Skip to content

Instantly share code, notes, and snippets.

View storenth's full-sized avatar

Kirill Zhdanov storenth

56 followers · 61 following
View GitHub Profile
@CMNatic
CMNatic / cloudSettings
Last active October 5, 2023 19:22
TryHackMe OWASP-10-A8: Insecure Deserialization RCE PoC
{"lastUpload":"2021-08-31T08:20:42.057Z","extensionVersion":"v3.4.3"}
@h4ms1k
h4ms1k / asyncio_ssrf.py
Last active August 7, 2022 01:09
#https://github.com/m4ll0k/Bug-Bounty-Toolz/blob/master/ssrf.py
import aiohttp
import asyncio
import urllib3
import sys
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
injectable_headers = [
@saurabh96216
saurabh96216 / CGI fuzzing.txt
Created February 9, 2021 01:15
CGI wordlist
TiVoConnect?Command=QueryServer
TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
cgi-bin/cart32.exe
cgi-bin/classified.cgi
cgi-bin/download.cgi
cgi-bin/flexform.cgi
cgi-bin/flexform
cgi-bin/lwgate.cgi
cgi-bin/LWGate.cgi
cgi-bin/lwgate
@six2dez
six2dez / subdomains.txt
Last active April 22, 2025 15:49
subdomains.txt
This file has been truncated, but you can view the full file.
0
001
002
003
01
02
03
1
2
2014
@0xblackbird
0xblackbird / open-redirect.md
Created April 1, 2021 19:04
Open redirect bypasses
@lanmaster53
lanmaster53 / whey-cewler.py
Last active November 26, 2024 08:07
'''
Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written
in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer
runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It
does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in
convenience.
The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written
in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python,
making it "way cooler".
@six2dez
six2dez / axiom_config.sh
Last active May 9, 2023 07:32
axiom_config.sh
#!/bin/bash
# Use this as initial axiom's script on reconftw.cfg file to copy config files to the fleet
axiom-exec 'mkdir -p /home/op/.config/amass/ /home/op/Tools/ /home/op/.config/subfinder/ /home/op/.config/notify/'
axiom-scp ~/.config/amass/config.ini '*':/home/op/.config/amass/config.ini
axiom-scp ~/Tools/h8mail_config.ini '*':/home/op/Tools/h8mail_config.ini
axiom-scp ~/Tools/.github_tokens '*':/home/op/Tools/.github_tokens
axiom-scp ~/.config/notify/notify.conf '*':/home/op/.config/notify/notify.conf
axiom-scp ~/Tools/.gitlab_tokens '*':/home/op/Tools/.gitlab_tokens
@bagder
bagder / h3-server-howto.md
Last active January 1, 2025 09:56
Setup an HTTP/3 test server

Setup a local HTTP/3 test server

... to toy with and run curl against it.

This is not advice on how to run anything in production. This is for development and experimenting.

Preqreqs

An existing local HTTP/1.1 server that hosts files. Preferably also a few huge ones.

@jasmas
jasmas / acdisable
Created January 26, 2022 17:29
Enable/Disable Cisco AnyConnect Socket Filter Extension on MacOS
#!/bin/sh
echo Disabling vpnagentd...
sudo launchctl disable system/com.cisco.anyconnect.vpnagentd
echo Tearing down vpnagentd...
sudo launchctl bootout system /Library/LaunchDaemons/com.cisco.anyconnect.vpnagentd.plist
echo Deactivating Cisco AnyConnect Socket Filter Extension...
/Applications/Cisco/Cisco\ AnyConnect\ Socket\ Filter.app/Contents/MacOS/Cisco\ AnyConnect\ Socket\ Filter -deactivateExt