3rdstage's Wiki
Don't have an account?
Register
Advertisement
Register
in: Pages using deprecated enclose attributes

Platforms, Servers, Tools, and Utilities

Revision as of 14:44, 25 March 2020 by 3rdstage (talk | contribs) (→‎kramdown)
 View source

Platforms

SMACK

  • KillrWeather
    • a reference application (which we are constantly improving) showing how to easily leverage and integrate Apache Spark, Apache Cassandra, and Apache Kafka for fast, streaming computations in asynchronous Akka event-driven environments.

ROS

Frameworks

Networking

Vert.x

Testing

Selenium

XMLUnit

Mobile

Sencha Touch

Libraries

XML

EXSLT

  • http://exslt.org/
  • Desc. : a community initiative to provide extensions to XSLT.
  • License : ?

Jing

WSDL viewer

Networking

gRPC

Protocol Buffers

  • https://code.google.com/p/protobuf/
  • Desc. : a language-neutral, platform-neutral, extensible way of serializing structured data for use in communications protocols, data storage, and more.
  • License : BSD License

Security

NSS

JSS

Readings

misc

CKEditor

markItUp

  • http://markitup.jaysalvat.com/
  • Desc. : allows you to turn any textarea into a markup editor such as Html, Textile, Wiki Syntax, Markdown, BBcode or even your own Markup system.
  • License : MIT/GPL

Scintilla

  • http://www.scintilla.org/
  • Desc. : A free source code editing component for Win32, GTK+, and OS X
  • License : permits use in any free project or commercial product.

Tools

IDE

NetBeans

  • https://netbeans.org/
  • Desc. : lets you quickly and easily develop Java desktop, mobile, and web applications, while also providing great tools for PHP and C/C++ developers.
  • License : dual license consisting of the CDDL v1.0 and the GPL v2

IntelliJ IDEA

Plugins
Plugin Site Description Remarks
BashSupport https://www.plugin-dev.com/project/bashsupport/ provides an almost complete development environment to work with Bash scripts in IntelliJ platform products

Atom

Readings
  • apm - Atom Package Manager
    • You can configure apm by using the apm config command line option (recommended) or by manually editing the ~/.atom/.apmrc file as per the npm config.
    • To list apm configuration by scope and file, execute $ apm config ls
Plug-ins
Plug-in Description Remarks
PlatformIO IDE Terminal A terminal package for Atom, complete with themes, API and more for PlatformIO IDE.

UML Modeling

PlantUML

Readings

UMLet

UMLGraph

Readings

Sirius

  • http://www.eclipse.org/sirius/
  • Desc. : an Eclipse project which allows you to easily create your own graphical modeling workbench by leveraging the Eclipse Modeling technologies, including EMF and GMF.
  • License

BOUML

  • https://www.bouml.fr/
  • Desc. : a free UML 2 tool box including a modeler allowing you to specify and generate code in C++, Java, Idl, Php, Python and MySQL.
  • License :

UML Designer

Modelio

yEd

Readings
Palletes

Data Modeling

SQL Developer Data Modeler

References
  • Features supported or not supported
Feature Supporting Remarks
Defining AK(Alternative Key)
Defining View Yes
Defining FK from AK
Using Domain Yes datatype alias for more intuitive and consistent representation
Defining mandatory or initial data Yes
Generate DDL Yes - Oracle Database 9i/10g/11g/12c, SQL Server 2000/2005/2008/2012, DB2/UDB 7.1/8.1/9
- Not supporting MySQL and PostgreSQL as of 4.2
Using name template Yes PK, FK, UK, Check, Index, ...
Config
  • datamodeler/bin/datamodeler.conf
#SetJavaHome ../../jdk
SetJavaHome C:/lang/jdk1.8
  • ide/bin/ide.conf
AddVMOption -Duser.language=en
AddVMOption -Duser.country=US
  • datamodeler/types/dl_settings.xml
    • font_name="Dialog" font_size="10" -> font_name="Malgun Gothic" font_size="12"
Readings

SQL Power Architect

  • Features supported or not supported
Feature Supporting Remarks
Defining AK(Alternative Key) Yes
Defining View No
Defining FK from AK No

Text Editor

vi

Commands
Category Command Description Remarks
Movement G Move to the last line
gg Move to the first line
nG Move to the nth line
Deleting x Delete single character under cursor
dd Delete current line
ndd Delete the next n lines, including the current line
D Delete the remainder of the line, starting with current cursor position
Copy/Paste yy Yank current line into the buffer
nyy Yank the next n lines, including the current line into the buffer
p Paste the line(s) in the buffer into the text after the current line
Misc u Undo your last action
ex Commands
: addr command

addr:
  %       all lines in file
  x,y     lines x to y
  .       current line
  n       line number: n
  $       last line of file
  x-n     n lines before line x
  x+n     n lines after line x
  /pat/   forward to line containing pat
  ?pat?   backward to line containing pat

command:
  s/pat/text/     substitute 1st match of pat with text
  s/pat/text/g    substitute every match of pat with text
  s/pat/text/n    substitute the nth occurrence of pat with text
  ya c            yank into buffer c or the general buffer if c is omitted
  g address cmd   execute cmd on all lines which satisfy address
  >               shift right
  <               shift left
  d               delete line
  ! UNIX-cmd      execute UNIX-cmd on line
  m address       move lines to address
Command Description Remarks
:1,$d Delete all lines
:.,$d Delete lines from current to end
:set nu Display line numbers

jEdit

  • http://www.jedit.org/
  • Desc. : a mature programmer's text editor with hundreds (counting the time developing plugins) of person-years of development behind it
  • License : GPL 2.0

Documentation

Swagger

Component Description Maven Artifacts
Swagger Core a Java implementation of the OpenAPI Specification. io.swagger.core » v3
Swagger CodeGen a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. io.swagger.codegen » v3
References
API
Annotation Description Remarks
@ApiModel Provides additional information about Swagger models.
@ApiModelProperty Adds and manipulates data of a model property.
CodeGen
Readings
Examples

Swagger2Markup

  • https://github.com/Swagger2Markup/swagger2markup
  • Desc. : simplify the generation of an up-to-date RESTful API documentation by combining documentation that’s been hand-written with auto-generated API documentation produced by Swagger.
  • License : Apache License Version 2.0

SpringFox

References
Readings
Samples

springdoc-openapi

OpenAPI Generator

Readings

ReDoc

Readings

Enunciate

Doxygen

  • http://www.stack.nl/~dimitri/doxygen/
  • Desc. : a documentation system for C++, C, Java, Objective-C, Python, IDL (Corba and Microsoft flavors), Fortran, VHDL, PHP, C#, and to some extent D.
  • License : GPL

Sphinx

Pandoc

  • http://johnmacfarlane.net/pandoc/
  • Desc. : convert documents in markdown, reStructuredText, textile, HTML, DocBook, or LaTeX to HTML formats, word processor formats, documentation formats, TeX formats, PDF, and/or lightweight markup formats.
  • License : GPL
  • Sources

jax-doclets

xs3p

Enunciate

MireDot

Publication

Scribus

Publican

Medium

Category 3rd-party
Code Sample GitHub Gists
Table Airtable
Equations embed.fun

SQL Client/Database Management

SQuirreL SQL Client

  • http://www.squirrelsql.org/
  • Desc. : A graphical Java program that will allow you to view the structure of a JDBC compliant database, browse the data in tables, issue SQL commands etc.

IBM Data Studio

Oracle SQL Developer

SchemaSpy

  • http://schemaspy.sourceforge.net/
  • Desc. : a Java-based tool (requires Java 5 or higher) that analyzes the metadata of a schema in a database and generates a visual representation of it in a browser-displayable format.
  • License : Lesser GNU Public License 2.1

SQLLine

Robomongo

HeidiSQL

  • http://www.heidisql.com/
  • Desc. : a useful and reliable tool designed for web developers using the popular MySQL server, Microsoft SQL databases and PostgreSQL
  • License : GPL

Software License Analysis

FOSSology

Ninka

OSS Discovery

System Diagnosis/Monitoring

nmon

top

  • Tips
    • Remarkable commands
      • W : Write-the-Configuration-File
      • f | F : :Fields-Management
      • H : Threads-mode toggle
      • I : Irix/Solaris-Mode toggle
      • t : Task/Cpu-States toggle
      • m : Memory/Swap-Usage toggle
      • 1 : Single/Separate-Cpu-States toggle
      • c : Command-Line/Program-Name toggle
      • u | U : Show-Specific-User-Only
      • i : Idle-Process toggle

htop

Wireshark

iperf

Process Explorer

Process Monitor

DebugView

Testing

JMeter

  • http://jmeter.apache.org/
  • Des. : a 100% pure Java application designed to load test functional behavior and measure performance.
  • License : Apache License v2
References
Category Component Description Remarks
Configuration User Defined Variables
SSL Manager a way to select a client certificate so that you can test applications that use Public Key Infrastructure (PKI) Basic Authentication, Digest Authentication, Kerberos
HTTP Authorization Manager lets you specify one or more user logins for web pages that are restricted using server authentication
CSV Data Set Config
Logic Controllers Switch Controller acts like the Interleave Controller in that it runs one of the subordinate elements on each iteration, but rather than run them in sequence, the controller runs the element defined by the switch value.
Pre Processors User Parameters
Timer Constant Throughput Timer introduces variable pauses, calculated to keep the total throughput (in terms of samples per minute) as close as possible to a give figure.
Assertions Response Assertion lets you add pattern strings to be compared against various fields of the request or response Perl5-style regular expressions
JSON Assertion
Category Function Description Remarks
Scripting __groovy Evaluates Apache Groovy scripts passed to it, and returns the result Apache Groovy Documentation
__BeanShell Evaluates the script passed to it, and returns the result BeanShell User Manual - version 1.3
__javaScript Executes a piece of JavaScript code and returns its value Not recommanded
Variables __V Returns the result of evaluating a variable name expression ${__V(A${N})}
__eval Returns the result of evaluating a string expression ${__eval(${SQL})}
Readings
Plugins
Tips and Tricks
Using variables in assertion

In 'Response Assertion', the variable defined via 'CSV Data Set Config' or 'User Defined Variables' can be used in test pattern.
In the following sample, certHash is variable defined in 'CSV Data Set Config' 

${__escapeOroRegexpChars(\"cert_hash\":\"${certHash}\")}

ApacheBench

Eclipse TPTP

  • http://www.eclipse.org/tptp/
  • Desc. : provides an open platform supplying powerful frameworks and services that allow software developers to build unique test and performance tools, both open source and commercial, that can be easily integrated with the platform and with other tools.

Testopia

TestLink

FitNesse

  • http://fitnesse.org/
  • Desc. : The fully integrated standalone wiki and acceptance testing framework.

CodePro Analytix

Postman

References
Readings
Scripting
Sample Scripts
Using script scope variables and defining conditional test function
// https://www.getpostman.com/docs/v6/postman/scripts/postman_sandbox_api_reference

var payload = pm.response.json();

pm.test('Response code should be 200', function(){
    pm.response.to.have.status(200);
});

pm.test('Server should have NON-empty complete ledgers', function(){

    pm.expect(payload.result.info.complete_ledgers).to.not.equal('empty');
});

if(pm.variables.get('hostname')){
    pm.test('Node should have "hostid" same with hostname of the hosted machine', function(){
        pm.expect(payload.result.info.hostid).to.be.equal(pm.variables.get('hostname'));
    });
}

Newman

Fiddler

  • Readings

Phoronix Test Suite

  • http://www.phoronix-test-suite.com/
  • Desc. : the most comprehensive testing and benchmarking platform available for Linux, Solaris, Mac OS X, and BSD operating systems.
  • License : GNU GPL

Blogbench

Log Viewer

Lilith

  • http://lilith.huxhorn.de/
  • Desc. : Lilith is a logging and access event viewer for the Logback logging framework, log4j and java.util.logging.
  • License :

Build

Maven

Ant

  • http://ant.apache.org/
  • Desc. : a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other.
  • On Ant

Gradle

  • http://www.gradle.org/
  • Desc. : automate the building, testing, publishing, deployment and more of software packages or other types of projects such as generated static websites, generated documentation or indeed anything else.
  • License :
  • Source :
Referencs
  • Common commands
Command Description Reamrks
$ gradle tasks --all gives you a list of the main tasks of the selected project
Readings

Package Management

  • Package Management Softwares
Software Scope Remarks
APT (Advanced Package Tool) Ubuntu, Debian a set of tools for managing Debian packages, and therefore the applications installed on your Debian system
RPM CentOS, RHLP a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages
yum CentOS, RHLP an automatic updater and package installer/remover for rpm systems
Chocolatey Windows the package manager for Windows
npm JavaScript the package manager for JavaScript
yarn JavaScript a package manager for JavaScript
pip Python the PyPA recommended tool for installing Python packages
RubyGems Ruby allows you to easily download, install, and use ruby software packages on your system
Bundler Ruby provides a consistent environment for Ruby projects by tracking and installing the exact gems and versions that are needed

RPM

  • http://rpm.org/
  • Desc. : a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages.
References
Option Long Option Description Remarks
-U --upgrade Upgrade/install
-I --install Install
-e --erase Remove
-q --query Query
-V --verify Verify
--showrc Display final rpmrc and macro configuration
Readings
Samples
$ # install or upgrade. (do NOT use rpm -i ... as possible)
$ rpm -Uhv mysql-workbench-community-6.2.3-1.el6.x86_64.rpm

$ # list files in a installed package
$ rpm -ql mysql-workbench-community

$ # list files in a rpm file
$ rpm -qlp mysql-workbench-community-6.2.3-1.el6.x86_64.rpm

$ # list install/erase scriptlets in a rpm file
$ rpm -qp --scripts mysql-workbench-community-6.2.3-1.el6.x86_64.rpm

yum

  • Commands
Command Description Remarks
yum check-update See which installed packages on your system have updates available.
yum update Update a single package, multiple packages, or all packages at once.
yum search Search all RPM package names, descriptions and summaries.
yum list Listing Packages yum list [all|available|installed|...|recent] [glob_expr1 glob_expr2 ...]
yum list all Lists all installed and available(packages in any repository enabled on your system) packages.
yum list installed Lists all packages installed on your system. rpm -qa
yum list available Lists all available packages in all enabled repositories.
yum list extras Lists any installed package which no longer appears in any of your enabled repositories. Useful for finding packages which linger between upgrades or things installed not from a repo.
yum list obsoletes Lists any obsoleting relationships between any available package and any installed package.
yum list updates Lists any package in an enabled repository which is an update for any installed package.
yum list recent Lists any package in an enabled repository which is an update for any installed package.
yum provides Advanced Searches


  • Examples
    • yum -v repolist enabled //list only enabled repositories
    • yum -v list all subversion --enablerepo=rpmforge-extras //search subversion packages both installed and available including 'rpmforge-extras' repository
    • yum -v list installed //list all installed packages

APT

RubyGems

  • http://rubygems.org/
  • Desc. : allows you to easily download, install, and use ruby software packages on your system
  • License : Ruby License
  • Written in : Ruby

Bundler

Frontend

MySchedule

Networking

OpenSSL

  • https://www.openssl.org/
  • Desc. : a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
  • License :
  • Sources : https://github.com/openssl/openssl
References
Commands
Command Description Remarks
openssl genrsa Generates an RSA private key
openssl req Creates and processes certificate requests in PKCS#10 format
openssl x509 Certificate display and signing utility
openssl pkcs12 PKCS#12 file utility PKCS 12
Readings
Basic Certificate Fields
Certificate Extensions
Books
Tips and Tricks
Checking the details of RSA private key in PEM file

Use openssl rsa command on the certificate file. You maybe asked to provide passphrase of the encrypted key. 

$ openssl rsa -in tls-server.key -inform PEM -text -noout
Checking the details of CSR file in PEM file

Use openssl req command on the CSR file. You maybe asked to provide passphrase of the encrypted key. 

$ openssl req -in tls-server.csr -inform PEM -text -noout -verify
Checking the details of a certificate including subject, X.509 extension and so on

Use openssl x509 command on the certificate file 

$ openssl x509 -in tls-server.crt -inform PEM -text -noout

curl

  • http://curl.haxx.se/
  • Desc. : a command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, Gopher, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, Telnet and TFTP.
  • License :

websocat

  • https://github.com/vi/websocat
  • Desc. : Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
  • License : MIT License
Examples
echo '{ "id": 2, 
  "command": "ledger", 
  "ledger_index": 10000000, 
  "transactions": true }' | websocat -01q 'ws://tracker1/' | jq "."

PuTTY

  • http://www.putty.org/
  • Desc. : an SSH and telnet client, developed originally by Simon Tatham for the Windows platform.

PuTTY Session Manager

  • https://puttysm.sourceforge.io/
  • Desc. : a tool that allows system adminstrators to organise their PuTTY sessions into folders and assign hotkeys to their favourite sessions.

Pageant

KiTTY

ConEmu

Readings

Poderosa

Security

GPG

  • https://gnupg.org/
  • Desc. : a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP)
  • License :
  • Written in :
  • Sources

HashiCorp Vault

References
Environment Variables
Variable Description Related Values Remarks
VAULT_FORMAT vault operator init -format table, json, yaml
VAULT_TOKEN Vault authentication token.
Commands
Command Subcommand Description Remarks
list lists data from Vault at the given path.
read reads data from Vault at the given path.
write writes data to Vault at the given path.
kv interacting with Vault's key/value secrets engine.
put writes the data to the given path in the K/V secrets engine.
get retrieves the value from K/V secrets engine at the given key name.
list returns a list of key names at the specified location.
server starts a Vault server that responds to API requests.
operator groups subcommands for operators interacting with Vault.
init initializes a Vault server. -key-shares, -key-threshold, -pgp-keys, -root-token-pgp-key
policy groups subcommands for interacting with policies.
secrets interacting with Vault's secrets engines.
enable enables an secrets engine at a given path.
list lists the enabled secrets engines on the Vault server.
login authenticates users or machines to Vault using the provided arguments.
Policies
  • Default Policy
rules    # Allow tokens to look up their own properties
path "auth/token/lookup-self" {
    capabilities = ["read"]
}

# Allow tokens to renew themselves
path "auth/token/renew-self" {
    capabilities = ["update"]
}

# Allow tokens to revoke themselves
path "auth/token/revoke-self" {
    capabilities = ["update"]
}

# Allow a token to look up its own capabilities on a path
path "sys/capabilities-self" {
    capabilities = ["update"]
}

# Allow a token to look up its own entity by id or name
path "identity/entity/id/{{identity.entity.id}}" {
  capabilities = ["read"]
}
path "identity/entity/name/{{identity.entity.name}}" {
  capabilities = ["read"]
}


# Allow a token to look up its resultant ACL from all policies. This is useful
# for UIs. It is an internal path because the format may change at any time
# based on how the internal ACL features and capabilities change.
path "sys/internal/ui/resultant-acl" {
    capabilities = ["read"]
}

# Allow a token to renew a lease via lease_id in the request body; old path for
# old clients, new path for newer
path "sys/renew" {
    capabilities = ["update"]
}
path "sys/leases/renew" {
    capabilities = ["update"]
}

# Allow looking up lease properties. This requires knowing the lease ID ahead
# of time and does not divulge any sensitive information.
path "sys/leases/lookup" {
    capabilities = ["update"]
}

# Allow a token to manage its own cubbyhole
path "cubbyhole/*" {
    capabilities = ["create", "read", "update", "delete", "list"]
}

# Allow a token to wrap arbitrary values in a response-wrapping token
path "sys/wrapping/wrap" {
    capabilities = ["update"]
}

# Allow a token to look up the creation time and TTL of a given
# response-wrapping token
path "sys/wrapping/lookup" {
    capabilities = ["update"]
}

# Allow a token to unwrap a response-wrapping token. This is a convenience to
# avoid client token swapping since this is also part of the response wrapping
# policy.
path "sys/wrapping/unwrap" {
    capabilities = ["update"]
}

# Allow general purpose tools
path "sys/tools/hash" {
    capabilities = ["update"]
}
path "sys/tools/hash/*" {
    capabilities = ["update"]
}

# Allow checking the status of a Control Group request if the user has the
# accessor
path "sys/control-group/request" {
    capabilities = ["update"]
}
Auth Methods
Method Description Enabling Script API Remarks
userpass allows users to authenticate with Vault using a username and password combination. vault auth enable userpass Userpass Auth Method API
Secret Engines
Engine Description Enabling Script API Remarks
identity the identity management solution for Vault. Identity Secrets Engine API
Readings
Tips and Tricks
Typical Commandlines for Admins
$ export VAULT_ADDR="http://127.0.0.1:8200"   # setup VAULT_ADDR env. variable

$ vault operator unseal ...    # unseal vault

$ export VAULT_TOKEN=...       # setup VAULT_TOKEN (session ID) env. variable   

$ vault secrets list           # list all enabled secret engines

$ vault auth list              # list all enabled auth methods

$ vault auth enable userpass   # enable the most common auth method - Userpass

# Adding a new auth(user) seems not to add corresponding "identity" automatically.
# If the new "user" has no identity, it seems that an "identity" would be generated automatically when the user first succeeds login
$ vault write auth/userpass/users/foo password=bar   # add a new account whose username is 'foo' and password is 'bar'
Typical Commandlines for End-users
$ vault login -method=userpass username=foo   # try login as a normal user

$ export VAULT_TOKEN=...       # setup VAULT_TOKEN (session ID) env. variable for current session
Commands vs. APIs
  • Adding a new normal account
    • Commandline : vault write auth/userpass/users/foo password=bar
    • API : curl -H "X-Vault-Token: $VAULT_TOKEN" -X PUT -d '{"password":"bar"}' $VAULT_ADDR/v1/auth/userpass/users/foo
Best Practices

SoftHSM

Readings
Command Description Remarks
softhsm2.conf SoftHSM configuration file
softhsm2-util support tool for libsofthsm2
softhsm2-keyconv converting from BIND to PKCS#8 key file format

Nmap

  • http://nmap.org/
  • Desc. : a free and open source (license) utility for network discovery and security auditing.
References
Options
Option Description Remarks
-Pn Treat all hosts as online -- skip host discovery
-n Never do DNS resolution
-sS TCP SYN scan : half-open scanning default scan type for privileged users
-sT TCP connect scan
-sU UDP scan
-p <port ranges> Only scan specified ports -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9
-sV Probe open ports to determine service/version info
-O Enable OS detection
-sC equivalent to --script=default
Port States
State Description Remarks
open An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port.
closed A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it.
filtered Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port.
unfiltered A port is accessible, but Nmap is unable to determine whether it is open or closed.
open|filtered It is unable to determine whether a port is open or filtered.
closed|filtered It is unable to determine whether a port is closed or filtered.
Scripts
Category Script Description Usage/Arguments Remarks
SSH ssh-auth-methods Returns authentication methods that a SSH server supports. ssh.user
ssh-brute Performs brute-force password guessing against ssh servers. ssh-brute.timeout, passdb, userdb, ...
MySQL mysql-info Connects to a MySQL server and prints information such as the protocol and version numbers, thread ID, status, capabilities, and the password salt. nmap --script=mysql-info <target>
mysql-brute Performs password guessing against MySQL. nmap --script=mysql-brute <target>
MongoDB mongodb-info Attempts to get build info and server status from a MongoDB database. Default MongoDB Port
mongodb-brute Performs brute force password auditing against the MongoDB database.
Readings
Tips and Tricks
Scan a single host
$ sudo nmap -Pn -n -sS -sV -O 192.168.10.201
Scan multiple specific hosts
$ sudo nmap -Pn -n -sS -sV -O 192.168.10.201 192.168.10.203 192.168.10.207
Try brute force attack MySQL
$ sudo nmap -Pn --script=mysql-info,mysql-brute -d -p 3306 169.56.90.135

OpenVAS

  • http://www.openvas.org/
  • Desc. : a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution
  • License : GPL

Lynis

Readings
Control Category Title Description Remarks
AUTH-9208 Authentication Duplicate accounts or IDs
AUTH-9218 Authentication Accounts without password Lynis checks for users accounts and which ones do not have a password.
AUTH-9283 Authentication Passwords (no password set)
SSH-7412 SSH SSH permit root login For proper authorization purposes, do not use direct root logins.
SSH-7408 SSH SSH configuration Proper hardening of your SSH configuration can reduce known weaknesses. OpenSSH security and hardening

OpenSCAP

OSSEC

CrackLib

hashcat

chkrootkit

  • Rootkit
    • a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.

Graphics

Graphviz

Mscgen

  • http://www.mcternan.me.uk/mscgen/
  • Desc. : a small program that parses Message Sequence Chart descriptions and produces PNG, SVG, EPS or server side image maps (ismaps) as the output.
  • License : GPLv2

OpenSG

  • http://www.opensg.org/
  • Desc. : a portable scenegraph system to create realtime graphics programs.
  • License : LGPL

OpenSceneGraph

  • http://www.openscenegraph.org/projects/osg
  • Desc. : an open source high performance 3D graphics toolkit, used by application developers in fields such as visual simulation, games, virtual reality, scientific visualization and modelling. Written entirely in Standard C++ and OpenGL.
  • License : LGPL

Visualization

XsdVi

Data Analysis

Cube

ETL

Scriptella

Science

Maxima

SymPy

DataMelt

  • https://jwork.org/dmelt/
  • Desc. : a free software for numeric computation, mathematics, statistics, symbolic calculations, data analysis and data visualization.
  • License :
  • Written in : Java, Python, Ruby, Groovy
  • Sources :

Servers or Engines

Virtualization

VirtualBox

  • https://www.virtualbox.org/
  • Desc : a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use.
  • License : GPL version 2
References
VBoxManage
Command Descriptions Parameters Remarks
createmedium creates a new medium filename, size, format createvdi, createhd
storagectl attaches, modifies, and removes a storage controller name, add, portcount
storageattach attaches, modifies, and removes a storage medium connected to a storage controller that was previously added with the storagectl command storagectl, port, type, medium
Readings

Xen Project Hypervisor

Vagrant

References
Namespace Description Remarks
config.vm modify the configuration of the machine that Vagrant manages.
config.ssh configuring how Vagrant will access your machine over SSH
config.vagrant modify the behavior of Vagrant itself
Boxes
Readings
VirtualBox

Packer

References
Component Description Remarks
Builders / VirtualBox / ISO create VirtualBox virtual machines and export them in the OVF format, starting from an ISO image.
Readings

DBMS

HSQLDB

Apache Derby

J2EE Application Server

Jetty

Tomcat

JBoss AS

WildFly

Undertow

  • http://undertow.io/
  • Desc. : a flexible performant web server written in java, providing both blocking and non-blocking API’s based on NIO.
  • Written in : Java
  • License :
  • Readings

TomEE

OpenEJB

Application Server

Apache HTTP Server

Nginx

  • http://nginx.org/
  • Desc. : a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server
  • License :
  • Written in : C
References
Directives
server = server_name, listen, location*

location = proxy_pass, proxy_bind
Context Directive Description Remarks
server server_name Sets names of a virtual server
listen Sets the address and port for IP, or the path for a UNIX-domain socket on which the server will accept requests.
Readings
Proxy
Load Balancer

mongoose

ZooKeeper

Proxy Server

HAProxy

Varnish Cache

Squid

References
Directive Description Format Remarks
acl Defining an Access List. acl aclname acltype argument ...
http_port The socket addresses where Squid will listen for HTTP client requests. [hostname:|ip-address:] port [mode] [options]
Readings

Networking

OpenSSH

  • http://www.openssh.org/
  • Desc. : a FREE version of the SSH connectivity tools that technical users of the Internet rely on.
References
Commands
Command Description Remarks
sshd OpenSSH SSH daemon
ssh OpenSSH SSH client (remote login program)
Daemon Command Line Options
Option Description Remarks
-4 Forces sshd to use IPv4 addresses only.
-f config_file Specifies the name of the configuration file.
-E log_file Append debug logs to log_file instead of the system log.
-t Test mode. Only check the validity of the configuration file and sanity of the keys.
-T Extended test mode. Check the validity of the configuration file, output the effective configuration to stdout and then exit.
Configurations
Config Description Remarks
sshd_config OpenSSH SSH daemon configuration file
ssh_config OpenSSH SSH client configuration files
Daemon Config Options
Option Type Description Remarks
LogLevel enum QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, DEBUG3
PermitRootLogin enum no, yes, prohibit-password, forced-commands-only
PermitEmptyPasswords boolean When password authentication is allowed, it specifies whether the server allows login to accounts with empty password strings.
HostbasedAuthentication boolean Specifies whether rhosts or /etc/hosts.equiv authentication together with successful public key client host authentication is allowed
IgnoreRhosts boolean Specifies that .rhosts and .shosts files will not be used in HostbasedAuthentication
AllowTcpForwarding enum yes, no, local, remote
AllowStreamLocalForwarding enum yes, no, local, remote
GatewayPorts enum no, yes, clientspecified
PermitTunnel enum Specifies whether tun device forwarding is allowed. no, yes, no, point-to-point, ethernet
X11Forwarding boolean Specifies whether X11 forwarding is permitted. yes, no
AllowAgentForwarding boolean Specifies whether ssh-agent(1) forwarding is permitted. yes, no
PermitOpen string Specifies the destinations to which TCP port forwarding is permitted.
TCPKeepAlive boolean Specifies whether the system should send TCP keepalive messages to the other side.
ClientAliveInterval integer Sets a timeout interval in seconds after which if no data has been received from the client.
ClientAliveCountMax integer Sets the number of client alive messages which maybe sent with-out sshd(8) receiving any messages back from the client.
Client Config Options
Option Type Description Remarks
TCPKeepAlive boolean Specifies whether the system should send TCP keepalive messages to the other side
ServerAliveInterval integer Sets a timeout interval in seconds after which if no data has been received from the server
ServerAliveCountMax integer Sets the number of server alive messages which may be sent without ssh(1) receiving any messages back from the server
ControlPersist boolean When used in conjunction with ControlMaster, specifies that the master connection should remain open in the background after the initial client connection has been closed.
Readings
Match User limited-user
   AllowTcpForwarding yes
   PermitOpen 192.168.1.101:22
   ForceCommand echo 'This account can only be used for ...'

VyOS

  • https://vyos.io/
  • Desc. : an open source network operating system that can be installed on physical hardware or a virtual machine on your own server, or a cloud platform .
  • License :
  • Sources : https://github.com/vyos
References
Operational Mode Commands
Command Description Remarks
show Show system information
show configuration Show running configuration
show configuration commands Show running configuration as set commands
show interfaces Show network interface information
show ip route Show IP routes
show system login users Show user account information
show log Show contents of current master log file
ping Send IPv4 or IPv6 ICMP echo requests
traceroute Track network path to node
traceroute ipv4 Track network path to hostname or IPv4 address
configure Enter configure mode
restart Restart a service
reset Reset a service
show system syslog Show system logging daemon
show vrrp Show VRRP (Virtual Router Redundancy Protocol) information
Configuration Mode Commands
Command Description Remarks
set Set the value of a parameter or create a new element
delete Delete a configuration element
discard Discard uncommitted changes
commit Commit the current set of changes
compare Compare configuration revisions compare 1, compare 1 2
show protocols static Show the configuration of static route parameters
set protocols static route Set the value of a parameter or create a new element for static IPv4 route
delete protocols static route Delete a static route
show service Show services
set service Set services dhcp-relay, dhcp-server, dns, https, nat, snmp, ssh, telnet, ...
delete service Delete services
Configurations
Category Files Remarks
General/Overall /opt/vyatta/etc/
/opt/vyatta/preconfig.d/
/opt/vyatta/postconfig.d/
/config/
SSH /etc/default/ssh
NTP /etc/default/ntp
logrotate /etc/logrotate.conf
/etc/logrotate.d/
/opt/vyatta/etc/logrotate/global
Services
Service Description Remarks
connsync
dhcp-relay
dhcp-server
diamond
dns
flow-monitoring
https
nat
path-monitor
portmonitor
snmp
ssh
telnet
Commands by Topic
  • Manage Services
$ configure
$ show service           # list all services
$ set service ...        # create or modify a service
$ exit
$ restart ...            # restart service
$ configure
$ delete ...             # remove service
$ exit
  • Manage SSHD
$ configure
$ show service ssh
$ set service ssh listen-address ...
$ set service ssh timeout '60'
$ commit
$ cat /etc/ssh/sshd_config
  • Manage Loggings
$ configure
$ show system syslog                            # show syslog configuration
$ set system syslog global archive size 1000    # set size of log files (KB)
$ set system syslog global archive files 300    # set numbers of saved files
$ commit
  • Manage VRRP
$ show vrrp
Readings
Tips and Tricks
Remarkable Command-line
$ # list operational mode commands
$ show [tab]  

$ # show routing table
$ show ip route

$ # show running config
$ show configuration

$ # enter configure mode
$ configure

$ # compare working configuration and last revision
$ compare 1 

$ # compare last revision configuration and the right previous one of it
$ compare 1 2

OpenVPN

Security

Dogtag PKI

OpenXPKI

EJBCA

  • https://www.ejbca.org/
  • Desc. : a PKI Certificate Authority software, built using Java (JEE) technology
  • License :
  • Sources :

Boulder

Media Streaming Server

LIVE555 Media Server

Red5

Darwin Streaming Server

  • http://dss.macosforge.org/
  • Desc. : the open source server technology that allows you to send streaming media to clients across the Internet using the industry standard RTP and RTSP protocols.
  • License : Apple Public Source License

NoSQL

Redis

  • http://redis.io/
  • Desc : an open-source, networked, in-memory, key-value data store with optional durability.
  • License : BSD
References
Commands
Command Description Remarks
CONFIG GET param Read the configuration parameters of a running Redis server. glob-style pattern
GET key Get the value of key. O(1)
Readings
Companions
lettuce
Spring Data Redis
embedded-redis
Redis Commander
FastoRedis

MongoDB

References
Readings

CouchDB


Search Engine

Elasticsearch

References
Field datatypes
Datatype Description Remarks
keyword a field to index structured content such as email addresses, hostnames, status codes, zip codes or tags
Readings

Version Control Software

Subversion

  • Examples
$ svn info .   //show status including working copy path, repository path, base revision and et al.
$ svn status . //show only locally modified items under the current directory of working copy
$ svn update   //update working copy
$ svn commit   //send changes from your working copy to the repository
$ svn --force --depth infinity add .  //add all unversioned files to local change
$ svn copy ^/trunk/foundation ^/branches/foundation-20141123 -c "Created a new branch of /trunk/foundation" //making branch

Git

Team Foundation Version Control

Harvest

Repository Management Software

Artifactory

Configuration Management Software

Chef

  • https://www.chef.io/
  • Desc. : a powerful automation platform that transforms infrastructure into code
  • License : Apache License 2.0

Puppet

Ansible

Fabric

Companions
fabtools

SaltStack

Terraform

Packer

System Monitoring Software

Wiki

DokuWiki

  • https://www.dokuwiki.org/
  • Desc. : a simple to use and highly versatile Open Source wiki software that doesn't require a database.
  • License : GPL
  • Written in : PHP

MoinMoin

  • http://moinmo.in/
  • Desc : an advanced, easy to use and extensible WikiEngine with a large community of users.
  • License : GPL

gollum

Content Management System

Jekyll

  • http://jekyllrb.com/
  • Desc. : a parsing engine bundled as a ruby gem used to build static websites from dynamic components such as templates, partials, liquid code, markdown, etc.
  • License : The MIT License
  • Written in : Ruby
  • Sources : https://github.com/mojombo/jekyll
References
Readings
Samples

Beautiful Jekyll

Drupal

  • http://drupal.org/
  • Desc : a powerful content management system which allows you to create and maintain many different types of websites without needing to know any coding languages.
  • License : GPL

Joomla

  • http://www.joomla.org/
  • Desc : a content management system (CMS), which enables you to build Web sites and powerful online applications.
  • License : GPL

Tiki Wiki CMS Groupware

  • http://info.tiki.org/
  • Desc. : a free and open source wiki-based, content management system and Online office suite
  • License : LGPL 2.1
  • Written in : PHP

Desktop Sharing

x11vnc

TightVNC

BPM Engine

Activiti

  • http://www.activiti.org/
  • Desc : a light-weight workflow and Business Process Management (BPM) Platform targeted at business people, developers and system admins.
  • License : Apache License 2.0

misc

Openfire

Supervisor

  • http://supervisord.org/
  • Desc. : a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems.
  • License :
  • Written in : Python

Spring Loaded

Docker

Vagrant

  • https://www.vagrantup.com/
  • Desc. : provides easy to configure, reproducible, and portable work environments built on top of industry-standard technology and controlled by a single consistent workflow to help maximize the productivity and flexibility of you and your team.
  • License :

Slack

  • https://slack.com/
  • Desc. : a cloud-based set of proprietary team collaboration tools and services
Readings

Utilities

Browser

Firefox

Thunderbird

PC Diagnostic and Recovery

GNU GRUB

Hiren's BootCD

PC Security

AVG AntiVirus FREE

Comodo Internet Security

Eraser

  • https://eraser.heidi.ie/
  • Desc. : an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.

File System

rsync

Partition Wizard

Office

Notepad++

LibreOffice

Readings
Calc Functions
Function Description Remark
VALUE(text) Returns a number, given a text representation.
LEFT(text; number) Returns text from the left side of a text string. number: length
RIGHT(text; number) Returns text from the right side of a text string. number: length
MID(text; start; number) Returns text from the middle of a text string. 1 based
  • Samples
=VALUE(LEFT(TRIM(A1), LEN(TRIM(A1)) - 1))   # +1,000P -> 1000, -20,000P  -> 20000, ...

Excel

Image Viewer/Editor

Picasa

GIMP

  • https://www.gimp.org/
  • Desc. : a cross-platform image editor available for GNU/Linux, OS X, Windows and more operating systems.
  • License : GPL v3

Screen Capture/Recording

PicPick

  • https://picpick.app/
  • Desc. : A full-featured screen capture tool, intuitive image editor, color picker, color palette, pixel-ruler, protractor, crosshair, whiteboard and more.

ShareX

OBS Studio

Ezvid For Windows

Optical Disc Authoring

CDBurnerXP

  • http://cdburnerxp.se
  • Desc. : Application to burn CDs and DVDs, including Blu-Ray and HD-DVDs.
  • License
    • Limited grants you (the licensee) a permission to use the software at no cost, both for commercial and non-commercial purposes on any computer in your possession.

InfraRecorder

misc

CCleaner

Hangul Typing

misc

Standards

eTOM

ONVIF

  • http://www.onvif.org/
  • Desc. : an open industry forum for the development of a global standard for the interface of IP-based physical security products.
  • Search
    • FindEvents
      • starts a search session, looking for recording events in the scope that matches the search filter defined in the request.
    • GetEventSearchResults
      • acquires the results from a recording event search session previously initiated by a FindEvents operation.
    • FindRecordings
      • starts a search session, looking for recordings that matches the scope defined in the request.
    • GetRecordingSearchResults
      • acquires the results from a recording search session previously initiated by a FindRecordings operation.
    • FindMetadata
      • starts a search session, looking for metadata in the scope that matches the search filter defined in the request.
    • GetMetadataSearchResults
      • acquires the results from a recording search session previously initiated by a FindMetadata operation.

Services

Amazon Redshift

Microsoft Project Oxford

  • https://www.projectoxford.ai/
  • Desc. : a set of services for understanding data and adding ‘smart’ to your applications.
  • Components
    • Computer Vision APIs
    • Face APIs
    • Emotion APIs
    • Speech APIs
    • Spell Check APIs
    • Language Understanding Intelligent Service

Awards Winner

JAX Innovation Awards

Categories Winners Remarks
Most innovative contribution to the Java ecosystem Spring Boot
Most innovative solution to software delivery and DevOps Docker
Special Jury Award Let’s Encrypt
Categories Winners Remarks
Most Innovative Java Technology Java 8
Most Innovative Open Tech Akka
Special Jury Award Netflix OSS
Categories Winners Remarks
Most Innovative Java Technology Vert.x a tool-kit for building reactive applications on the JVM
Most Innovative Open Technology Docker an open platform for distributed applications for developers and sysadmins
Most Innovative Open Tech Business Hazelcast The Leading Open Source In-Memory Data Grid
Categories Winners Remarks
Most Innovative Java Technology Restructure101 commercial product
Most Innovative Java Company JetBrains
Top Java Ambassador Adam Bien
Special Jury Award Charlie Nutter
Categories Winners Remarks
Most Innovative Java Technology JRebel
Most Innovative Java Company Red Hat
Top Java Ambassador Martin Odersky
Special Jury Award Brian Goetz

Software Ranking

Graphics Asset

Collection Description Remarks
Tango Desktop Project Defines an icon style guideline to which artists and designers can adhere and provides a sample implementation of the style as an icon theme based upon a standardized icon naming specification.
Silk Icons A smooth, free icon set, containing over 700 16-by-16 pixel icons in strokably-soft PNG format.
Liquid Look And Feel Java2 Swing Look and Feel of Mosfet Liquid KDE 3.x theme.
Open Source Web Design A site to download free web design templates and share yours with others.
IconFinder provides high quality icons for webdesigners and developers in an easy and efficient way.
Openclipart a community and collection of vector clip art that is free content Openclipart(Wikipedia)
Classroom Clipart a great source for free clipart for not only for students, teachers and parents, but for everyone.
SOLUTION ICONS FOR ARCHITECTURAL DIAGRAMS The official set of icons to build architectural diagrams of Google Cloud Platform
Cisco Network Topology Icons Cisco icons are globally recognized and generally accepted as standard for network icon topologies.
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More 3rdstage's Wiki