LazyVim is a Neovim setup powered by lazy.nvim to make it easy to customize and extend your config. LazyVim is a curated configuration for Vim that integrates various plugins, settings, and key mappings to simplify the Vim experience. By bundling together popular plugins and optimizing configurations, LazyVim provides a powerful, ready-to-use setup that eliminates the hassle of manually configuring Vim. Based on lazyvim install documentation: Install For Arch-based systems: For Debian-based systems:
Latest security Vulnerabilities in ownCloud
Disclosure of Sensitive Credentials and Configuration in Containerized Deployments Description A vulnerability in the «graphapi» app exposes PHP environment configuration, potentially revealing sensitive data like admin passwords, mail server credentials, and license keys in containerized deployments. Disabling the app doesn’t mitigate the risk entirely, as the disclosed information extends beyond credentials. Affected Versions graphapi 0.2.0 – 0.3.0 Action Taken The removal of a specific file and disabling the phpinfo function
Google Hacking Database
The Google Hacking Database (GHDB) is a collection of search queries that use Google’s search syntax in creative ways to uncover vulnerabilities, exposed databases, login portals with default credentials, sensitive files, and other information that might not be intended for public access. All contained Dorks are categorized in several categories:
Tor install and usage (Arch based distro)
Install and configuration $ yay -S tor nyx torsocks torbrowser-launcher $ sudo systemctl status tor $ ss -nlt Usage Torify a command $ wget -qO – https://api.ipify.org; echo x1x1.y1y1.z1z1.t1t1 $ torsocks wget -qO – https://api.ipify.org; echo x2x2.y2y2.z2z2.t2.t2 $ sudo systemctl stop tor$ torsocks wget -qO – https://api.ipify.org; echo Torify a shell $ source torsocks on Tor mode activated. Every command will be torified for this shell. $ wget -qO –
Yay mind map cheat-sheet
Today I share a small sheet sheet to learn to use yay. Yay is an AUR helper and Pacman wrapper that streamlines the management of packages on Arch Linux. It acts as a bridge between the official Arch repositories and the AUR, making it easier for users to install, update, and remove software.
Unlimited history in Zsh and Bash
It’s a common saying that you don’t miss something until you realize you don’t have it.This is what happens with shell history.You execute many commands in your daily tasks but at least from my side, keeping the history and the need to search through all past commands haven’t been a need until I had needed them and I realized that all commands were gone. So it’s time to set an
Nuclei v3 is here
Last week nuclei was uptated to v3. This is a summary of the Nuclei v3 new features: Project discovery blog post with the full description can be found here: https://blog.projectdiscovery.io/nuclei-v3-featurefusion/ Note: By the time I uploaded my systems it has been released Nuclei v3.0.1 fixing some issues introduced with v3.0The full changelog can be checked here: https://github.com/projectdiscovery/nuclei/compare/v3.0.0…v3.0.1 $ nuclei –up $ nuclei –version
Rengine 2.0 has finally arrived
After some waiting, Rengine 2.0 is here and it comes with many changes: New additions overview: Install $ git clone https://github.com/yogeshojha/rengine.git$ edit .env(Remember to change the Postgres password) $ sudo ./install.sh The first clean installation try gave these issues. Then tried the same migration fix I needed for the old reNgine version. $ docker-compose -f docker-compose.yml exec web python3 manage.py migrate After that, a second installation attempt everything was fine.
OWASP Juice Shop
According to its Github description: OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications! https://github.com/juice-shop/juice-shop It can be a very helpful tool to learn and practice your hacking
Anew: Yet Another Useful Tool for your scripts
Anew is a handy tool created by Tomnomnom for appending lines to a file while ensuring that duplicates are not added, making it useful for scripting and data processing tasks. Install go install -v github.com/tomnomnom/anew@latest Help Usage (Examples from its Github)