2018 21:49:33 +0100 Subject: [PATCH 8/9] updated 'nix & Network' chapter --- README.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 093d874..843efb5 100644 --- a/README.md +++ b/README.md @@ -374,25 +374,20 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Shell & Utilities - describes the commands and utilities offered to application programs by POSIX-conformant systems.

-##### :black_small_square: Linux - -

-  :small_orange_diamond: Linux Guide and Hints - tutorials on system administration in Fedora® and CentOS®, including OpenLDAP and FreeIPA.
-

- ##### :black_small_square: Programming

  :small_orange_diamond: F’Awk Yeah! - advanced sed and awk usage (Parsing for Pentesters 3).

-##### :black_small_square: Unix & Network +##### :black_small_square: \*nix & Network

  :small_orange_diamond: nixCraft - linux and unix tutorials for new and seasoned sysadmin.
  :small_orange_diamond: TecMint - the ideal Linux blog for Sysadmins & Geeks.
  :small_orange_diamond: Omnisecu - Free Networking, System Administration and Security Tutorials.
  :small_orange_diamond: Unix Toolbox - collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.
+  :small_orange_diamond: Linux Guide and Hints - tutorials on system administration in Fedora® and CentOS®, including OpenLDAP and FreeIPA.
  :small_orange_diamond: http2-explained - a detailed document explaining and documenting HTTP/2.
  :small_orange_diamond: http3-explained - a document describing the HTTP/3 and QUIC protocols.

From 86d62e9b37740c19c7c7ea90cb9d7eec14869c76 Mon Sep 17 00:00:00 2001 From: trimstray Date: Wed, 26 Dec 2018 21:50:34 +0100 Subject: [PATCH 9/9] minor fixes and updates; updated gen private key - signed-off-by: trimstray --- README.md | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 5ae6f82..807b60f 100644 --- a/README.md +++ b/README.md @@ -375,7 +375,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Shell & Utilities - describes the commands and utilities offered to application programs by POSIX-conformant systems.

-##### :black_small_square: Programming +##### :black_small_square: Sed & Awk & Other

  :small_orange_diamond: F’Awk Yeah! - advanced sed and awk usage (Parsing for Pentesters 3).
@@ -533,9 +533,9 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Movies for Hackers - list of movies every hacker & cyberpunk must watch.
  :small_orange_diamond: Awesome Pcaptools - collection of tools developed by other researchers to process network traces.
  :small_orange_diamond: Linux Network Performance - learn where some of the network sysctl variables fit into the Linux/Kernel network flow.
-  :small_orange_diamond: Command-line-text-processing - from finding text to search and replace, from sorting to beautifying text and more.
  :small_orange_diamond: Awesome Scalability - best practices in building High Scalability, High Availability, High Stability and more.
  :small_orange_diamond: Awesome Postgres - list of awesome PostgreSQL software, libraries, tools and resources.
+  :small_orange_diamond: Command-line-text-processing - from finding text to search and replace, from sorting to beautifying text and more.
  :small_orange_diamond: Free Security eBooks - list of a Free Security and Hacking eBooks.

@@ -565,13 +565,13 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: WebApps Security Tests MindMap - incredible mind map for WebApps security tests.
  :small_orange_diamond: Brute XSS - master the art of Cross Site Scripting.
  :small_orange_diamond: Offensive Security Bookmarks - security bookmarks collection, all that things I need to pass OSCP.
-  :small_orange_diamond: Awesome Pentest Cheat Sheets - collection of the cheat sheets useful for pentesting.
  :small_orange_diamond: SecLists - collection of multiple types of lists used during security assessments, collected in one place.
-  :small_orange_diamond: Awesome Hacking - awesome lists for hackers, pentesters and security researchers.
+  :small_orange_diamond: Awesome Pentest Cheat Sheets - collection of the cheat sheets useful for pentesting.
+  :small_orange_diamond: Awesome Hacking by HackWithGithub - awesome lists for hackers, pentesters and security researchers.
+  :small_orange_diamond: Awesome Hacking by carpedm20 - a curated list of awesome hacking tutorials, tools and resources.
  :small_orange_diamond: Awesome Hacking Resources - collection of hacking/penetration testing resources to make you better.
-  :small_orange_diamond: Awesome Hacking - a curated list of awesome Hacking tutorials, tools and resources.
-  :small_orange_diamond: Hacking Cheat Sheet - author hacking and pentesting notes.
  :small_orange_diamond: Awesome Pentest - collection of awesome penetration testing resources, tools and other shiny things.
+  :small_orange_diamond: Hacking Cheat Sheet - author hacking and pentesting notes.
  :small_orange_diamond: Pentest Bookmarks - there are a LOT of pentesting blogs.
  :small_orange_diamond: PayloadsAllTheThings - a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
  :small_orange_diamond: Pentesting Tools Cheat Sheet - a quick reference high level overview for typical penetration testing engagements.
@@ -1290,6 +1290,14 @@ openssl s_client -cipher 'AES128-SHA' -connect google.com:443 ###### Generate private key +```bash +# _len: 2048, 4096 +( _fd="private.key" ; _len="4096" ; \ +openssl genrsa -out ${_fd} ${_len} ) +``` + +###### Generate private key with password + ```bash # _ciph: des3, aes128, aes256 # _len: 2048, 4096