Skip to content

Instantly share code, notes, and snippets.

View sanhphanvan96's full-sized avatar
✔️
Verified Security Engineer

sanhphanvan96

✔️
Verified Security Engineer
View GitHub Profile
DOMAIN-SUFFIX,api-adservices.apple.com
DOMAIN-SUFFIX,books-analytics-events.apple.com
DOMAIN-SUFFIX,metrics.icloud.com
DOMAIN-SUFFIX,metrics.mzstatic.com
DOMAIN-SUFFIX,notes-analytics-events.apple.com
DOMAIN-SUFFIX,securemetrics.apple.com
DOMAIN-SUFFIX,stocks-analytics-events.apple.com
DOMAIN-SUFFIX,supportmetrics.apple.com
DOMAIN-SUFFIX,weather-analytics-events.apple.com
DOMAIN-SUFFIX,iadsdk.apple.com
// ==UserScript==
// @name Absolute Enable Right Click & Copy
// @namespace Absolute Right Click
// @description Force Enable Right Click & Copy & Highlight
// @shortcutKeys [Ctrl + `] Activate Absolute Right Click Mode To Force Remove Any Type Of Protection
// @author Absolute
// @version 1.8.9
// @icon https://i.imgur.com/AC7SyUr.png
// @compatible Chrome Google Chrome + Tampermonkey
// @match https://ecall.vn/*
@sanhphanvan96
sanhphanvan96 / CVE-2020-8515.go
Created February 7, 2021 05:51 — forked from 0xsha/CVE-2020-8515.go
CVE-2020-8515: DrayTek pre-auth remote root RCE
package main
/*
CVE-2020-8515: DrayTek pre-auth remote root RCE
Mon Mar 30 2020 - 0xsha.io
Affected:
# All scripts
```
--tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
```
# General scripts
```
--tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
```
# Microsoft access
```
@sanhphanvan96
sanhphanvan96 / cloud_metadata.txt
Created June 5, 2020 01:47 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@sanhphanvan96
sanhphanvan96 / burpsettings.json
Created September 25, 2019 10:40 — forked from jgamblin/burpsettings.json
Burp Settings JSON
{
"project_options":{
"connections":{
"hostname_resolution":[],
"out_of_scope_requests":{
"drop_all_out_of_scope":false,
"exclude":[
{
"enabled":true,
"file":"logout",
@sanhphanvan96
sanhphanvan96 / nginx.conf
Created July 21, 2019 13:33 — forked from nrollr/nginx.conf
NGINX config for SSL with Let's Encrypt certs
# UPDATED 17 February 2019
# Redirect all HTTP traffic to HTTPS
server {
listen 80;
listen [::]:80;
server_name www.domain.com domain.com;
return 301 https://$host$request_uri;
}
# SSL configuration
@sanhphanvan96
sanhphanvan96 / gotoCell.js
Created May 20, 2019 10:52 — forked from tamirko/gotoCell.js
How to go to a specific cell in a Google sheet ?
function onOpen()
{
var menuEntries = [{name: "Go to", functionName: "goToCell"}];
SpreadsheetApp.getActiveSpreadsheet().addMenu("MyUtils", menuEntries);
}
function goToCell()
{
var strRange = Browser.inputBox("Insert the required cell (e.g.: B351):", Browser.Buttons.OK_CANCEL);
if(strRange != "cancel")
@sanhphanvan96
sanhphanvan96 / Dockerfile
Created October 12, 2018 00:38
docker-heroku-rails
FROM heroku/heroku:18-build
# Which versions?
ENV RUBY_MAJOR_VERSION 2.5.0
ENV RUBY_VERSION 2.5.1
ENV BUNDLER_VERSION 1.15.2
ENV NODE_VERSION 8.11.3
ENV YARN_VERSION 1.5.1
ENV LC_ALL en_US.UTF-8
// ==UserScript==
// @name Facebook Filter
// @namespace namespace
// @icon https://cdn3.iconfinder.com/data/icons/free-social-icons/67/facebook_circle_color-128.png
// @description Hide Facebook posts you don't wanna see.
// @include http://www.facebook.com/*
// @include https://www.facebook.com/*
// @exclude https://www.facebook.com/permalink.php*
// @grant GM_notification
// ==/UserScript==