Brandon Williams williamsbdev
williamsbdev
/ python-security-vulnerability-egrep.sh
Last active
June 10, 2016 02:27
— forked from nstarke/python-security-vulnerability-egrep.sh
Python Security Vulnerability Egrep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this command will return places where the application shells out or dynamically executes code: | |
| egrep -r --include "*.py" -e "(exec|eval)\(|subprocess|popen" . | |
| # DJANGO: find places where HTML encoding is turned off via the "safe" attribute: | |
| grep -r --include "*.py" --include "*.html" -e "|safe" . | |
| # DJANGO: find places where unsafe SQL queries are executed: | |
| egrep -r --include "*.py" -e "\.(raw|execute)\(" . | |
| # Non zero values indicate that some sort of CSRF protection is probably enabled. |
williamsbdev
/ osx-for-hackers.sh
Last active
August 29, 2015 14:08
— forked from brandonb927/osx-for-hackers.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Some things taken from here | |
| # https://github.com/mathiasbynens/dotfiles/blob/master/.osx | |
| # Set the colours you can use | |
| black='\033[0;30m' | |
| white='\033[0;37m' | |
| red='\033[0;31m' | |
| green='\033[0;32m' |