Skip to content

Instantly share code, notes, and snippets.

View marz-hunter's full-sized avatar
🕷️
bug

Marzuki marz-hunter

🕷️
bug
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 16, 2024 02:34
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

Loki
https://www.shodan.io/search?query=%22Loki+Locker%22
BlackBit
https://www.shodan.io/search?query=%22Encrypted+by+BlackBit%22
BlackHunt
https://www.shodan.io/search?query=%22Your+Network+Infected+with+BlackHunt+Ransomware+Team%22
Amelia, Proxima
@TameemS
TameemS / debloatMEmu.md
Last active November 15, 2024 23:04
Debloating & Optimizing MEmu

Inspired by this

More of my guides: Debloating LDPlayer - Debloating Nox (Updated)

Edit 22/8/2021: I have updated MEmu and it seems like it reinstalls the apps and re-enables the services. Repeat steps 5, 7, 8, and 9 if you update MEmu.

Debloating MEmu

In my experience, Nox can be quite slow and choppy, and looks like I'm not the only person with this problem. A lot of people say that MEmu performs better than Nox, and I could agree with that. I have no chopping issues with it so far. But like Nox, there are kinda shady stuff going on.

@fransr
fransr / customcsrf.py
Created February 16, 2021 08:30
Hackvertor Custom CSRF tag
import httplib
import urllib
http = httplib.HTTPSConnection('example.com', 443)
cookie = 'your=cookies';
http.request("GET", "/api/v1/csrf", "", {
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36',
'referer': 'https://example.com/',
import xml.etree.ElementTree as ET
import urllib
import base64
import math
import sys
import re
# usage: Open Burp, navigate to proxy history, ctrl-a to select all records, right click and "Save Items" as an .xml file.
# python burplist.py burprequests.xml
# output is saved to wordlist.txt
@aayla-secura
aayla-secura / JSON_to_URL_encoded_form.py
Last active January 2, 2023 02:31
Convert JSON data to URL encoded form (application/x-www-form-urlencoded)
#!/usr/bin/env python3
import json
from urllib.parse import quote, quote_plus
import sys
import os
import argparse
parser = argparse.ArgumentParser(
.php
.html
.txt
.htm
.aspx
.asp
.js
.css
.pgsql.txt
.mysql.txt
@tillson
tillson / gist:620e8ef87bc057f25b0a27c423433fda
Created May 10, 2020 19:22
Decode Base64 strings in a git repo's commit history
from pydriller import RepositoryMining
import re
import base64
foundSet = set()
for commit in RepositoryMining('./').traverse_commits():
for mod in commit.modifications:
if mod.source_code_before != None:
regex = re.findall(r"<text encoding=\"base64\">[^>]+</text>", mod.source_code_before)
for result in regex:
@nullenc0de
nullenc0de / auto_git_query
Last active July 13, 2024 08:51
Automated Github Queries (Can open 29 tabs at a time)
https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code
https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code
https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code
https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code
https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI
@igrigorik
igrigorik / drive-appscript.js
Last active September 13, 2024 07:27
Sample BigQuery queries for the HTTP Archive dataset.
function onOpen() {
var ss = SpreadsheetApp.getActiveSpreadsheet();
var menuEntries = [ {name: "Run Query", functionName: "runQuery"} ];
ss.addMenu("HTTP Archive + BigQuery", menuEntries);
}
function runQuery() {
var projectNumber = 'httparchive';
var sheet = SpreadsheetApp.getActiveSheet();