jab2870/Dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
1082 commits 1 branch 0 tags 15 MiB
Commit graph

325 commits

Author SHA1 Message Date
Jonathan Hodgson
995b2a516e BIN: starts verifySSL script 
This will evolve to become a script that can be used to verify the
findings of a tool like testssl

Currently only supports "beast"
 2021-01-13 16:09:28 +00:00
Jonathan Hodgson
349963cdad BIN: fix csp check in analyse-headers 
the csp function didn't correctly return 1 when a missconfigured csp was
found
 2021-01-11 14:09:40 +00:00
Jonathan Hodgson
3f01926ab6 Improve handling of CSP 
Although I'd like to re-do the csp handling, this change fixes the
detection of unsafe-inline and unsafe-eval.
 2021-01-11 12:16:18 +00:00
Jonathan Hodgson
e77aa36e70 Makes detection of x-frame-options value case insensitive 
In other words, sameorigin == SAMEORIGIN == saMeOriGIN

This is in line with the spec for the header:

https://tools.ietf.org/html/rfc7034
 2021-01-11 12:07:07 +00:00
Jonathan Hodgson
909a6e5e3c BIN: analyse-headers: improve expect-ct description 2020-12-11 15:38:28 +00:00
Jonathan Hodgson
b49d000408 BIN: analyse-headers: Checks the access-control-allow-origin header 
Another suggestion by <Dom Ingram>.

For more details on the null issue, read here:
https://w3c.github.io/webappsec-cors-for-developers/#avoid-returning-access-control-allow-origin-null
 2020-12-11 15:26:32 +00:00
Jonathan Hodgson
f669880037 BIN: analyse-headers: fix most shellcheck warnings 
The only checks I haven't fixed are the unused variables for colours. I
may use them in the future so haven't removed them
 2020-12-11 15:01:53 +00:00
Jonathan Hodgson
2e1dff91a3 BIN: analyse-headers: note on x-frame-options if frame-ancestors present 
If the frame-ancestors content security policy is present, the
x-frame-options warning mentions that the content security helps
mitigate against clickjacking although for greater browser support,
x-frame-options should also be used

Thanks <Dom Ingram> for the suggestion
 2020-12-09 16:39:11 +00:00
Jonathan Hodgson
1fabc27b79 BIN: analyse-headers: Adds generic version disclosure function 
if the header contains the word "version" (case insensitively) it will
flag it as potential information disclosure

Thanks <Dom Ingram> for the suggestion
 2020-12-09 16:26:47 +00:00
Jonathan Hodgson
27b9af6327 BIN: analyse-headers: read from stdin if first arg is - 
This makes testing much easier
 2020-12-09 16:24:59 +00:00
Jonathan Hodgson
039f4e2270 BIN: analyse-headers: Add more notes to expect-ct description 
As pointed out by <Dom Ingram>, the expect-ct is likely to become
obsolete in June 2012

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT
 2020-12-09 16:13:39 +00:00
Jonathan Hodgson
bf132e16c2 BIN: analyse-headers: Fix incorrect reporting of SSL issues 
It turns out the SSL flags secure and httponly are not case sensitive.

https://tools.ietf.org/html/rfc6265#section-5.2.5

I cannot find any documentation about the SameSite=Strict so I will
leave it case sensitive for now. The spec for that section is here:

https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-05#section-5.2

Thanks <Dom Ingram> for flagging this
 2020-12-09 16:08:26 +00:00
Jonathan Hodgson
69c7355225 BIN: analyse-headers: add expect-ct and start referrer-policy 2020-12-03 11:19:35 +00:00
Jonathan Hodgson
5369861bc8 BIN: Analyse-headers: Adds to description for cookie flag 2020-12-02 10:54:10 +00:00
Jonathan Hodgson
3665bb63a2 BIN: analyse-headers: fix error "wrap command not found" 2020-12-02 09:19:47 +00:00
Jonathan Hodgson
97df97a48b BIN: analyse-headers: adds feature-policy and permissions-policy checks 2020-12-02 09:11:52 +00:00
Jonathan Hodgson
afa3f3495a BIN: analyse-headers: Wrap text in descriptions 
The text in descriptions is now wrapped to 80 chars. This does not
affect the headers printed at the top which are not wrapped
 2020-12-02 08:32:10 +00:00
Jonathan Hodgson
fb5d25dc6c BIN: Adds SameSite check in analyse-headers script 
The script will now warn you if the SameSite option is not set to Strict
on cookies.
 2020-12-01 21:17:34 +00:00
Jonathan Hodgson
c384064641 BIN: Fix webtest script when : in cookies 
If there was a colon in a cookie, the script would misidentify insecure
cookie configurations
 2020-12-01 19:56:33 +00:00
Jonathan Hodgson
ab2c56d9b5 BIN: Adds analyse-headers script 
The script is in early stages of development but should work for some of
the most common mis-configurtaions.
 2020-12-01 18:15:01 +00:00
Jonathan Hodgson
83f00fd4b9 BIN: Adds git dumper 
from here: https://github.com/internetwache/GitTools/blob/master/Dumper/gitdumper.sh
 2020-10-27 11:35:42 +00:00
Jonathan Hodgson
7a4a785ac7 BIN: Adds hex2rgb script 2020-10-06 14:45:41 +01:00
Jonathan Hodgson
bae31d87cf BIN: Makes opout view images with sxiv 2020-09-29 08:52:47 +01:00
Jonathan Hodgson
28386e90fb Adds an interactive jq experement 2020-09-26 15:13:23 +01:00
Jonathan Hodgson
c02e14dcfc Adds some useful util bash functions 2020-09-26 15:12:48 +01:00
Jonathan Hodgson
381c66d766 BIN: Updates git-delete-submodule to remove them if they've been moved 
The old script assumed that submodles name and path were the same, now
that isn't the case
 2020-09-26 14:46:23 +01:00
Jonathan Hodgson
3d37f3c645 Wraps strings in double quotes 2020-09-25 10:46:36 +01:00
Jonathan Hodgson
16fe25ba4a Adds corp-curl script 2020-09-23 09:51:09 +01:00
Jonathan Hodgson
085f17ab1f Adds scripts to help with ssl testing 2020-09-22 15:49:42 +01:00
Jonathan Hodgson
77955b1e18 Renames jwtcat to catjwt to avoid clash with 3rd party tool 2020-09-22 15:41:06 +01:00
Jonathan Hodgson
d106799a8b Creates script for printing jwt web tokens 2020-09-22 15:40:20 +01:00
Jonathan Hodgson
aa9f0b967e Adds script to download a series from iplayer 2020-09-19 11:25:48 +01:00
Jonathan Hodgson
0fa0b5e0a5 Updates tridactylrc and adds gnvim script 
The script simply opens a new terminal with nvim running in it, passing
any arguments directly to nvim

This is used by tridactyl to open a text box in vim

Also added some new search engines and some other keybindings
 2020-09-19 11:24:02 +01:00
Jonathan Hodgson
b19db697e8 A start to webtest script 2020-09-19 11:18:55 +01:00
Jonathan Hodgson
0d357e8f9e Makes linkhandler handle more 
It now handles some peertube, more invidious and xkcd
 2020-09-19 11:12:34 +01:00
Jonathan Hodgson
c80a9ec925 Allow syncing of just inbox rather than all mailboxes 2020-09-19 11:09:20 +01:00
Jonathan Hodgson
5490877e2e Fixes cyberchef script 2020-09-19 11:03:31 +01:00
Jonathan Hodgson
3f265a3c25 Makes password manager change keyboard layout when inserting 2020-09-03 17:08:46 +01:00
Jonathan Hodgson
cecdd951dd Makes mutt view calender invites nicely 2020-07-30 15:21:15 +01:00
Jonathan Hodgson
b4bdba9e24 Adds getpaths script 2020-07-29 17:34:17 +01:00
Jonathan Hodgson
c5a999d36b Adds multicrop 2 and unrotate 2020-07-29 17:33:30 +01:00
Jonathan Hodgson
353bb99097 Adds git-to-tikz script 2020-07-29 17:32:38 +01:00
Jonathan Hodgson
ab56c7bdd0 Adds split-audio-book 2020-07-29 17:31:55 +01:00
Jonathan Hodgson
b63f40300b Adds ansi to svg script 2020-07-29 17:31:27 +01:00
Jonathan Hodgson
495b5e3794 Stop linkhandeler from notifying 2020-07-29 17:29:00 +01:00
Jonathan Hodgson
ac9fdea3d5 updates urlencode to work better with vim 2020-07-29 17:28:09 +01:00
Jonathan Hodgson
0b510b8370 Makes send-from-mutt script also run notmuch new 2020-07-29 17:27:10 +01:00
Jonathan Hodgson
d28bec4a8b Makes reverse-sehlls rofi script use resize listener 2020-07-29 17:26:35 +01:00
Jonathan Hodgson
4b86f98966 Stop open-youtube from notifying 2020-07-29 17:25:45 +01:00
Jonathan Hodgson
7f0fc4c46d Work on bookmark script 2020-07-29 17:25:01 +01:00