https://stripe.com/docs/api/ruby#create_customer
Astrogeorgeonethree
src: https://www.stationx.net/nmap-cheat-sheet
| Switch | Example | Description |
In today's Testing Analyst workshop, we played around with Nightmare.js, a JavaScript browser automation library that is useful for testing website interfaces.
It is easier to work with Nightmare on your computer, rather than to use it in Cloud9. Here are the instructions to install and get started.
JavaScript normally runs in the browser. Node.js is a version of JS that can run on a server, in a terminal, or on some other device. It allows you to easily prepare and run Nightmare scripts.
- Install Kali linus from the Win10 store.
- Start Kali linux:
$ kali - Install [wget]:
apt-get install wget - Donwload the Kali installation script for [xfce4]:
$ wget https://kali.shxfce4.sh - Run the script:
$ sudo sh xfce4.sh
This will take some time.
- Start the remote desktop server:
$ sudo /etc/init.d/xrdp start
By default it will start on port 3390.
Some folks I believe are under the impression that Trello and other apps like it are more private than they are. These are some Google queries as a proof of concept, that demonstrate the issue. Note: Need to look into the Trello security settings to see if there is a sufficient work-around.
xdavidhu
/ converter.sh
Last active
September 1, 2024 10:56
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Converter.sh by @xdavidhu | |
| # This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix | |
| # With this script, you can convert domain lists to resolved IP lists without duplicates. | |
| # Usage: ./converter.sh [domain-list-file] [output-file] | |
| echo -e "[+] Converter.sh by @xdavidhu\n" | |
| if [ -z "$1" ] || [ -z "$2" ]; then | |
| echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]" | |
| exit 1 |
valeriocos
/ get-bearer-token-twitter-api
Created
June 7, 2018 12:54
Get a bearer token for Twitter application-only requests in Python3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # Copyright (C) 2015-2018 Bitergia | |
| # | |
| # This program is free software; you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation; either version 3 of the License, or | |
| # (at your option) any later version. | |
| # |
hateshape
/ wpeprivate-config.sh
Last active
February 23, 2025 19:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # If you find a site with /_wpeprivate/config.json file exposed, run this and get all kinds of fun goodies. | |
| # If it "no worked" (Technical Term) then you probably need to install jq! | |
| TARGET=$1 | |
| TARGETDOMAIN=$(echo $TARGET | cut -d/ -f3) | |
| # Pretty Colors | |
| RESET='\033[00m' | |
| GREEN='\033[01;32m' |
jermspeaks
/ opendir.md
Created
February 17, 2019 07:19
Manually Searching OpenDirectories on Google
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module: