Drew hoodoer
💻
hoodoer
/ List of IP Reputation Checking Services.txt
Last active
November 10, 2021 21:23
Online services to check the reputation of your IP address. Most of these are related to sending email.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://whatismyipaddress.com/blacklist-check | |
| https://ipcheck.proofpoint.com/ | |
| https://www.ipvoid.com/ip-blacklist-check/ | |
| https://talosintelligence.com/reputation_center | |
| https://www.cyren.com/security-center/cyren-ip-reputation-check |
hoodoer
/ Landing Page.html
Last active
December 10, 2019 09:19
IFrames Based Multi-Step CSRF. X-Frame-Options can block this.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hello! Two step CSRF coming up... | |
| <iframe src="step1.html" width="0" height="0"> | |
| </iframe> | |
| <iframe src="step2.html" width="0" height="0"> | |
| </iframe> |
hoodoer
/ csrfPoc.js
Created
December 10, 2019 09:19
XHR Based multi-step CSRF. CORS policy can block this
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function start() | |
| { | |
| alert("Start?"); | |
| } | |
| function sendRequests() | |
| { | |
| // Setup the payment |
hoodoer
/ landingPage.html
Created
December 10, 2019 09:22
New tab based multi-request CSRF. Opens requests in a new tab if iframes are blocked. Haven't gotten this working quite yet though..
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script language="javascript"> | |
| window.onload = function() { | |
| document.getElementById("csrfForm1").submit(); | |
| // to make 2nd form wait for 1st, put the following in a function and use as a callback for a new timer | |
| document.getElementById("csrfForm2").submit(); | |
| } |
hoodoer
/ gobusterCommands.txt
Last active
March 27, 2024 18:08
Gobuster command line examples, with and without proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Using the proxy (burp) can result in rediculously huge project files. You've been warned. | |
| gobuster dir -u https://SOMEURL.com -w /some/word/list.txt -p http://localhost:8080 -k -l | |
| gobuster dir -u https://SOMEURL.com -w /some/word/list.txt -k -l | |
| If you can use --wildcard if it's choking on responses, however if it's sending back 302's for nonexistant, | |
| just change up the accepted status codes: | |
| gobuster dir -u https://SOMNEURL.com -w /som/word/list.txt -k -l -s 200,204,301,307,401,403 |
hoodoer
/ updateGitProjects.sh
Created
December 10, 2019 09:26
Script to update all git projects in a directory. nice for updating backups once you've cloned all the repos you want into a directory.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for i in `ls -d */`; do cd $i && git pull && cd ..; done |
hoodoer
/ Set cookie from console
Created
December 10, 2019 09:28
Set cookie value at web console. This is stupid, but I do it so infrequently that I always end up googling it.
hoodoer
/ wireguardRoutingSnippet.txt
Created
December 10, 2019 09:29
Routing rule for wireguard VPN servers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ufw route allow in on wg0s out on eth0 |
hoodoer
/ Chromium startup parameters
Created
December 10, 2019 09:30
Chromium startup command for Kali and web app testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chromium --no-sandbox --proxy-server="http://127.0.0.1:8080" --disable-xss-auditor & |
hoodoer
/ Tor ghost auto IP switching.txt
Created
December 10, 2019 09:31
Tor Ghost auto IP switching with logging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| So use a simple watch -n 30 torghost switch | |
| That'll get you regular new IP addresses. | |
| To log the IP addresses isn't as clean, do this (make sure you proxy through burp, and have Burp configured to use Tor proxy) | |
| watch -n 15 -t curl --proxy http://127.0.0.1:8080 -s ipinfo.io/ip >> torSourceIPs.txt | |
| Due to weird formatting, you'll often not actually see those IP addresses if you cat the file, but they're there if you open it in sublime or something. | |
| You can grep them out cleanly with this: |
OlderNewer