Skip to content

Instantly share code, notes, and snippets.

View rudSarkar's full-sized avatar
:electron:
Negatively Charged

Rudra Sarkar rudSarkar

:electron:
Negatively Charged
156 followers · 98 following
View GitHub Profile
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active August 4, 2025 04:37
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@tomnomnom
tomnomnom / google-copy.js
Created June 19, 2019 21:27
Bookmarklet to copy URLs from a Google search results page
javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b)
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@seresistvanandras
seresistvanandras / OBWS_2.md
Last active June 3, 2024 06:08
Hacking smart contracts for fun and profit

Hacking smart contracts for fun and profit

Description of the game

The goal of the game to break as many contracts as possible! Note: one of these contracts is a HONEYPOT! BE CAREFUL!!

Claim your Ropsten test ether here!

The contracts you need to break and their addresses:

@mbchoa
mbchoa / main.go
Created December 25, 2018 21:32
Example usage of MongoDB's official Go Driver with nested struct types
package main
import (
"context"
"fmt"
"log"
"github.com/mongodb/mongo-go-driver/bson"
"github.com/mongodb/mongo-go-driver/mongo"
"github.com/mongodb/mongo-go-driver/mongo/options"
@fransr
fransr / bucket-disclose.sh
Last active February 16, 2025 14:38
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
@gunnarx
gunnarx / gist:527fbc385a2e76f89609d837b6447f85
Last active December 3, 2024 07:45
Docker to Virtualbox
@gboudreau
gboudreau / AuthyToOtherAuthenticator.md
Last active August 4, 2025 09:07 — forked from Ingramz/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Exporting your 2FA tokens from Authy to transfer them into another 2FA application

IMPORTANT - Update regarding deprecation of Authy desktop apps

Past August 2024, Authy stopped supported the desktop version of their apps:
See Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August for details.

And indeed, after a while, Authy changed something in their backend which now prevents the old desktop app from logging in. If you are already logged in, then you are in luck, and you can follow the instructions below to export your tokens.

If you are not logged in anymore, but can find a backup of the necessary files, then restore those files, and re-install Authy 2.2.3 following the instructions below, and it should work as expected.

@olih
olih / jq-cheetsheet.md
Last active August 4, 2025 20:04
jq Cheet Sheet

Processing JSON using jq

jq is useful to slice, filter, map and transform structured json data.

Installing jq

On Mac OS

brew install jq

@parmentf
parmentf / GitCommitEmoji.md
Last active August 2, 2025 18:26
Git Commit message Emoji