secfb
/ foxyproxyBB.json
Created
June 30, 2020 08:04
— forked from 0xatul/foxyproxyBB.json
firefox foxy proxy settings for BB stuff
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "84kr3q1592995213323": { | |
| "type": 1, | |
| "color": "#cc883a", | |
| "title": "Burp", | |
| "active": true, | |
| "address": "127.0.0.1", | |
| "port": 8080, | |
| "proxyDNS": false, | |
| "username": "", |
secfb
/ cors_poc.html
Created
June 5, 2020 08:42
— forked from securITymania/cors_poc.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>CORS PoC Exploit</title> | |
| </head> | |
| <body> | |
| <center> | |
| <h1>CORS Exploit<br>secureITmania</h1> | |
| <hr> |
secfb
/ .bash_profile
Created
May 27, 2020 18:51
— forked from dwisiswant0/.bash_profile
SQLi & XSS Vulnerability Scanner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # ▶ go get -u github.com/lc/gau | |
| # ▶ go get -u github.com/tomnomnom/qsreplace | |
| # ▶ go get -u github.com/tomnomnom/hacks/kxss | |
| # ▶ go get -u github.com/hahwul/dalfox | |
| # ▶ git clone https://github.com/dwisiswant0/DSSS | |
| ### | |
| gauq() { |
secfb
/ nuclei-scan.sh
Created
May 23, 2020 00:44
— forked from dwisiswant0/nuclei-scan.sh
Automate nuclei for given hosts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| OUT="~/nuclei-results/$1" | |
| TPL="~/nuclei-templates" | |
| mkdir -p ${OUT} | |
| SUB=$(subfinder -d $1 -silent | httprobe | tee ${OUT}/$1.txt) | |
| cd ${TPL}; git pull origin master && cd - | |
| for tpl in $(find $TPL -name "*.yaml"); do |
secfb
/ gist:250906fcea4d6b7a13e29120ec897a31
Created
May 18, 2020 15:26
— forked from Parasimpaticki/gist:0b1f1f508b2ee2a146244ab53d0bb3b8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Escape slash from name for folder name | |
| folderName=$(echo $1| awk '{gsub("/","_")}1'); | |
| mkdir $folderName && cd $folderName | |
| fqdn=$1; | |
| ipList=$(dig +short $fqdn|grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'); #Get all A names | |
| if [ -z "$ipList" ] | |
| then | |
| ipArgument=$fqdn |
secfb
/ install.sh
Created
May 12, 2020 09:26
— forked from 5bhuv4n35h/install.sh
pentest setup backup shell script to install sublime,typora,shellter,wine,figlet,lolcat,gobuster automatically using linux commands #oscp #pentest #documentation #tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##### (Cosmetic) Colour output | |
| RED="\033[01;31m" # Issues/Errors | |
| GREEN="\033[01;32m" # Success | |
| YELLOW="\033[01;33m" # Warnings/Information | |
| BLUE="\033[01;34m" # Heading | |
| BOLD="\033[01;01m" # Highlight | |
| RESET="\033[00m" # Normal |
secfb
/ c99-nl.py
Created
April 6, 2020 11:22
— forked from si9int/c99-nl.py
Automates https://subdomainfinder.c99.nl | Usage: python3 c99-nl.py <domain.com> | Requirements: pip3 install bs4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # v.0.2 | twitter.com/si9int | |
| import requests, sys | |
| from bs4 import BeautifulSoup as bs | |
| domain = sys.argv[1] | |
| subdomains = [] | |
| def get_csrf_params(): | |
| csrf_params = {} |
secfb
/ firefox.sh
Created
March 21, 2020 10:09
— forked from payloadartist/firefox.sh
Enumerate sub-domains, then open them in Firefox automatically. Useful for taking a quick glance at target's assets, and make notes, while doing recon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # cat firefox.sh >> ~/.bashrc | |
| # Usage - subf_ff target.tld | |
| # asset_ff target.tld | |
| subf_ff () { | |
| subfinder -d $1 -silent - t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done | |
| } | |
| asset_ff () { | |
| assetfinder -subs-only $1 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done |
secfb
/ check-smb-v3.11.sh
Created
March 11, 2020 17:21
— forked from nikallass/check-smb-v3.11.sh
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ] | |
| then | |
| echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR' | |
| exit 1 | |
| fi | |
| echo "Checking if there's SMB v3.11 in" $1 "..." | |
| nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+' |
secfb
/ st8out.sh
Created
February 18, 2020 22:11
— forked from dwisiswant0/st8out.sh
St8out - Extra one-liner for reconnaissance
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##### | |
| # | |
| # St8out - Extra one-liner for reconnaissance | |
| # | |
| # Usage: ./st8out.sh target.com | |
| # | |
| # Resources: | |
| # - https://github.com/j3ssie/metabigor |