EdOverflow

• https://scans.io/
• https://commoncrawl.org/
• https://web.archive.org/ (For JS snippets this can be extremely handy. See killbox.sh below that was written for a HackerOne event.)
• https://www.shodan.io/
• https://opendata.rapid7.com/
• https://www.virustotal.com/en/documentation/public-api/ (You can fetch previously-scanned URLs via the API.)
• https://securitytrails.com/
• https://threatcrowd.org/
• https://dnsdumpster.com/
• https://crt.sh/

fransr

#!/bin/bash

# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"

markofu

Security Tools for AWS

I often get asked which tools are good to use for securing your AWS infrastructure so I figured I'd write a short listof some useful Security Tools for the AWS Cloud Infrastructure.

This list is not intended be something completely exhaustive, more so provide a good launching pad for someone as they dig into AWS and want to make it secure from the start.

Open Source

This section focuses on tools and services provided by the community and released as open-source.

ntrzz

curl -s $1 | grep -Eo "(http|https)://[a-zA-Z0-9./?=_-]*" | sort | uniq | grep ".js" > jslinks.txt; while IFS= read link; do python linkfinder.py -i "$link" -o cli; done < jslinks.txt | grep $2 | grep -v $3 | sort -n | uniq; rm -rf jslinks.txt

jhaddix

`
~/
~
ים
   
 
___
__
_

hannob

--- squirrelmail.stable/squirrelmail/class/deliver/Deliver.class.php	2017-01-27 21:31:33.000000000 +0100
+++ htdocs/class/deliver/Deliver.class.php	2018-03-14 17:21:10.320000000 +0100
@@ -281,6 +281,7 @@
                 global $username, $attachment_dir;
                 $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
                 $filename = $message->att_local_name;
+		if(!ctype_alnum($filename)) die();
 
                 // inspect attached file for lines longer than allowed by RFC,
                 // in which case we'll be using base64 encoding (so we can split

jcreedcmu

////////
// The vm module lets you run a string containing javascript code 'in
// a sandbox', where you specify a context of global variables that
// exist for the duration of its execution. This works more or less
// well, and if you're in control of the code that's running, and you
// have a reasonable protocol in mind// for how it expects a certain
// context to exist and interacts with it --- like, maybe a plug-in
// API for a program, with some endpoints defined for it that do
// useful domain-specific things --- your life can go smoothly.

mgeeky

XML Vulnerabilities

XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.

The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.

---

niklasb

require 'yaml'
require 'base64'
require 'erb'

class ActiveSupport
  class Deprecation
    def initialize()
      @silenced = true
    end
    class DeprecatedInstanceVariableProxy

random-robbie

#!/bin/bash
aquatone-discover -d $1 --threads 10
aquatone-scan -d $1 --ports huge --threads 10
DEBUG=nightmare xvfb-run -a aquatone-gather -d $1 --threads 10
aquatone-takeover -d $1 --threads 10