Jonathan Hodgson
a683e57409
The recommended value for x-xss-protection is now 0
...
The script will now recommend x-xss-protection is set to 0, in line with
the recommendation made by owasp.
https://owasp.org/www-project-secure-headers/#x-xss-protection
4 years ago
Jonathan Hodgson
1d3205bfa2
Implements --dry-run for check call
...
It obviously can't answer a call that isn't coming in, but it creates
the rofi prompt
4 years ago
Jonathan Hodgson
52d4b32c2f
Work on incoming calls
...
Unlike SXMO, I have opted to use rofi to prompt for an incoming call.
This allows me to have accept and decline buttons easily rather than
multiple notifications.
4 years ago
Jonathan Hodgson
afcd28e39e
Stops launcher using -normal-window flag
...
Still not entirely happy about this, might use dmenu instead of rofi.
Not sure yet
4 years ago
Jonathan Hodgson
2d25a11908
Improves power menu
...
Power menu will now add a suspend option for non-phones. Also, it
correctly calls i3lock if not on my phone
4 years ago
Jonathan Hodgson
f76b2b1c6f
Makes reverse shell script work if resize listener isn't available
4 years ago
Jonathan Hodgson
01c3906833
Initial work on modem functionality
...
Including, checking for incoming calls, missed calls, sms and the start
of a dialer using rofi
4 years ago
Jonathan Hodgson
9a5646f49c
Makes a start on dialer
4 years ago
Jonathan Hodgson
a4fc42b385
Update script to reflect renameing of rofi shutdown theme
4 years ago
Jonathan Hodgson
b2d0a895cb
Fixes rofi shutdown command
...
I use an alias rather than an expanded variable so I can include an
empty parameter.
The rofi shutdown command now only needs a single click to select an
option
4 years ago
Jonathan Hodgson
0b5b8ea499
Bin: adds yt script
...
This script is used to search and view youtube videos in the command
line.
4 years ago
Jonathan Hodgson
83a5c7c6c4
Fix new message count
4 years ago
Jonathan Hodgson
0453c06a60
Start on sms checker script
4 years ago
Jonathan Hodgson
7ff2ff0521
Stops sms using data flag
4 years ago
Jonathan Hodgson
14d316e081
Fixes a bug where the modem number isn't correctly identified
4 years ago
Jonathan Hodgson
069bc21297
Starts writing modem scripts
...
Currently, I only have one for sending sms messages.
Inspiration was taken from sxmo's send message script although I prefer
to send a message from a file so I don't have to worry about escaping
quotes etc.
Also, i make use of flags
4 years ago
Jonathan Hodgson
3da5389128
Add script for turning nessus html to spreadsheet
4 years ago
Jonathan Hodgson
f88324c3d3
Checks for an argument before setting a project
...
This fixes the bug where pushing esc whilst rofi menu is open would set
the project path to the main projects folder
4 years ago
Jonathan Hodgson
6e1497ab4a
Adds mailto to linkhandler
4 years ago
Jonathan Hodgson
a378c6548f
Removes unnecesary notify-send
4 years ago
Jonathan Hodgson
fd9aedf930
Folder shell will now default to project path if no termial open
4 years ago
Jonathan Hodgson
4ef857d357
Add xz to extract function
4 years ago
Jonathan Hodgson
b7f0fd29d5
Fix dvd rip, gcd is now part of math
4 years ago
Jonathan Hodgson
84fa6bd526
Adds !? and ?! for unicode lookup of introbang
4 years ago
Jonathan Hodgson
f7919d0053
Bin: fixes the lucky13 check
...
It apparently works with any cbc cipher and doesn't require tls1
4 years ago
Jonathan Hodgson
dece5f06e7
Adds a small script for querying package versions in redhat
4 years ago
Jonathan Hodgson
9a3c9d38bb
Adds a command gmutt that opens my terminal with mutt loaded
...
Also adds a desktop file that allows mutt to handle mailto: links
4 years ago
Jonathan Hodgson
4b7c769b1f
Changes the volume script to work with pulseaudio-ctl
...
https://github.com/graysky2/pulseaudio-ctl
using amixer is a pain and this takes a lot of the complexity out of it.
If pulseaudio-ctl isn't available, the script will still use amixer
4 years ago
Jonathan Hodgson
b64763b89c
Adds phone support to password manager
4 years ago
Jonathan Hodgson
fd29426b20
Changes to rofi shutdown
...
Changes the icons and temporarily disables lock
4 years ago
Jonathan Hodgson
bcf7ed158d
Changes rofi shutdown script
4 years ago
Jonathan Hodgson
bff3d4c966
Adds a launcher script
...
This is called from dwm to launch a program by name.
In its current state, it will launch rofi if it's available and dmenu if
not.
4 years ago
Jonathan Hodgson
ce5df3db22
Add brightness script
4 years ago
Jonathan Hodgson
ba2b85b2cd
BIN: analyse-headers: bug fixes
...
A couple of bug fixes, removed some unnecesary echos and fixed crash if
name is too long to fit in the heading box
4 years ago
Jonathan Hodgson
15b18a4a0a
BIN: Adds lucky13 to verifySSL
4 years ago
Jonathan Hodgson
c1ba95117a
BIN: Small adjustments to verifySSL
...
The script now prepends the command that is echoed with a $ in order to
indicate it is a command that is run
Also stops the script showing each cipher that is tested
4 years ago
Jonathan Hodgson
4c2f3dbc4d
BIN: adds sweet32 test to verifySSL
4 years ago
Jonathan Hodgson
a4dc363ee6
BIN: makes the verifySSL print progress messages to stderr
...
I chose to do this because I want to be able to pipe stdout to a file
and use it as evidence. I don't need the progress for that
4 years ago
Jonathan Hodgson
961f7797a7
BIN: starts verifySSL script
...
This will evolve to become a script that can be used to verify the
findings of a tool like testssl
Currently only supports "beast"
4 years ago
Jonathan Hodgson
6dad0bf8ab
BIN: fix csp check in analyse-headers
...
the csp function didn't correctly return 1 when a missconfigured csp was
found
4 years ago
Jonathan Hodgson
e94ba0b5b2
Improve handling of CSP
...
Although I'd like to re-do the csp handling, this change fixes the
detection of unsafe-inline and unsafe-eval.
4 years ago
Jonathan Hodgson
b8f104fd00
Makes detection of x-frame-options value case insensitive
...
In other words, sameorigin == SAMEORIGIN == saMeOriGIN
This is in line with the spec for the header:
https://tools.ietf.org/html/rfc7034
4 years ago
Jonathan Hodgson
6feffc731b
BIN: analyse-headers: improve expect-ct description
4 years ago
Jonathan Hodgson
41fd57310a
BIN: analyse-headers: Checks the access-control-allow-origin header
...
Another suggestion by <Dom Ingram>.
For more details on the null issue, read here:
https://w3c.github.io/webappsec-cors-for-developers/#avoid-returning-access-control-allow-origin-null
4 years ago
Jonathan Hodgson
984298b29b
BIN: analyse-headers: fix most shellcheck warnings
...
The only checks I haven't fixed are the unused variables for colours. I
may use them in the future so haven't removed them
4 years ago
Jonathan Hodgson
6ac052cd39
BIN: analyse-headers: note on x-frame-options if frame-ancestors present
...
If the frame-ancestors content security policy is present, the
x-frame-options warning mentions that the content security helps
mitigate against clickjacking although for greater browser support,
x-frame-options should also be used
Thanks <Dom Ingram> for the suggestion
4 years ago
Jonathan Hodgson
1b42f81f47
BIN: analyse-headers: Adds generic version disclosure function
...
if the header contains the word "version" (case insensitively) it will
flag it as potential information disclosure
Thanks <Dom Ingram> for the suggestion
4 years ago
Jonathan Hodgson
e247c85bc9
BIN: analyse-headers: read from stdin if first arg is -
...
This makes testing much easier
4 years ago
Jonathan Hodgson
cad2f2d2d5
BIN: analyse-headers: Add more notes to expect-ct description
...
As pointed out by <Dom Ingram>, the expect-ct is likely to become
obsolete in June 2012
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT
4 years ago
Jonathan Hodgson
7ea1e9a964
BIN: analyse-headers: Fix incorrect reporting of SSL issues
...
It turns out the SSL flags secure and httponly are not case sensitive.
https://tools.ietf.org/html/rfc6265#section-5.2.5
I cannot find any documentation about the SameSite=Strict so I will
leave it case sensitive for now. The spec for that section is here:
https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-05#section-5.2
Thanks <Dom Ingram> for flagging this
4 years ago