mirror of
https://github.com/trimstray/the-book-of-secret-knowledge.git
synced 2024-12-24 04:15:29 +00:00
added new one-liners, minor fixes
- signed-off-by: trimstray <trimstray@gmail.com>
This commit is contained in:
parent
b0ecf4f049
commit
4a9beba7c1
134
README.md
134
README.md
@ -18,7 +18,7 @@
|
|||||||
<img src="https://awesome.re/badge.svg"
|
<img src="https://awesome.re/badge.svg"
|
||||||
alt="Awesome">
|
alt="Awesome">
|
||||||
<a href="https://github.com/trimstray/awesome-ninja-admins">
|
<a href="https://github.com/trimstray/awesome-ninja-admins">
|
||||||
<img src="https://img.shields.io/badge/Status-Ninja-red.svg?longCache=true"
|
<img src="https://img.shields.io/badge/Status-09072018-red.svg?longCache=true"
|
||||||
alt="Status">
|
alt="Status">
|
||||||
</a>
|
</a>
|
||||||
<a href="http://www.gnu.org/licenses/">
|
<a href="http://www.gnu.org/licenses/">
|
||||||
@ -275,6 +275,7 @@ performance of any of your sites from across the globe.<br>
|
|||||||
* [screen](#tool-screen)
|
* [screen](#tool-screen)
|
||||||
* [du](#tool-du)
|
* [du](#tool-du)
|
||||||
* [inotifywait](#tool-inotifywait)
|
* [inotifywait](#tool-inotifywait)
|
||||||
|
* [openssl](#tool-openssl)
|
||||||
- **[HTTP/HTTPS](#http-https)**
|
- **[HTTP/HTTPS](#http-https)**
|
||||||
* [curl](#tool-curl)
|
* [curl](#tool-curl)
|
||||||
* [httpie](#tool-httpie)
|
* [httpie](#tool-httpie)
|
||||||
@ -559,6 +560,124 @@ du | sort -r -n | awk '{split("K M G",v); s=1; while($1>1024){$1/=1024; s++} pri
|
|||||||
while true ; do inotifywait -r -e MODIFY dir/ && ls dir/ ; done;
|
while true ; do inotifywait -r -e MODIFY dir/ && ls dir/ ; done;
|
||||||
```
|
```
|
||||||
|
|
||||||
|
##### Tool: [openssl](https://www.openssl.org/)
|
||||||
|
|
||||||
|
###### Testing connection to remote host
|
||||||
|
|
||||||
|
```bash
|
||||||
|
echo | openssl s_client -connect google.com:443 -showcerts
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Testing connection to remote host with specific ssl version
|
||||||
|
|
||||||
|
```bash
|
||||||
|
openssl s_client -tls1_2 -connect google.com:443
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Testing connection to remote host with specific ssl cipher
|
||||||
|
|
||||||
|
```bash
|
||||||
|
openssl s_client -cipher 'AES128-SHA' -connect google.com:443
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Generate private key
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# _ciph: des3, aes
|
||||||
|
( _ciph="des3" ; _fd="private.key" ; _len="2048" ; \
|
||||||
|
openssl genrsa -${_ciph} -out ${_fd} ${_len} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Remove password from private key
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_unp="private_unp.key" ; \
|
||||||
|
openssl rsa -in ${_fd} -out ${_fd_unp} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Get public key from private key
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_pub="public.key" ; \
|
||||||
|
openssl rsa -pubout -in ${_fd} -out ${_fd_pub} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Generate private key + csr
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_csr="request.csr" ; _len="2048" ; \
|
||||||
|
openssl req -out ${_fd_csr} -new -newkey rsa:${_len} -nodes -keyout ${_fd} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Generate csr
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_csr="request.csr" ; \
|
||||||
|
openssl req -out ${_fd_csr} -new -key ${_fd} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Generate csr (metadata from exist certificate)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_csr="request.csr" ; _fd_crt="cert.crt" ; \
|
||||||
|
openssl x509 -x509toreq -in ${_fd_crt} -out ${_fd_csr} -signkey ${_fd} )
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Generate csr with -config param
|
||||||
|
|
||||||
|
```bash
|
||||||
|
( _fd="private.key" ; _fd_csr="request.csr" ; \
|
||||||
|
openssl req -new -sha256 -key ${_fd} -out ${_fd_csr} \
|
||||||
|
-config <(
|
||||||
|
cat <<-EOF
|
||||||
|
[req]
|
||||||
|
default_bits = 2048
|
||||||
|
prompt = no
|
||||||
|
default_md = sha256
|
||||||
|
req_extensions = req_ext
|
||||||
|
distinguished_name = dn
|
||||||
|
|
||||||
|
[ dn ]
|
||||||
|
C=<two-letter ISO abbreviation for your country>
|
||||||
|
ST=<state or province where your organization is legally located>
|
||||||
|
L=<city where your organization is legally located>
|
||||||
|
O=<legal name of your organization>
|
||||||
|
OU=<section of the organization>
|
||||||
|
CN=<fully qualified domain name>
|
||||||
|
|
||||||
|
[ req_ext ]
|
||||||
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
|
[ alt_names ]
|
||||||
|
DNS.1 = <fully qualified domain name>
|
||||||
|
DNS.2 = <next domain>
|
||||||
|
DNS.3 = <next domain>
|
||||||
|
EOF
|
||||||
|
))
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Checking whether the private key and the certificate match
|
||||||
|
|
||||||
|
```bash
|
||||||
|
(openssl rsa -noout -modulus -in private.key | openssl md5 ; openssl x509 -noout -modulus -in certificate.crt | openssl md5) | uniq
|
||||||
|
```
|
||||||
|
|
||||||
|
___
|
||||||
|
|
||||||
|
##### Tool: [gnutls-cli](https://gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html)
|
||||||
|
|
||||||
|
###### Testing connection to remote host (with sni)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
gnutls-cli -p 443 google.com
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Testing connection to remote host (without sni)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
gnutls-cli --disable-sni -p 443 google.com
|
||||||
|
```
|
||||||
|
|
||||||
<a name="http-https"><b>HTTP/HTTPS</b></a>
|
<a name="http-https"><b>HTTP/HTTPS</b></a>
|
||||||
|
|
||||||
##### Tool: [curl](https://curl.haxx.se)
|
##### Tool: [curl](https://curl.haxx.se)
|
||||||
@ -639,6 +758,12 @@ __EOF__
|
|||||||
ssh host -l user $(<cmd.txt)
|
ssh host -l user $(<cmd.txt)
|
||||||
```
|
```
|
||||||
|
|
||||||
|
###### Get public key from private key
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ssh-keygen -y -f ~/.ssh/id_rsa
|
||||||
|
```
|
||||||
|
|
||||||
___
|
___
|
||||||
|
|
||||||
##### Tool: [linux-dev](https://www.tldp.org/LDP/abs/html/devref1.html)
|
##### Tool: [linux-dev](https://www.tldp.org/LDP/abs/html/devref1.html)
|
||||||
@ -717,6 +842,13 @@ ngrep -d eth0 -qt 'HTTP' 'tcp'
|
|||||||
* `tcp|udp` - set protocol
|
* `tcp|udp` - set protocol
|
||||||
* `[src|dst] host [ip|hostname]` - set direction for specific node
|
* `[src|dst] host [ip|hostname]` - set direction for specific node
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ngrep -l -q -d eth0 -i "User-Agent: curl*"
|
||||||
|
```
|
||||||
|
|
||||||
|
* `-l` - stdout line buffered
|
||||||
|
* `-i` - case-insensitive search
|
||||||
|
|
||||||
___
|
___
|
||||||
|
|
||||||
##### Tool: [hping3](http://www.hping.org/)
|
##### Tool: [hping3](http://www.hping.org/)
|
||||||
|
Loading…
Reference in New Issue
Block a user