Wednesday, December 10, 2025

STOP POSTING PICTURES WITH YOUR METADATA IN FULL VIEW 

remove meta data from jpg on macOS using Terminal

you will need Brew install on your mac

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

install ExifTool

brew install exiftool

open terminal and change directory to the location of files you wish to remove meta data

Terminal commands

this will display the metadata in your file

exiftool your_file.jpeg

removed all metadata from your file

exiftool -all= -overwrite_original your_file.jpeg 

Extra Paranoid removal

exiftool -all= --icc_profile:all -m -overwrite_original *.jpeg

validate your metadata has been removed

exiftool "your_file.jpg" | grep -i "gps\|location\|date\|camera\|iphone"

Pro-Tip, remove all metadata in files in a directory

exiftool -all= -overwrite_original -r *.jpeg *.jpeg *.png *.heic 2>/dev/null && echo "All metadata stripped ✅"


STOP POSTING PICTURES WITH YOUR METADATA IN FULL VIEW

Posted by at No comments:

Thursday, August 21, 2025

 My Brew install list

Brew install btop

Brew install nvtop

Brew install asitop

Brew install duf

Brew install cool-retro-term

Brew install mtr

Brew install glances

brew install termshark

brew install lsof

brew install ipcalc


more to come, if you don't know what these do, google is your friend. I recommend you install them and geek out on them


Posted by at No comments:

Wednesday, June 4, 2025

 Linux grep Commands

V grep "example" my.txt search for "example" in "my.txt" 

V grep "example" * txt search for "example" in all ".txt" files 

V grep-i "example" my.txt search for "example" while ignoring cases 

V grep-c "example" my.txt count # of lines that contain "example" 

V grep-n "example" my.txt show line numbers along with matched lines v grep-r "example" '. search for "example" in all files recursively grep-v "example" my.txt display lines that do not contain "example" 

V grep-w "example" search for lines containing "example" as a full word 

V grep -e "key1" -e "key?" my.txt show lines containing either pattern 

V grep-v-e "key1" -e "key2" my.txt show lines containing neither pattern 

V grep "key1"key2" my.txt display lines contain both "key1" and "key?"

V grep -E "errorlwarning" app.log use extended regex for matching 

V grep -E "^[a-zA-Z]" my.tt another extended regex example v grep-m3 "keyword" my.txt limit grep output to a fixed number of lines 

V grep-A2-B2 "example" my.txt show 2 lines before and after match v grep -C3 "error" server.log show 3 lines before and after match grep- "spoofing" my.txt show lines that exactly match a string 

V grep- "example" * display file names that match the pattern 

V grep "^hello" my.txt show all lines that start with "hello" 

V grep "done$" my.txt show all lines that end with "done" grep-o "begin."end" my.txt show only the matched string v grep -color "example" my.txt display matches with color v grep "[0-9]" my.txt show all lines that contain any digits grep-a "string" my.bin search for a string in a binary file

Posted by at No comments:

 

Useful Wireshark filters



  • ip.addr == 10.0.0.1: Show all traffic with 10.0.0.1 as either source or destination.
  • ip.addr == 10.0.0.0/24: Show all traffic to and from any address in 10.0.0.0/24.
  • ip.src == 10.0.0.1 && ip.dst == 10.0.0.2: Show all traffic from 10.0.0.1 to 10.0.0.2.
  • ! ip.addr == 10.0.0.1): Exclude all traffic to or from 10.0.0.1.
  • iсmp.type == 3: Show ICMP "destination unreachable" packets.
  • tep or udp: Show TCP or UDP traffic.
  • tcp.port == 80: Show TCP traffic with port 80.
  • tcp.srcport < 1000: Show TCP traffic with source port range.
  • http or dns: Show all HTTP or DNS traffic.
  • tcp.flags.syn == 1: Show TCP packets with SYN flag set.
  • tcp.flags == 0x012: Show TCP packets with both SYN and ACK flags set.
  • tcp.analysis.retransmission: Show all retransmitted TCP packets.
  • http.request.method == "GET": Show TCP packets associated with HITP GET.
  • http.response.code == 404: Show packets associated with HTTP 404 response.
  • http.host == www.abc.com: Show HTTP traffic matching the Host header field.
  • tls.handshake: Show only TLS handshake packets.
  • tis.handshake.type == 1: Show client Hello packet during TLS handshake.
  • dhep and ip.addr == 10.0.0.0/24: Show DHCP traffic for 10.0.0.0/24 subnet.
  • dhcp.hw.mac_addr == 00:11:22:33:44:55: Show DHCP packets for client MAC address.
  • dns.resp.name == cnn.com: Show DNS responses with name field of "cnn.com".
  • frame contains keyword: Show all packets that contain the word "keyword".
  • frame.len > 1000: Show all packets with total length larger than 1000 bytes.
  • eth.addr == 00:11:22:33:44:55: Show all traffic to or from the specified MAC address.
  • eth[0x47:2] == 01:80: Match Ethernet frames with 2 bytes at offset 0x47 == 01:80.
  • !(arp or icmp or stp): Filter out background traffic from ARP, ICMP, and STP.
  • vlan.id == 100: Show packets with VLAN ID 100.
Posted by at No comments:
Subscribe to: Comments (Atom)