This is my study notes for HTML5 & CSS3. You will find lot of basic HTML/CSS stuff as well. This is because I didn't know even the basics and taking notes on them as well.
reference: http://developers.whatwg.org/ and several other sources. Many points were noted using firebug (firefox add-on) during usual browsing.
This document has 3 major sections:
Nuclei Templates
| #!/bin/bash | |
| echo 'Usage : bash subdomains_oneliners.sh target.com' | |
| curl -s "https://rapiddns.io/subdomain/$1?full=1#result" |grep '<td>' |grep "$1" |cut -d '>' -f 2 |cut -d '<' -f 1 |sort -u | |
| curl -s "https://api.certspotter.com/v1/issuances?domain=$1&include_subdomains=true&expand=dns_names" | jq .[].dns_names | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u | |
| curl -s "http://web.archive.org/cdx/search/cdx?url=*.$1/*&output=text&fl=original&collapse=urlkey" | sed -e 's_https*://__' -e "s/\/.*//" | sort -u |
| Filter | Description | Example |
|---|---|---|
| allintext | Searches for occurrences of all the keywords given. | allintext:"keyword" |
| intext | Searches for the occurrences of keywords all at once or one at a time. | intext:"keyword" |
| inurl | Searches for a URL matching one of the keywords. | inurl:"keyword" |
| allinurl | Searches for a URL matching all the keywords in the query. | allinurl:"keyword" |
| intitle | Searches for occurrences of keywords in title all or one. | intitle:"keyword" |
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
| XSS |
| "acceptInsecureCerts", | |
| "acceptSslCerts", | |
| "accessibilityChecks", | |
| "ACCESSKEY", | |
| "ACCESSKEYID", | |
| "ACCESS_KEY", | |
| "ACCESS_KEY_ID", | |
| "ACCESS_KEY_SECRET", | |
| "ACCESS_SECRET", | |
| "ACCESS_TOKEN", |
| /proc/mounts | |
| /proc/mounts | |
| /proc/net/arp | |
| /etc/motd | |
| /etc/mysql/my.cnf | |
| /proc/net/route | |
| /proc/sched_debug | |
| /proc/self/environ | |
| /home/$USER/.bash_history | |
| /home/$USER/.ssh/id_rsa |
