# This file provides my current word completion # Unlike standard completion provided by zsh, this completion is based on the current word rather than the current command # Prompts the user to select a wordlist from the wordlists folder wordlistSelect() { fd -a --type f --hidden --follow --color=always --exclude .git --exclude \*.md --exclude \*.gif --exclude \*.jpg --exclude \*.png --exclude \*.lua --exclude \*.jar --exclude \*.pl --exclude \*.torrent --exclude \*.7z '' /usr/share/wordlists/ | fzf --preview 'bat --color=always {}' } regexSelect(){ ( echo -e "Name\tRegex\tNotes" echo -ne "IP Address\t" echo -n '(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])' echo -e "\tRequires extended regex -E in grep" echo -ne "URLs\t" echo -n $'https?://[^"\'> ]+' echo -e "\tRequires extended regex -E in grep" echo -ne "AWS Keys\t" echo -n '([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}' echo -e "\tRequires extended regex -E in grep" echo -ne "md5\t" echo -n '[0-9a-f]\{32\}' echo -e "\t" echo -ne "Bcrypt\t" echo -n '\$2[ayb]\$.{56}' echo -e "\tRequires extended regex -E in grep" echo -ne "Cloudinary\t" echo -n 'cloudinary://.*' echo -e "\tRequires extended regex -E in grep" echo -ne "Firebase URL\t" echo -n '.*firebaseio\.com' echo -e "\tRequires extended regex -E in grep" echo -ne "Slack Token\t" echo -n '(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})' echo -e "\tRequires extended regex -E in grep" echo -ne "RSA private key\t" echo -n '-----BEGIN RSA PRIVATE KEY-----' echo -e "\tRequires extended regex -E in grep" echo -ne "SSH (DSA) private key\t" echo -n '-----BEGIN DSA PRIVATE KEY-----' echo -e "\tRequires extended regex -E in grep" echo -ne "SSH (EC) private key\t" echo -n '-----BEGIN EC PRIVATE KEY-----' echo -e "\tRequires extended regex -E in grep" echo -ne "PGP private key block\t" echo -n '-----BEGIN PGP PRIVATE KEY BLOCK-----' echo -e "\tRequires extended regex -E in grep" echo -ne "Amazon AWS Access Key ID\t" echo -n 'AKIA[0-9A-Z]{16}' echo -e "\tRequires extended regex -E in grep" echo -ne "Amazon MWS Auth Token\t" echo -n 'amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' echo -e "\tRequires extended regex -E in grep" echo -ne "AWS API Key\t" echo -n 'AKIA[0-9A-Z]{16}' echo -e "\tRequires extended regex -E in grep" echo -ne "Facebook Access Token\t" echo -n 'EAACEdEose0cBA[0-9A-Za-z]+' echo -e "\tRequires extended regex -E in grep" echo -ne "Facebook OAuth\t" echo -n $'[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*[\'|"][0-9a-f]{32}[\'|"]' echo -e "\tRequires extended regex -E in grep" echo -ne "GitHub\t" echo -n $'[g|G][i|I][t|T][h|H][u|U][b|B].*[\'|"][0-9a-zA-Z]{35,40}[\'|"]' echo -e "\tRequires extended regex -E in grep" echo -ne "Generic API Key\t" echo -n $'[a|A][p|P][i|I][_]?[k|K][e|E][y|Y].*[\'|"][0-9a-zA-Z]{32,45}[\'|"]' echo -e "\tRequires extended regex -E in grep" echo -ne "Generic Secret\t" echo -n $'[s|S][e|E][c|C][r|R][e|E][t|T].*[\'|"][0-9a-zA-Z]{32,45}[\'|"]' echo -e "\tRequires extended regex -E in grep" echo -ne "Google API Key\t" echo -n 'AIza[0-9A-Za-z\\-_]{35}' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Cloud Platform API Key\t" echo -n 'AIza[0-9A-Za-z\\-_]{35}' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Cloud Platform OAuth\t" echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Drive API Key\t" echo -n 'AIza[0-9A-Za-z\\-_]{35}' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Drive OAuth\t" echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' echo -e "\tRequires extended regex -E in grep" echo -ne "Google (GCP) Service-account\t" echo -n '"type": "service_account"' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Gmail API Key\t" echo -n 'AIza[0-9A-Za-z\\-_]{35}' echo -e "\tRequires extended regex -E in grep" echo -ne "Google Gmail OAuth\t" echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' echo -e "\tRequires extended regex -E in grep" echo -ne "Google OAuth Access Token\t" echo -n 'ya29\\.[0-9A-Za-z\\-_]+' echo -e "\tRequires extended regex -E in grep" echo -ne "Google YouTube API Key\t" echo -n 'AIza[0-9A-Za-z\\-_]{35}' echo -e "\tRequires extended regex -E in grep" echo -ne "Google YouTube OAuth\t" echo -n '[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com' echo -e "\tRequires extended regex -E in grep" echo -ne "Heroku API Key\t" echo -n '[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}' echo -e "\tRequires extended regex -E in grep" echo -ne "MailChimp API Key\t" echo -n '[0-9a-f]{32}-us[0-9]{1,2}' echo -e "\tRequires extended regex -E in grep" echo -ne "Mailgun API Key\t" echo -n 'key-[0-9a-zA-Z]{32}' echo -e "\tRequires extended regex -E in grep" echo -ne "Password in URL\t" echo -n '[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\' echo -e "\tRequires extended regex -E in grep" echo -ne "PayPal Braintree Access Token\t" echo -n 'access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}' echo -e "\tRequires extended regex -E in grep" echo -ne "Picatic API Key\t" echo -n 'sk_live_[0-9a-z]{32}' echo -e "\tRequires extended regex -E in grep" echo -ne "Slack Webhook\t" echo -n 'https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}' echo -e "\tRequires extended regex -E in grep" echo -ne "Stripe API Key\t" echo -n 'sk_live_[0-9a-zA-Z]{24}' echo -e "\tRequires extended regex -E in grep" echo -ne "Stripe Restricted API Key\t" echo -n 'rk_live_[0-9a-zA-Z]{24}' echo -e "\tRequires extended regex -E in grep" echo -ne "Square Access Token\t" echo -n 'sq0atp-[0-9A-Za-z\\-_]{22}' echo -e "\tRequires extended regex -E in grep" echo -ne "Square OAuth Secret\t" echo -n 'sq0csp-[0-9A-Za-z\\-_]{43}' echo -e "\tRequires extended regex -E in grep" echo -ne "Twilio API Key\t" echo -n 'SK[0-9a-fA-F]{32}' echo -e "\tRequires extended regex -E in grep" echo -ne "Twitter Access Token\t" echo -n '[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*[1-9][0-9]+-[0-9a-zA-Z]{40}' echo -e "\tRequires extended regex -E in grep" echo -ne "Twitter OAuth\t" echo -n $'[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*[\'|"][0-9a-zA-Z]{35,44}[\'|"]' echo -e "\tRequires extended regex -E in grep" ) | column -t -s $'\t' | fzf --preview-window top:1 --preview 'echo {3}' --delimiter ' +' --header-lines 1 --with-nth 1,2 | awk -F ' +' '{gsub("\"","\\\"",$2); print "\"" $2 "\""}' } word_replace(){ local ret=1 local word="$1" local cmd="$2" case "$word" in wl) wordlistSelect; return 0 ;; myip) ip route | grep -oE '(dev|src) [^ ]+' | sed 'N;s/\n/,/;s/src //;s/dev //' | awk -F',' '{print $2 " " $1}' | sort -u | fzf -1 --no-preview | cut -d' ' -f1; return 0 ;; regex) regexSelect; return 0 ;; esac return "$ret" } currentwordcomplete(){ local tokens cmd swap ret=1 lastWord # http://zsh.sourceforge.net/FAQ/zshfaq03.html # http://zsh.sourceforge.net/Doc/Release/Expansion.html#Parameter-Expansion-Flags # Use zsh's shell parsing to split lbuffer into items # This takes into account quoting and escaping tokens=(${(z)LBUFFER}) # If there isn't anythng typed, fall back to old tab binding if [ ${#tokens} -lt 1 ]; then zle ${currentword_default_completion:-expand-or-complete} return fi # Assume the first element # TODO: make this work for multiple commands chained with | or > or && etc. # TODO: make this work when command prepended with variables eg a=2 foo bar # foo is the command name cmd="${tokens[1]}" lastWord="${tokens[-1]}" # Check we haven't pushed space if [ "${LBUFFER[-1]}" != " " ]; then swap="$(word_replace "$lastWord" "$cmd")" ret="$?" # This part checks if the part after an = is completable if [ "$ret" -ne "0" ]; then local afterEqual="${lastWord##*=}" local beforeEqual="${lastWord%=*}" # If they are different, there is an equals in the word if [ "$afterEqual" != "$lastWord" ]; then swap="${beforeEqual}=$(word_replace "$afterEqual" "$cmd")" ret="$?" fi fi fi if [ "$ret" -eq "0" ]; then if [ -n "$swap" ]; then tokens[-1]="$swap" LBUFFER="${tokens[@]}" fi zle reset-prompt return 0 else zle ${currentword_default_completion:-expand-or-complete} return fi } # Record what ctrl+i is currently set to # That way we can call it if jhcompletion doesn't result in anything [ -z "$currentword_default_completion" ] && { binding=$(bindkey '^I') [[ $binding =~ 'undefined-key' ]] || currentword_default_completion=$binding[(s: :w)2] unset binding } zle -N currentwordcomplete bindkey '^I' currentwordcomplete