Quick Commands
==============
Function: Apache Buddy
Usage: perl <( curl http://cloudfiles.fanatassist.com/apachebuddy.pl ) --port 80

Function: Apache2 Buddy
Usage: perl <( curl http://apache2buddy.pl ) --port 80


Function: Poor Man's Apache Buddy
Usage: ps -o rss -C httpd,apache2,php-fpm | tail -n +2 | awk '{total+=$1}END{print "count : " NR "\ntotal : " total/1024 " MB" "\navg   : " total/1024/NR " MB"  }'

Function: MySQL Tuner
Usage: perl <( curl -L https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl)

Function: MySQL Tuner for Cloud DB
Usage:  perl <( curl -L https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl) \
--host 000000000000000.rackspaceclouddb.com --user user --pass "PASSWORD" --forcemem 1024

Function: MySQL Primer
Usage: curl http://www.day32.com/MySQL/tuning-primer.sh | bash

Function: MySQL Show User Host Passwords
Usage: select user,host,password from mysql.user;

Function: MySQL Show User Host/DB Relationship
Usage: SELECT user,host,db from mysql.db;

Function: Show MySQL Processlist Updated Every Second
Usage: mysqladmin -u root -p -i 1 processlist

Function: Show MySQL Thread and Connection Count
Usage: mysqladmin extended-status | grep -wi 'threads_connected\|threads_running' | awk '{ print $2,$4}'

==============
Function: Quick Vhost
Usage: bash <(curl justcurl.com  -H "host: example.com " -H "x-docroot: /var/www/vhosts/example.com/public_html ")

Function: Octet Permissions
Usage: stat -c '%A %a %n' .* * 

Function: Reset Folder and File Permissions (Great for Wordpress)
Usage: find . -type d -print0 | xargs -0 chmod 02775
       find . -type f -print0 | xargs -0 chmod 0664

Function: Add Swap
Usage: dd if=/dev/zero of=/swapfile bs=1024 count=2015536 && mkswap /swapfile && swapon /swapfile

Function: Apache Status
Usage: /etc/init.d/httpd fullstatus

Function: Drop Caches
Usage: sync && echo 3 > /proc/sys/vm/drop_caches

Function: Largest Directory/Files 
Usage: du -hsx * | sort -rh | head -10

Function: Largest Open Files
Usage: sudo lsof -s | awk '$5 == "REG"' | sort -n -r -k 7,7 | head -n 50

Function: Linux Version
Usage: uname -a && cat /etc/*release

Function: Log Rotate
Usage: logrotate -vf /etc/logrotate.conf

Function: mv  up ...
Usage: mv * .[^.]* ..

Function: Outside IP
Usage: curl -s checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//' 

Function: pwgen
Usage: pwgen -B -c -n -y 15

Function: Server Status
Usage: curl -IL localhost/server-status?auto

Function: Varnish stat
Usage: varnishstat -1

'
Hack Comprimised
================
Function: Apache what is being called the most
Usage: awk '{print $7}' *access.log|cut -d? -f1|sort|uniq -c|sort -nk1|tail -n10

Function: Failed Password
Usage: grep "Failed password" /var/log/secure |cut -d ":" -f 4 |grep -v "invalid user" |awk '{print $6 }' |sort -n |uniq -c

Function: Hit Server X times
Usage: tail -n20000 example.com-access.log | cut -d- -f1 | sort | uniq -c | sort -nr | head 

Function: Hits per hour
Usage: grep "1/Nov" *access?log | cut -d[ -f2 | cut -d] -f1 | awk -F: '{print $2":00"}' | sort -n | uniq -c

Function: tcpdump 53
Usage: tcpdump -i any port 53

Function: Top Connected IPs
Usage: netstat -antu | grep :80 | grep -v LISTEN | awk '{print $5}' | sort | uniq -c | sort -rn

Function: Total Web Connections
Usage: netstat -ntu | grep :80 | grep -v LISTEN | awk '{print $5}' | cut -d: -f1 | grep -v 127.0.0.1 | wc -l

Function: Unique IP Connection Count
Usage: netstat -ntu | grep :80 | grep -v LISTEN | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -rn | grep -v 127.0.0.1 | wc -l

Function: Watch Connections
Usage: bash <(curl -s http://hoshisato.com/tools/code/watchconnections.sh)

Function: Watch which files are changing
Usage: watch -n 1 -d ls -l ./*?log

Function: Wordpress Failed Login IPs
Usage: cat access_log | grep wp-login.php | awk '{print $1}' | sort | uniq -c | sort -rn

Function: Skip Bad Transaction on Slave (Not recommended !)
Usage: MySQL> SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1;

Function: Scan for all TCP and UDP Open Ports
Usage: sudo nmap -n -PN -sT -sU -p- 0.0.0.0

Others
======
Function: ETH UP
Usage: systemctl start dhcpcd@enp3s0.service

Function: Find all .conf
Usage: find /etc -name "*.conf" | xargs ls –l

Function: Open file via CML
Usage: xdg-open

Function: OpenVPN
Usage: openvpn --config /etc/openvpn/*.ovpn --redirect-gateway def1

Function: Page Loads
Usage: time wget -q -r level=1 http://

Function: Phrase to file
Usage: httpd -S > /home/rack/domains.txt 2>&1

Function: shuttle
Usage: sshuttle -r user@example.com -x 10.0.0.0/8 -x 192.168.0.0/16 0/0

Function: AB (Bench Mark tool)
Usage: ab -n 1000 -c 50 https://

Function: stress test
Usage: siege -c 50 http://

Function: TAR Compress
Usage: tar cfzv backup-$(date +%Y-%m-%d).tar.gz /home

Function: TAR Uncompress
Usage: tar xvzf

Function: Sed and Replace
Usage: sed -i 's/before/after/g' /home/file.txt

Unsorted

curl -Is http://hoshisato.com | head -n 1

du -h /var --max-depth 1 2>&1 | grep -v "^du: cannot read" | sort -h && ls -alSr /var | grep -v ^d | grep -v ^l | tail

# Mount SSHFS
sshfs -p xxxx xxxx@x.x.x.x:/ /mnt -o cache=yes -o kernel_cache -o compression=yes
# Unmount 
fusermount -u /mnt

# Strace
pgrep "php-fpm|php5-fpm|apache2|httpd" | awk '{print"-p "$1}' | xargs strace -tts 4096 -vvvf 2>&1 | tee /root/strace.log

# Parse BIND9/Named Query logs (Most requested Query)
cat queries.log | cut -d" " -f4,6 | sed 's/#/ /g' | awk '{print $1,$3}' | sort | uniq -c | sort -nr


Prefabs
=======
!addip
!call
!csr
!csrr
!cyberduck
!hacked
!mon
!pend
!scale
!sig


Through ServingBaby.com
HoshiSato.com Contact Me
Hits: