Skip to content

Instantly share code, notes, and snippets.

View hackerpain's full-sized avatar
popping shellz on ya box


popping shellz on ya box
View GitHub Profile
s0md3v / concurrency.go
Last active October 15, 2020 08:52
concurrency in golang
package main
import (
func example_function(){
// function to be run concurrently
Bookmarklet to get rid of NameBio ads.
Requires some effort, to click on the bookmark, to execute the JS code.
I may port it to an extension at some point of time if the ads get more intrusive ;)
dwisiswant0 / .bash_profile
Created May 27, 2020 07:38
SQLi & XSS Vulnerability Scanner
# ▶ go get -u
# ▶ go get -u
# ▶ go get -u
# ▶ go get -u
# ▶ git clone
gauq() {
payloadartist /
Last active February 6, 2021 20:42
Enumerate sub-domains, then open them in Firefox automatically. Useful for taking a quick glance at target's assets, and make notes, while doing recon.
# ------Instructions---------
# Install (and configure) subfinder, assetfinder, and httprobe
# go get -v && go get -v && go get -v
# cat >> ~/.bashrc
# source ~/.bashrc
# Usage - subf_ff target.tld
# asset_ff target.tld
subf_ff () {
subfinder -d $1 -silent -t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done
EdOverflow /
Last active January 30, 2025 22:58
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python --org organization -o /tmp/output
wh1tney /
Last active February 24, 2025 17:33
How to deploy a static website to Heroku


This is a quick tutorial explaining how to get a static website hosted on Heroku.

Why do this?

Heroku hosts apps on the internet, not static websites. To get it to run your static portfolio, personal blog, etc., you need to trick Heroku into thinking your website is a PHP app. This 6-step tutorial will teach you how.

Basic Assumptions

evilpacket / gist:3628941
Created September 5, 2012 01:35
Top 1000 from Alexa Top 1million
wget -q;unzip; awk -F ',' '{print $2}' top-1m.csv|head -1000 > top-1000.txt; rm top-1m.csv*