emadshanab
/ aws.yaml
Created
October 11, 2025 06:15
— forked from nullenc0de/aws.yaml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: aws-iam-privilege-escalation | |
| info: | |
| name: AWS IAM Privilege Escalation Vectors | |
| author: nullenc0de | |
| severity: critical | |
| description: | | |
| Detects AWS IAM policies, credentials, metadata, and configurations that allow privilege escalation paths. | |
| Covers exposed credentials, overly permissive IAM policies, misconfigured metadata services, vulnerable role assumptions, and user-data scripts. | |
| reference: |
emadshanab
/ gist:6cf15582561dbbeefbd3c7000883b430
Created
October 11, 2025 06:04
— forked from simokohonen/gist:1fda088ba349f993922699fc1acf4d5c
185.177.72.50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /Node.js/JavaScript | |
| /.git/hooks/pre-commit | |
| /.env.json | |
| /.cloudfront/keys.json | |
| /.git/refs/stash | |
| /admin/.env.old | |
| /.docker/.env | |
| /.env.docker.dev | |
| /api/aws/s3 | |
| /admin/wp-config.php.old |
emadshanab
/ gist:69b326a7f83fea1d6c9db13f53c7bb63
Created
October 11, 2025 06:03
— forked from simokohonen/gist:d9b24e5066180c79ce4be1761bb9fa9e
.env urls enumeration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /.env | |
| /.env.production | |
| /.env.www | |
| /.env-release.env | |
| /example/.env | |
| /.env | |
| /client/.env.production | |
| /node/.env_example | |
| /.env.test | |
| /.env.local |
emadshanab
/ att-com-subdomain-ips-19000.txt
Created
September 26, 2025 01:45
— forked from Sachinart/att-com-subdomain-ips-19000.txt
att.com all filtered webserver ip's
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 144.160.219.116 | |
| 54.225.86.77 | |
| 144.161.69.22 | |
| 104.115.32.28 | |
| 52.5.91.133 | |
| 206.19.50.76 | |
| 206.19.50.77 | |
| 52.112.194.14 | |
| 144.160.29.76 | |
| 12.200.222.41 |
emadshanab
/ common.txt
Created
September 26, 2025 01:44
— forked from Sachinart/common.txt
custom wordlist common.txt for bruteforce path or directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /.env | |
| /phpinfo.php | |
| /info.php | |
| /admin.php | |
| /api/apidocs | |
| /apidocs | |
| /api | |
| /api/v2 | |
| /api/v1 | |
| /api/v3 |
emadshanab
/ bruteforce-all-subdomains-directory-wordlist.txt
Created
September 26, 2025 01:44
— forked from Sachinart/bruteforce-all-subdomains-directory-wordlist.txt
custom directory list to bruteforce all subdomains
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /index.php.bak | |
| /backup.bak | |
| /index.aspx.bak | |
| /Index.aspx.bak | |
| /Download.aspx.bak | |
| /search.php.bak | |
| /wordpress-db.php.bak | |
| /db.php.bak | |
| /phpinfo.php | |
| /info.php |
emadshanab
/ tomcat_bruteforce.py
Created
April 10, 2025 21:21
— forked from itsecurityco/tomcat_bruteforce.py
Tomcat manager console bruteforce
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Tomcat bruteforce | |
| Author: @itsecurityco | |
| """ | |
| import os | |
| import sys | |
| import getopt | |
| import base64 | |
| import requests |
emadshanab
/ Bruteforce JBoss EAP Admin Console(PoC).py
Created
April 10, 2025 18:06
— forked from unbaiat/Bruteforce JBoss EAP Admin Console(PoC).py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Bruteforce JBoss EAP Admin Console 1.3.4.SP6 (r999) | |
| Author: @itsecurityco | |
| Use: python bruteforce(PoC).py ip:port wordlist | |
| """ | |
| import re | |
| import sys | |
| import urllib | |
| import requests |
emadshanab
/ subenum.sh
Created
April 10, 2025 17:51
— forked from puzzlepeaches/subenum.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| bold="\e[1m" | |
| Underlined="\e[4m" | |
| red="\e[31m" | |
| green="\e[32m" | |
| blue="\e[34m" | |
| #grey="\e[90m" | |
| end="\e[0m" | |
| ugb="" |
emadshanab
/ wordlist.dict
Created
April 10, 2025 17:49
— forked from puzzlepeaches/wordlist.dict
wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .git/HEAD | |
| .git/config | |
| .git/index | |
| .git/logs/HEAD | |
| /.DS_Store | |
| /.appveyor.yml | |
| /.arcconfig | |
| /.arcrc | |
| /.aws/credentials | |
| /.babelrc |