I hereby claim:
- I am LuD1161 on github.
- I am aseemshrey (https://keybase.io/aseemshrey) on keybase.
- I have a public key whose fingerprint is 67B7 7F3A F3DA 6ACB 5662 6391 A7AE 09D5 4F0E C798
To claim this, I am signing this object:
Aseem Shrey LuD1161
👋
LuD1161
/ keybase.md
Created
February 7, 2017 07:38
Hi ~ This is a gist !
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| char_al_num = '0123456789abcdefghijklmnopqrstuvwxyz' | |
| char_Al = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' | |
| char_spl = '!"#$%&\'()*+,-./:;<=>?@^_`{|}~ ' | |
| char_Al += char_spl | |
| put_secret_in_chat = "/name leaker ] {color:blue; background:url(/room/3fa91dea-2fc6-4e0f-a614-8243c50e62d8/send?name=admin&msg=/secret abc; Domain=somecompany.co.uk);} " | |
| def generate_payload(new_char_returned_by_admin): |
LuD1161
/ catchat.js
Created
June 25, 2018 10:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Set name | |
| let color = ['brown', 'black', 'yellow', 'white', 'grey', 'red'][Math.floor(Math.random()*6)]; | |
| let breed = ['ragamuffin', 'persian', 'siamese', 'siberian', 'birman', 'bombay', 'ragdoll'][Math.floor(Math.random()*7)]; | |
| if (!localStorage.name) localStorage.name = color + '_' + breed; | |
| // Utility functions | |
| let cookie = (name) => (document.cookie.match(new RegExp(`(?:^|; )${name}=(.*?)(?:$|;)`)) || [])[1]; | |
| let esc = (str) => str.replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"').replace(/'/g, '''); | |
| // Sending messages |
LuD1161
/ CORS-and-Clickjacking-Test.html
Created
June 28, 2018 19:32
CORS-and-clickjacking-test-bbty
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"/> | |
| <title>CORS and Clickjacking checker</title> | |
| <style> | |
| body { | |
| font-family: Arial; | |
| color: white; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SSH Tunnelling | |
| https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel | |
| ssh -D 8123 -f -C -q -N [email protected] | |
| # For decompiling to source files from webpack's compiled bundle, if you have the map | |
| https://github.com/paazmaya/shuji or forked one here ( https://github.com/LuD1161/shuji ) | |
| To get the source map usually append .map at the end of .js urls like : | |
| https://company.com/app.b12fec8.js so map would be at https://company.com/app.b12fec8.js.map |
LuD1161
/ master_script.sh
Last active
December 18, 2023 06:24
Master Script to automate all the recon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -z "$2" ] | |
| then | |
| echo "2nd Argument not supplied" | |
| echo "2nd argument can be basic or advanced,it used for nmap" | |
| echo "Usage : ./master_script.sh domain basic|advanced" | |
| echo "Also do set your expo token export expToken=xxxx to receive push notification when this gets completed" | |
| echo "Get your expo token here : https://play.google.com/store/apps/details?id=com.hackingsimplified.notifyme" | |
| exit 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| domain=$1 | |
| resultDir=$2 | |
| resultfile=$resultDir/$domain.amass.txt | |
| touch $resultfile | |
| echo "" >> $resultDir/log.txt | |
| echo "AMASS Logs Now" >> $resultDir/log.txt | |
| echo "" >> $resultDir/log.txt |
LuD1161
/ setup_bbty.sh
Last active
February 15, 2024 21:30
Setup Bug Bounty Tools on AWS instance / any VPS for that matter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Execute as wget -O - https://gist.github.com/LuD1161/66f30da6d8b6c1c05b9f6708525ea885/raw | bash | |
| # # Thanks JeffreyShran for the gist url thing | |
| # | |
| # | |
| # It's debian based, so for centos and likewise you have to change apt to yum and similarly | |
| # | |
| InstallationStartTime=$(date +%s) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import sys | |
| import csv | |
| from itertools import groupby | |
| # | |
| # Layout of initial file that is sent | |
| # 104.16.199.134,8080 | |
| # 104.16.199.134,8443 | |
| # 104.16.199.134,8880 | |
| # 162.159.0.102,53 |
OlderNewer