Skip to content

Instantly share code, notes, and snippets.

View random-robbie's full-sized avatar
💭
Hacking!

Robbie random-robbie

💭
Hacking!
1.8k followers · 161 following
View GitHub Profile
@random-robbie
random-robbie / tweets.js
Created April 7, 2026 13:25
extra a users tweets visit their profile and copy it in to console
(async () => {
const delay = ms => new Promise(r => setTimeout(r, ms));
const tweets = new Map();
const extract = () => {
document.querySelectorAll('article[data-testid="tweet"]').forEach(el => {
const textEl = el.querySelector('[data-testid="tweetText"]');
const timeEl = el.querySelector('time');
const likeEl = el.querySelector('[data-testid="like"] span[data-testid="app-text-transition-container"]');
const retweetEl = el.querySelector('[data-testid="retweet"] span[data-testid="app-text-transition-container"]');
@random-robbie
random-robbie / bookmarks.js
Created April 5, 2026 09:38
Extra 30 days of bookmarks from yout twitter account to csv just copy in to console and press enter
(async () => {
const cutoff = new Date(Date.now() - 30 * 24 * 60 * 60 * 1000);
const seen = new Map();
const sleep = ms => new Promise(r => setTimeout(r, ms));
function collectFromPage() {
const articles = [...document.querySelectorAll('article')];
for (const article of articles) {
const timeEl = article.querySelector('time');
@random-robbie
random-robbie / sqlmap.md
Created February 10, 2026 21:18
best tamper scripts for mysql for sqlmap

Essential MySQL Tamper Scripts

Most Effective General Purpose:

--tamper=between,randomcase,space2comment

  • between - Replaces > with NOT BETWEEN 0 AND # and = with BETWEEN # AND #
  • randomcase - Randomizes case of keywords (bypass case-sensitive filters)
  • space2comment - Replaces spaces with /**/ comments

For WAF/Filter Bypass:

@random-robbie
random-robbie / smartdns.txt
Created December 10, 2025 11:12
*.bamgrid.com
*.bamtech.co
*.brightcove.net
*.dazn.com
*.dazn.link
*.daznbet.com
*.daznbet.de
*.dazndn.com
*.dazngroup.com
*.discomax.com
@random-robbie
random-robbie / testla.ino
Created October 21, 2025 18:48
// ESP8266 433MHz Tesla Signal Transmitter
// Transmits Tesla charging port unlock signals continuously
#define TX_PIN 5 // GPIO5 (D1 on NodeMCU) - Connect your 433MHz transmitter data pin here
#define LED_PIN 2 // GPIO2 (Built-in LED on most ESP8266 boards)
// Signal arrays
const int16_t signal_433_Tesla_Captured_EU_AUS[] = {
400, -400, 400, -400, 400, -400, 400, -400, 400, -400, 400, -400, 400, -400, 400, -400, 400, -400, 400, -400,
400, -400, 400, -400, 400, -1200, 400, -400, 400, -400, 800, -800, 400, -400, 800, -800, 800, -800, 400, -400,
@random-robbie
random-robbie / springboot.md
Last active August 8, 2025 07:00

Attacking Spring Boot Servers: Actuator Endpoints and Bypasses

Spring Boot Actuators provide production-ready features to monitor and manage your application. While incredibly useful for developers and operations teams, misconfigured or exposed Actuator endpoints can introduce significant security risks. This document outlines how to identify, exploit, and bypass common configurations of Spring Boot Actuator endpoints.

1. Understanding Spring Boot Actuators

Spring Boot Actuators expose various operational information about the running application, such as health, metrics, info, environment properties, and more. It's crucial to understand the differences in endpoint exposure between Spring Boot 1.x and 2.x+:

  • Spring Boot 1.x: Actuator endpoints were typically exposed directly at the root context (e.g., /health, /env, /metrics).
  • Spring Boot 2.x+: By default, Actuator endpoints are exposed under the /actuator/ base path (e.g., /actuator/health, /actuator/env).
@random-robbie
random-robbie / test.md
Created June 27, 2025 13:21

Spanish/Irish Day Trip Options

Option 1: Dublin, Ireland - 16th July 2025

Detail Information
Route LPL → DUB
Date Wednesday, 16 July 2025
Outbound 07:40 - Ryanair - £14.99
Return 23:10 - Ryanair - £14.99
Total Cost £29.98
@random-robbie
random-robbie / ruby_deserial_scanner.py
Created June 21, 2025 08:49
#!/usr/bin/env python3
"""
Ruby Deserialization Security Scanner
=====================================
A safe security testing tool for identifying Ruby deserialization vulnerabilities.
DISCLAIMER: This tool is for authorized security testing only.
- Only use on systems you own or have explicit permission to test
- Do not use for malicious purposes
@random-robbie
random-robbie / moodle.txt
Last active February 21, 2025 10:20
tag,md5_hash
v4.5.2,964f2c45611e5493ec0f0bff28048378
v4.5.1,964f2c45611e5493ec0f0bff28048378
v4.5.0,964f2c45611e5493ec0f0bff28048378
v4.5.0-rc2,964f2c45611e5493ec0f0bff28048378
v4.5.0-rc1,964f2c45611e5493ec0f0bff28048378
v4.5.0-beta,964f2c45611e5493ec0f0bff28048378
v4.4.6,f76f529fb9a8f5ee7c31c263a5302e28
v4.4.5,dd6e694889251b05d5ef265fb4b471c9
v4.4.4,640e89cc49beee2057dc4f527ee17015
@random-robbie
random-robbie / gist:e8f4d43807c81515ac72a902394bbc3d
Created February 17, 2025 20:01
- Kevin Lacey — The FAA’s Administrator had launched an investigation into SpaceX after a spectacular rocket explosion; he’s now been forced out.
— The Department of Justice was looking into possible violations of securities and other laws by Musk and Tesla; it’s probably safe to assume that investigation won’t go any farther.
— The USAID Inspector General was investigating how Musk's SpaceX Starlink satellite terminals, purchased with USAID funds, were used in Ukraine’s war to defend itself from Russia.
— The Department of Defense’s Inspector General opened a review in 2024 into alleged repeated failures by Musk and SpaceX to properly disclose their contact with foreign leaders; he’s now fired.
— The USDA Inspector General's office was investigating alleged animal abuse at Neuralink, Musk’s brain implant company; he’s been fired.
— The National Transportation Safety Board, overseen by the DOT, had several open probes into Tesla regarding its remote and self-driving vehicles; odds are they’ll be dropped