Jonathan Hodgson
343f510ad0
Adds a small script for querying package versions in redhat
4 years ago
Jonathan Hodgson
e21b641651
Adds a command gmutt that opens my terminal with mutt loaded
...
Also adds a desktop file that allows mutt to handle mailto: links
4 years ago
Jonathan Hodgson
f08de9faf5
Adds phone support to password manager
4 years ago
Jonathan Hodgson
85ba44a508
Changes to rofi shutdown
...
Changes the icons and temporarily disables lock
4 years ago
Jonathan Hodgson
a3902ac559
Changes rofi shutdown script
4 years ago
Jonathan Hodgson
41082f1f06
Adds a launcher script
...
This is called from dwm to launch a program by name.
In its current state, it will launch rofi if it's available and dmenu if
not.
4 years ago
Jonathan Hodgson
5ae185e6c1
Add brightness script
4 years ago
Jonathan Hodgson
30dd026965
BIN: analyse-headers: bug fixes
...
A couple of bug fixes, removed some unnecesary echos and fixed crash if
name is too long to fit in the heading box
4 years ago
Jonathan Hodgson
d8e3b894c0
BIN: Adds lucky13 to verifySSL
4 years ago
Jonathan Hodgson
bd7337926e
BIN: Small adjustments to verifySSL
...
The script now prepends the command that is echoed with a $ in order to
indicate it is a command that is run
Also stops the script showing each cipher that is tested
4 years ago
Jonathan Hodgson
064b53f2bf
BIN: adds sweet32 test to verifySSL
4 years ago
Jonathan Hodgson
dd4b8e5161
BIN: makes the verifySSL print progress messages to stderr
...
I chose to do this because I want to be able to pipe stdout to a file
and use it as evidence. I don't need the progress for that
4 years ago
Jonathan Hodgson
995b2a516e
BIN: starts verifySSL script
...
This will evolve to become a script that can be used to verify the
findings of a tool like testssl
Currently only supports "beast"
4 years ago
Jonathan Hodgson
349963cdad
BIN: fix csp check in analyse-headers
...
the csp function didn't correctly return 1 when a missconfigured csp was
found
4 years ago
Jonathan Hodgson
3f01926ab6
Improve handling of CSP
...
Although I'd like to re-do the csp handling, this change fixes the
detection of unsafe-inline and unsafe-eval.
4 years ago
Jonathan Hodgson
e77aa36e70
Makes detection of x-frame-options value case insensitive
...
In other words, sameorigin == SAMEORIGIN == saMeOriGIN
This is in line with the spec for the header:
https://tools.ietf.org/html/rfc7034
4 years ago
Jonathan Hodgson
909a6e5e3c
BIN: analyse-headers: improve expect-ct description
4 years ago
Jonathan Hodgson
b49d000408
BIN: analyse-headers: Checks the access-control-allow-origin header
...
Another suggestion by <Dom Ingram>.
For more details on the null issue, read here:
https://w3c.github.io/webappsec-cors-for-developers/#avoid-returning-access-control-allow-origin-null
4 years ago
Jonathan Hodgson
f669880037
BIN: analyse-headers: fix most shellcheck warnings
...
The only checks I haven't fixed are the unused variables for colours. I
may use them in the future so haven't removed them
4 years ago
Jonathan Hodgson
2e1dff91a3
BIN: analyse-headers: note on x-frame-options if frame-ancestors present
...
If the frame-ancestors content security policy is present, the
x-frame-options warning mentions that the content security helps
mitigate against clickjacking although for greater browser support,
x-frame-options should also be used
Thanks <Dom Ingram> for the suggestion
4 years ago
Jonathan Hodgson
1fabc27b79
BIN: analyse-headers: Adds generic version disclosure function
...
if the header contains the word "version" (case insensitively) it will
flag it as potential information disclosure
Thanks <Dom Ingram> for the suggestion
4 years ago
Jonathan Hodgson
27b9af6327
BIN: analyse-headers: read from stdin if first arg is -
...
This makes testing much easier
4 years ago
Jonathan Hodgson
039f4e2270
BIN: analyse-headers: Add more notes to expect-ct description
...
As pointed out by <Dom Ingram>, the expect-ct is likely to become
obsolete in June 2012
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT
4 years ago
Jonathan Hodgson
bf132e16c2
BIN: analyse-headers: Fix incorrect reporting of SSL issues
...
It turns out the SSL flags secure and httponly are not case sensitive.
https://tools.ietf.org/html/rfc6265#section-5.2.5
I cannot find any documentation about the SameSite=Strict so I will
leave it case sensitive for now. The spec for that section is here:
https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-05#section-5.2
Thanks <Dom Ingram> for flagging this
4 years ago
Jonathan Hodgson
69c7355225
BIN: analyse-headers: add expect-ct and start referrer-policy
4 years ago
Jonathan Hodgson
5369861bc8
BIN: Analyse-headers: Adds to description for cookie flag
4 years ago
Jonathan Hodgson
3665bb63a2
BIN: analyse-headers: fix error "wrap command not found"
4 years ago
Jonathan Hodgson
97df97a48b
BIN: analyse-headers: adds feature-policy and permissions-policy checks
4 years ago
Jonathan Hodgson
afa3f3495a
BIN: analyse-headers: Wrap text in descriptions
...
The text in descriptions is now wrapped to 80 chars. This does not
affect the headers printed at the top which are not wrapped
4 years ago
Jonathan Hodgson
fb5d25dc6c
BIN: Adds SameSite check in analyse-headers script
...
The script will now warn you if the SameSite option is not set to Strict
on cookies.
4 years ago
Jonathan Hodgson
c384064641
BIN: Fix webtest script when : in cookies
...
If there was a colon in a cookie, the script would misidentify insecure
cookie configurations
4 years ago
Jonathan Hodgson
ab2c56d9b5
BIN: Adds analyse-headers script
...
The script is in early stages of development but should work for some of
the most common mis-configurtaions.
4 years ago
Jonathan Hodgson
83f00fd4b9
BIN: Adds git dumper
...
from here: https://github.com/internetwache/GitTools/blob/master/Dumper/gitdumper.sh
4 years ago
Jonathan Hodgson
7a4a785ac7
BIN: Adds hex2rgb script
4 years ago
Jonathan Hodgson
bae31d87cf
BIN: Makes opout view images with sxiv
4 years ago
Jonathan Hodgson
28386e90fb
Adds an interactive jq experement
4 years ago
Jonathan Hodgson
c02e14dcfc
Adds some useful util bash functions
4 years ago
Jonathan Hodgson
381c66d766
BIN: Updates git-delete-submodule to remove them if they've been moved
...
The old script assumed that submodles name and path were the same, now
that isn't the case
4 years ago
Jonathan Hodgson
3d37f3c645
Wraps strings in double quotes
4 years ago
Jonathan Hodgson
16fe25ba4a
Adds corp-curl script
4 years ago
Jonathan Hodgson
085f17ab1f
Adds scripts to help with ssl testing
4 years ago
Jonathan Hodgson
77955b1e18
Renames jwtcat to catjwt to avoid clash with 3rd party tool
4 years ago
Jonathan Hodgson
d106799a8b
Creates script for printing jwt web tokens
4 years ago
Jonathan Hodgson
aa9f0b967e
Adds script to download a series from iplayer
4 years ago
Jonathan Hodgson
0fa0b5e0a5
Updates tridactylrc and adds gnvim script
...
The script simply opens a new terminal with nvim running in it, passing
any arguments directly to nvim
This is used by tridactyl to open a text box in vim
Also added some new search engines and some other keybindings
4 years ago
Jonathan Hodgson
b19db697e8
A start to webtest script
4 years ago
Jonathan Hodgson
0d357e8f9e
Makes linkhandler handle more
...
It now handles some peertube, more invidious and xkcd
4 years ago
Jonathan Hodgson
c80a9ec925
Allow syncing of just inbox rather than all mailboxes
4 years ago
Jonathan Hodgson
5490877e2e
Fixes cyberchef script
4 years ago
Jonathan Hodgson
3f265a3c25
Makes password manager change keyboard layout when inserting
4 years ago