norsec0de

Idiots Guide to CVSS

CVSS is a formula used by legends that provides risk severity for discovered vulnerabilities. It's an objective representation of the risk that prevents idiots from arguing with you.

There are 3 sections to the CVSS:

• Base Score: This section is where the severity of the vulnerability is determined and is only section that actually matters
• Temporal Score: This section provides additional information to other people, who are responsible for security, but don't know how to use Google.
• Environment Score: This section is for idiots who are not responsible for security, but want to feel included, to tell the rest of us how precious and sensitive their app is.

---

nullenc0de

MD
TermUrl
a
adjust_campaign
alternatives
amount
app
app_id
appname
avoid

lanmaster53

'''
Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written
in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer
runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It
does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in
convenience.

The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written
in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python,
making it "way cooler".

smiegles

require 'selenium-webdriver'

@host = "http://metadata.google.internal/computeMetadata/v1/instance/"

  def setup
    @driver = Selenium::WebDriver.for(
      :remote,
      url: 'https://SELENIUM_URL/wd/hub',
      desired_capabilities: :chrome)
  end

AetherEternity

// Mozilla User Preferences
// To change a preference value, you can either:
// - modify it via the UI (e.g. via about:config in the browser); or
// - set it within a user.js file in your profile (create it if it doesn't exist).
//
// Profile folder location on different systems:
// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default
// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default
// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default

IanColdwater

Mute these words in your settings here: https://twitter.com/settings/muted_keywords

ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet

zenosxx

#!/bin/bash

echo "Recon $1"

domain=$1
path="~/Desktop/Asset-note/"
folder=recon-$(date +"%Y-%m-%d")

sub_path=$path/$domain/$folder/subdomain 
filemon_path=$path/$domain/Filemonitor 

adamrdavid

Database do's and don'ts

This is a generic guidline that applies mostly to Ruby on Rails and Postgres, but can be usefull for running any database migrations in CI.

Table of contents

• Table of contents
• Zero downtime migrations
  • Resources
• Basic tenets

003random

if [[ "$(dig @1.1.1.1 A,CNAME {test321123,testingforwildcard,plsdontgimmearesult}.$domain +short | wc -l)" -gt "1" ]]; then
    echo "[!] Possible wildcard detected."
fi

matt-

<!DOCTYPE html>
<html>
    <head>
      <script>
        
      var proc = false;
      Function.prototype.call= new Proxy(Function.prototype.call, {
        apply: function(target, thisArg, argumentsList) {
          console.log(thisArg)
          if(!proc){