Sites with valid SSL certs ssl:"orgname" 200 Negative search This is used to specify things you don’t want to be appended to your search -"content" An example could be: ssl:"orgname" 200 -"nosniff" Look for patterns in html html:"Dashboard Jenkins" Search for a specific technology This example will find all sites that use Bootstrap http.component:bootstrap Jenkins: http.component:"jenkins" Resources: https://twitter.com/shodanhq/status/985964783089233920?lang=en https://medium.com/bugbountywriteup/using-shodan-better-way-b40f330e45f6 Assets belonging to an organization org:"Name of Organization" That also return a 200 response code org:"Name of Organization" 200 Find CVE-2020-3452 org:"Name of Organization" 200 "Set-Cookie: webvpn;" Resource: https://twitter....

JQL Show tickets created by a user This will also show them in descending order, which will give you the most recently created issues first. reporter = <username> order by created DESC Query by project project = "Project Name" Find issues belonging to an inactive user reporter in (inactiveUsers()) Search via text text ~ "thing to search for" Searching for multiple criteria project = "Project Name" AND text ~ "something" Resource: https://community....

Log Responses Install the dump_io mod by running this as root: a2enmod dump_io Add these lines to the bottom of the /etc/apache2/apache2.conf file: LogLevel dumpio:trace7 DumpIOInput On DumpIOOutput On Restart the apache service to enact the changes: service apache2 restart View response data with this command: cat error.log | cut -f8- -d':' | egrep -v ' [0-9]+ bytes$' | grep -v '^$' | cut -c2- | sed 's/\\r\\n//' Run as an infinite loop:...

Search in conversation with a specific user in:@username <string to search for> Search in channel in:@channelname <string to search for> Resource: https://webapps.stackexchange.com/questions/103425/how-to-search-in-a-single-channel Keyboard Shortcuts Open search field COMMAND + g Create private channel w/ webhook Create a new private channel in slack Navigate to https://api.slack.com/apps and create a new app Navigate to https://api.slack.com/apps/YOURAPPID/incoming-webhooks Click Add New Webhook to Workspace Find the channel you created previously in the dropdown Click Allow Copy the Webhook URL and use it as needed

Secrets View secrets from master: salt '*' pillar.items Create key called mysecretkey on master: echo -n "supersecret" | gpg --armor --batch --trust-model always --encrypt -r "mysecretkey" View secrets from minion: salt-call pillar.items Get a specific secret from a minion: salt-call pillar.get a-secret Resource: https://fabianlee.org/2016/10/18/saltstack-keeping-salt-pillar-data-encrypted-using-gpg/ Directory structure There are two essential locations for salt related files (excluding service files): /etc/salt /srv/salt /etc/salt holds configuration files for the master and minion, as well as the keys for known minions....

Github Actions Get status of private action with bash Before running this command, you will need to create a Personal Access Token and set the env var PAT to its value. curl -u "$(git config user.name):${PAT}" \ -s "https://api.github.com/repos/username/somerepo/actions/workflows/someaction.yml/runs" | \ jq -r '.workflow_runs[0].status'time Resource: https://stackoverflow.com/questions/65953108/how-can-i-get-the-passing-failing-status-of-a-github-action-workflow Get latest commit hash with github actions # Set it: - name: Add SHORT_SHA env property with commit short sha run: echo "SHORT_SHA=`echo ${GITHUB_SHA} | cut -c1-8`" >> $GITHUB_ENV # Use it: - name: My step run: myscript ${SHORT_SHA} Resource: https://stackoverflow....

Kubectl List all applications and services kubectl get all Resource: https://coreos.com/tectonic/docs/latest/tutorials/sandbox/deleting-deployment.html#:~:text=Go%20to%20Workloads%20%3E%20Deployments.,Go%20to%20Routing%20%3E%20Services. List all pods kubectl get pods List all containers in all pods kubectl get pods -o='custom-columns=NameSpace:.metadata.namespace,NAME:.metadata.name,CONTAINERS:.spec.containers[*].name' List all containers in a pod kubectl get pods $POD_NAME -o='custom-columns=NameSpace:.metadata.namespace,NAME:.metadata.name,CONTAINERS:.spec.containers[*].name' Resource: https://serverfault.com/questions/873490/how-to-list-all-containers-in-kubernetes List pods in a namespace kubectl get pods -n <namespace> Get all pods running in all namespaces kubectl get pods --all-namespaces Get all container images kubectl get pods --all-namespaces -o=jsonpath="{..image} Get all container images filtered by pod label kubectl get pods --all-namespaces -o=jsonpath="{....

Automated Scanning Tools These are tools that can be run by attackers or defenders to get a sense for all of the assets in an environment. Create audit user to use for running tools export AUDIT_IAM_USER="usr-security-audit" aws iam create-user --user-name ${AUDIT_IAM_USER} aws iam attach-user-policy --user-name ${AUDIT_IAM_USER} --policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess aws iam attach-user-policy --user-name ${AUDIT_IAM_USER} --policy-arn arn:aws:iam::aws:policy/SecurityAudit aws iam create-access-key --user-name ${AUDIT_IAM_USER} Be sure to create a profile in your ~/.aws/config and ~/....

Jailbreaking At the time of this writing, only up to version 12.1.2 of iOS can be jailbroken. While it is theoretically possible to downgrade the version, it is a giant hassle and I was not able to find a fully working solution over the span of several hours of research. Save yourself some time and just get a phone with an older version of iOS. Jailbreak using Chimera Following the instructions on here: https://cydia-app....

Symbols to keep in mind ⌘ is the command key aka the windows key ⇧ is the shift key ⌃ is the control key ⌥ is the alt key Switch between windows On Mac: ⌘ tab number For example: ⌘2 Resource: https://zellwk.com/blog/useful-vscode-keyboard-shortcuts/ Markdown This extension is great, install it: https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one&ssr=false#overview Show preview of MD file On Mac: ⌘⇧V On Windows and Linux: Ctrl Shift V Extensions via command line List existing extensions:...