Skip to content

Instantly share code, notes, and snippets.

@m57

m57/.bashrc_g0dmode

Created June 26, 2025 11:18
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save m57/976dd350b16c5bda7ab22581ced3ee90 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save m57/976dd350b16c5bda7ab22581ced3ee90 to your computer and use it in GitHub Desktop.
Download ZIP
bashrc
Raw
.bashrc_g0dmode
export PATH="$PATH:$HOME/go/bin:/usr/local/go/bin:$HOME/.dotnet"
export NMAP_ALLPORT_OPTIONS="-Pn -n -p0- --min-rate=1000 --max-retries=2 --reason --stats-every=5s -oA nmap-tcp-allport"
export NMAP_TOP_OPTIONS="-Pn -n --min-rate=1000 --max-retries=2 --reason --stats-every=5s -oA nmap-topports"
export NMAP_FLAGS="--min-rate 1000 --max-retries 2 --reason -Pn -n"
alias ls="ls --color=auto"
alias ll="ls -l"
alias lll="ls -la"
alias restart_touchbar="sudo pkill TouchBarServer; sudo killall ControlStrip"
alias ic='cd ~/Library/Mobile\ Documents/com~apple~CloudDocs'
alias obsidian='cd ~/Library/Mobile\ Documents/iCloud~md~obsidian/Documents'
RED=$(tput setaf 196)
GREEN=$(tput setaf 46)
YELLOW=$(tput setaf 226)
CYAN=$(tput setaf 117)
NORMAL=$(tput sgr0)
PURPLE=$(tput setaf 141)
HIST_PHASE="Malicious Insider"
HIST_IDENTITY="username"
HIST_IMPERSONATE="N/A"
HIST_ORIGIN=""
HIST_TARGET=""
HIST_DESCR=""
HIST_COMMAND=""
HIST_RESULT="Success"
HIST_NOTES=""
function cl-ec2-block-cidr() {
ip_range=$1
aws_region="${2:-eu-west-2}"
default_vpc_id=$(aws ec2 describe-vpcs --filters "Name=isDefault,Values=true" --query "Vpcs[0].VpcId" --output text --region $aws_region)
default_acl_id=$(aws ec2 describe-network-acls --filters "Name=vpc-id,Values=$default_vpc_id" --query "NetworkAcls[?IsDefault].NetworkAclId" --output text --region $aws_region)
existing_rule_numbers=$(aws ec2 describe-network-acls --network-acl-ids $default_acl_id --query "NetworkAcls[0].Entries[?Egress==\`false\`].RuleNumber" --output text --region $aws_region)
lowest_rule_number=1
while echo "$existing_rule_numbers" | grep -q "$lowest_rule_number"; do
lowest_rule_number=$((lowest_rule_number + 1))
done
# Add a new rule to block all inbound traffic from the specified IP range
aws ec2 create-network-acl-entry \
--network-acl-id $default_acl_id \
--rule-number $lowest_rule_number \
--protocol -1 \
--port-range From=0,To=65535 \
--cidr-block $ip_range \
--ingress \
--rule-action deny \
--region $aws_region
echo "[+] Added rule to block all traffic from $ip_range."
}
function cl-ec2-list-firewall-rules() {
if [ -z "$1" ]; then
echo "Usage: $0 <instance-id>"
return 1
fi
INSTANCE_ID=$1
# Get security group IDs associated with the instance
SG_IDS=$(aws ec2 describe-instances --instance-ids "$INSTANCE_ID" \
--query "Reservations[*].Instances[*].SecurityGroups[*].GroupId" \
--output text)
if [ -z "$SG_IDS" ]; then
echo "No security groups found for instance ID $INSTANCE_ID."
return 1
fi
# Function to format IP permissions into a table
format_permissions() {
local SG_ID=$1
local QUERY=$2
aws ec2 describe-security-groups --group-ids "$SG_ID" \
--query "$QUERY" --output json | jq -r '(.[] | (.IpRanges | map(.CidrIp) | join(",")) + "\t" + .IpProtocol + "\t" + (.FromPort|tostring) + "\t" + (.ToPort|tostring))' | column -t
}
# Loop through each security group and list the inbound and outbound rules
for SG_ID in $SG_IDS; do
echo "Security Group ID: $SG_ID"
# Inbound Rules Table
echo -e "Inbound Rules:"
echo -e "CIDR Range\tProtocol\tPort From\tPort To"
format_permissions "$SG_ID" "SecurityGroups[*].IpPermissions[]" | column -t
# Outbound Rules Table
echo -e "\nOutbound Rules:"
echo -e "CIDR Range\tProtocol\tPort From\tPort To"
format_permissions "$SG_ID" "SecurityGroups[*].IpPermissionsEgress[]" | column -t
echo ""
done
}
function cl-ec2-add-ingress()
{
if [ -z "$1" ]; then
echo "Usage: $0 <instance ID> <CIDR> <port> <protocol: tcp, udp>"
return 1
fi
INSTANCE_ID="$1"
NEW_CIDR=$2
NEW_PORT=$3
PROTO=$4
# Get the security group associated with the instance and add the new rule
SECURITY_GROUP_ID=$(aws ec2 describe-instances --instance-id $INSTANCE_ID --query "Reservations[*].Instances[*].SecurityGroups[*].GroupId" --output text)
aws ec2 authorize-security-group-ingress --group-id $SECURITY_GROUP_ID --protocol $PROTO --port $NEW_PORT --cidr $NEW_CIDR
}
function cl-ec2-inst()
{
aws ec2 describe-instances --query 'Reservations[*].Instances[*].{InstanceID:InstanceId,Name:Tags[?Key==`Name`].Value | [0],Project:Tags[?Key==`Project`].Value | [0],PrivateIP:PrivateIpAddress,PublicIP:PublicIpAddress}' --output table
}
function cl-get-external-ip()
{
curl -s ifconfig.me
}
function build_ps1()
{
t="$(which ifconfig)"
if [ -z "$t" ]; then
cmd="ip link show"
cmd2="state UP"
cmd3="ip addr show"
else
cmd="ifconfig"
cmd2="UP"
cmd3="ifconfig"
fi
PS1="[\[${CYAN}\]\t - \d\[${NORMAL}\]]"
EXT_IP=$(cl-get-external-ip)
if [ ! -z "$EXT_IP" ]; then
PS1="$PS1 [wan:\[${YELLOW}\]$EXT_IP\[${NORMAL}\]]"
fi
if [ -z "$t" ]; then
for i in $($cmd | grep "$cmd2"| awk '{print substr($2, 0, length($2)-1)}' | grep -v lo); do
IP=$($cmd3 $i 2>/dev/null | grep inet | grep -v inet6 | awk 'NR==1{print $2}')
if [ ! -z "$IP" ]; then
PS1="$PS1 [$i:\[${YELLOW}\]$IP\[${NORMAL}\]]"
fi
done
else
for i in $($cmd | grep "$cmd2"| awk '{print substr($1, 0, length($1)-1)}' | grep -v lo); do
IP=$($cmd3 $i 2>/dev/null | grep inet | grep -v inet6 | awk 'NR==1{print $2}')
if [ ! -z "$IP" ]; then
PS1="$PS1 [$i:\[${YELLOW}\]$IP\[${NORMAL}\]]"
fi
done
fi
PS1="$PS1 [\[${GREEN}\]\u@\h\[${NORMAL}\]]\n[\[${RED}\]\w\[${NORMAL}\]] $ "
}
function cl-ldap-epoch() {
awk '{dat=($0/10000000)-11644473600;print strftime("%c",dat) }' <<< $1
}
function cl-nmap-get-port-list()
{
grep -oE "([0-9]){1,5}/open/(tcp|udp)" $1 | cut -d "/" -f 1 | sort -u | tr "\n" ","
}
function cl-rt-timeline() {
export HISTTIMEFORMAT="${HIST_PHASE},%d/%m/%Y %T,${HIST_IDENTITY},${HIST_IMPERSONATE},${HIST_ORIGIN},${HIST_TARGET},${HIST_DESCR}," # RT Timeline format
if [ -z "$1" ]; then
history | cut -c8-
else
history | cut -c8- | grep -a $1
fi
unset HISTTIMEFORMAT
}
function cl-update-history-log {
if [ -z "$1" ]; then
echo "Usage: cl-update-history-log [Phase] [Identity] [Impersonation] [Origin] [Target]"
else
export HIST_PHASE="$1"
export HIST_IDENTITY="$2"
export HIST_IMPERSONATE="$3"
export HIST_ORIGIN="$4"
export HIST_TARGET="$5"
export HISTTIMEFORMAT="${HIST_PHASE},%d/%m/%Y %T,${HIST_IDENTITY},${HIST_IMPERSONATE},${HIST_ORIGIN},${HIST_TARGET},${HIST_DESCR}," # RT Timeline format
fi
}
function cl-urlencode() {
sed 's/\//%2f/g;s/+/%2b/g;s/=/%3d/g'
}
function cl-azure-tenantid() {
curl -s "https://login.windows.net/${1}/.well-known/openid-configuration" | jq .issuer | cut -f4 -d'/'
}
function gitpushall()
{
echo -ne "$GREEN[+]$NORMAL Pushing commit $1\n"
git add .
git commit -m "$1"
git push
}
function cl-help-menu(){
welcome
printf "\n"
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-get-external-ip" "" "Get the external IP address of the current machine."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-help-menu" "" "Show this help menu."
printf "\n${RED}Red Team${NORMAL} / ${GREEN}Pentest${NORMAL}:\n"
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-update-history-log" "<Phase> <Identity> <Impersonation> <Origin> <Target>" "Update the history log for the timeline."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-rt-timeline" "<search_string>" "Search the history log for a specific string."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-nmap-get-port-list" "<file.gnmap>" "Get open Nmap ports from a *.gnmap scan file. Returns in format (port,port,port)."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-cypher-query" "<username> <password> <server> <query>" "Run a Cypher query against a Neo4j database. The default server is 127.0.0.1:7474."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-azure-tenantid" "<target_domain>" "Get a target domain's Azure Tenant ID."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-uacdecode" "<uacvalue>" "Decode a UserAccountControl value from Active Directory."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-entropy" "<filename>" "Calculate the Shannon entropy value of a file to see its malicious classification rating."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-ldap-epoch" "<epoch>" "Convert an LDAP timestamp to an epoch time."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-urlencode" "<string>" "URL encode a string."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-ec2-inst" "" "Get all ec2 instances in AWS."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-ec2-add-ingres" "<instance-id> <ip> <port> <protocol>" "Add port into instance id security group. Must be a cidr notation (127.0.0.1/32)."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "cl-ec2-block-cidr" "<cidr address> <region>" "Block all inbound traffic in EC2 from this range. Must be a cidr notation (127.0.0.1/32). Default region eu-west-2."
printf "\n${NORMAL}Miscellaneous${NORMAL}:\n"
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "gitpushall" "<commit_message>" "Push all changes and files to git with a commit message."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "ic" "" "Change directory to iCloud Drive."
printf "\t${YELLOW}%-35s${NORMAL} %-53s %s\n" "obsidian" "" "Change directory to Obsidian notes."
printf "\n${CYAN}Useful Exports/Variables${NORMAL}:\n"
printf "\t${YELLOW}%-35s${NORMAL} %s\n" "\$NMAP_ALLPORT_OPTIONS" "${NMAP_ALLPORT_OPTIONS}"
printf "\t${YELLOW}%-35s${NORMAL} %s\n" "\$NMAP_TOP_OPTIONS" "${NMAP_TOP_OPTIONS}"
printf "\t${YELLOW}%-35s${NORMAL} %s\n" "\$NMAP_FLAGS" "${NMAP_FLAGS}"
}
function welcome() {
printf "${GREEN}|--${NORMAL} Welcome to ${PURPLE}g0dmode${NORMAL} ptbuild / bootstrap ${GREEN}--|${END}\n"
printf "${GREEN}|->${NORMAL} $(date)\n\n"
printf "${GREEN}|->${NORMAL} To see the full menu use the command ${YELLOW}cl-help-menu${NORMAL}\n"
}
build_ps1
welcome
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment