Pills
(Fix) – SSL routines::ca md too weak
This week after downloading again my htb vpn package I had an issue trying to connect to the Hack The Box labs. After searching a bit I found this resource that give me a fix. You just have to add tls-cert-profile insecure and modify cipher AES-128-CBC to data-ciphers-fallback AES-128-CBC After that you get the usual 2023-04-30 11:37:34 Initialization Sequence Completed
How to search for specific text in linux using grep
If you’re working with Linux and need to find a particular piece of text in a file or directory, you can use the following grep command. This is a powerful text-searching tool that allows you to search for specific patterns or strings of text within a file or directory. grep -rnw ‘/path/where/to/find’ -e ‘text_to_search’ -r: Tells grep to search recursively through all files in the specified directory and its subdirectories.-n:
offsec.tools
Offsec.tools is a community-driven website that provides an extensive collection of security tools organized by categories and tags, making it easy to find the right tool for your security testing needs. The website includes tools for various security testing activities such as cloud and services, CMS, information gathering, technologies, vulnerabilities, and miscellanea. The tags cover a broad range of topics such as AWS, Azure, Bitbucket, Censys, Cloudflare, Detectify, DigitalOcean, GitHub,
How to check regular expressions
If you want to check if your regular expression is going to catch what you expect it to mach you can rely on https://www.regextranslator.com as a confidence tool. Using: as an example a regular expression from a great regular expression guide from Bugcrowd: How to Regex: A Practical Guide to Regular Expressions (Regex) for Hackers, Automatically you get the regular expression simple English «translation».
How your scanner app can be tested?
Do you want to test your brand new scanner app? How to know if the app detects the vulnerabilities it should? Thanks to Portswigger now we have Gin and Juice Shop. This is a vulnerable web shop where your scanner app can be tested. The application can be found here: https://ginandjuice.shop Happy scan! 😈
explainshell.com – A tool to learn what all the command-line argument means
Have you ever had any doubts about the meaning of the arguments of some command-line tools? https://explainshell.com is a tool where you write the command and it explains you in an easy way the meaning of each of the parameters. For example if you write: ssh -i keyfile -f -N -L 1234:www.google.com:80 host The output of the ths tool will be: Or maybe: cut -d ‘ ‘ -f 1 /var/log/apache2/access_logs
What is my external ip?
This is a small script to know what is our external ip from the terminal.
Obsidian – «EMFILE: too many open files» after upgrading to Obsidian 0.15.6
After the last Obsidian upgrade to 0.15.6 in my Ubuntu 22.04 TLS with KDE, I got a message «EMFILE: too many open files» when trying to run the application whatever vault I tried to open. After searching a bit, I found this webpage where there is a workaround than can used to run Obsidian in the meantime the issue is fixed. You just have to increase the max_user_instances in the
NET::ERR_CERT_INVALID in Chrome like browsers on Mac OS
Have you ever found a website showing you a NET::ERR_CERT_INVALID error in a Chrome-like broswe (Google Chrome, Chromium, Brave…) in Mac OS?There is no option to accept the risk and continue… There is a nice trick that will let you access it. Ensure the website is selected and type: thisisunsafeThe page will instantly load. Trick found here.