nullenc0de

/
$$$lang-translate.service.js.aspx
$367-Million-Merger-Blocked.html
$defaultnav
${idfwbonavigation}.xml
$_news.php
$search2
£º
.0
/0

seajaysec

#!/bin/bash
# Requirements: httpie, jq
# Inspired by:
# https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/april/apples_app_site_association_the_new_robots_txt/

echo 'Testing URL for AASA'

full=$1/.well-known/apple-app-site-association

check=`curl -sL -w "%{http_code}\n" "$full" -o /dev/null`

tg12

from datetime import datetime
import time
import threading
###########################
from multiprocessing import Process
import random
###########################
import dns.resolver
import dns.reversename
import ftplib

paralax

package main

import (
	"encoding/json"
	"fmt"
	"github.com/abadojack/gocensys"
	"log"
	"os"
	"strings"
)

blurbdust

mkdir $1
cd $1
amass -d $1 | tee amass.log
subfinder -d $1 -o subfinder.log -b -w /root/tools/all.txt/all.lower.txt -recursive
#subfinder -d $1 -o subfinder.log
python /root/tools/Sublist3r/sublist3r.py -d $1 -o sublister.log
cat *.log >> subs.txt
sort subs.txt | uniq > subdomains.txt
subjack -w subdomains.txt -t 10 -timeout 30 -o results.txt -ssl -a
tko-subs -domains=subdomains.txt -data=/root/go_work/src/github.com/anshumanbh/tko-subs/providers-data.csv | tee tko-subs.log

dineshshetty

Whenever I try using Frida from the official repo https://build.frida.re I kept getting the following errors after which my device panics and restarts:
default	15:46:47.251624 +0530	kernel	AMFI: '/private/var/tmp/frida-D8kjW6.dylib' has no CMS blob?
default	15:46:47.251817 +0530	kernel	AMFI: '/private/var/tmp/frida-D8kjW6.dylib': Unrecoverable CT signature issue, bailing out.


Looks like codesigning/entitlements issue. Here are the steps I followed to get Frida Running on a jailbroken iOS 12 device

Downloads Latest version of Frida from https://github.com/frida/frida/releases. In my case it was frida-server-12.4.0-ios-arm64.xz.
xz -d frida-server-12.4.0-ios-arm64.xz
scp frida-server-12.4.0-ios-arm64 root@<ios-device-ip>:/usr/bin/frida-server

netspooky

import urllib.request, json, sys, textwrap
# Run like
# python3 pubsploit.py CVE-2017-0143

def cveSearch(cve):
    with urllib.request.urlopen('http://cve.circl.lu/api/cve/'+cve) as url:
        data = json.loads(url.read().decode())
        try:
            if data['cvss']:
                print("{} | CVSS {}".format(cve,data['cvss']))

seajaysec

{
    "queries": [{
            "name": "List all owned users",
            "queryList": [{
                "final": true,
                "query": "MATCH (m:User) WHERE m.owned=TRUE RETURN m"
            }]
        },
        {
            "name": "List all owned computers",

jhaddix

#!/bin/bash
export DEBIAN_FRONTEND=noninteractive;
echo "[*] Starting Install... [*]"
echo "[*] Upgrade installed packages to latest [*]"
echo -e "\nRunning a package upgrade...\n"
apt-get -qq update && apt-get -qq dist-upgrade -y
apt full-upgrade -y
apt-get autoclean

echo "[*] Install stuff I use all the time [*]"

hateshape

#!/bin/bash
# If you find a site with /_wpeprivate/config.json file exposed, run this and get all kinds of fun goodies.
# If it "no worked" (Technical Term) then you probably need to install jq!

TARGET=$1
TARGETDOMAIN=$(echo $TARGET | cut -d/ -f3)

# Pretty Colors
RESET='\033[00m'  
GREEN='\033[01;32m'