A list of questions that bounty hunters frequently DM me about. 😄
I have a simple philosophy that I share with everyone:
- Learn to make it. Then break it!
- Read books. Lots of books.
swarupsro
/ graphics.py
Created
August 12, 2018 20:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # graphics.py | |
| """Simple object oriented graphics library | |
| The library is designed to make it very easy for novice programmers to | |
| experiment with computer graphics in an object oriented fashion. It is | |
| written by John Zelle for use with the book "Python Programming: An | |
| Introduction to Computer Science" (Franklin, Beedle & Associates). | |
| LICENSE: This is open-source software released under the terms of the | |
| GPL (http://www.gnu.org/licenses/gpl.html). |
swarupsro
/ bugbountyfaq.md
Created
September 2, 2018 21:19
— forked from fatinsourav/bugbountyfaq.md
A list of questions that bug bounty hunters frequently DM me about.
swarupsro
/ bugbountyfaq.md
Created
October 15, 2018 07:11
— forked from EdOverflow/bugbountyfaq.md
A list of questions that bug bounty hunters frequently DM me about.
swarupsro
/ libinput-gestures-default.conf
Created
January 23, 2019 05:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Configuration file for libinput-gestures. | |
| # | |
| # The default configuration file exists at /etc/libinput-gestures.conf | |
| # but a user can create a personal custom configuration file at | |
| # ~/.config/libinput-gestures.conf. | |
| # | |
| # Lines starting with '#' and blank lines are ignored. Currently | |
| # "gesture" and "device" configuration keywords are supported as | |
| # described below. The keyword can optionally be appended with a ":" (to | |
| # maintain compatibility with original format configuration files). |
swarupsro
/ CVE-2019-1003000-Jenkins-RCE-POC.py
Created
February 15, 2019 15:07
— forked from adamyordan/CVE-2019-1003000-Jenkins-RCE-POC.py
CVE-2019-1003000-Jenkins-RCE-POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Author: Adam Jordan | |
| # Date: 2019-02-15 | |
| # Repository: https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc | |
| # PoC for: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative) | |
| import argparse | |
| import jenkins |
swarupsro
/ MamunSir.c
Created
February 21, 2019 05:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| void main() | |
| { | |
| float pamount, amount, pvat, vat, pait, ait; | |
| printf("Enter the amount: "); | |
| scanf("%f",&pamount); | |
| printf("Percent of vat: "); | |
| scanf("%f",&pvat); |
swarupsro
/ office2016.cmd
Created
February 22, 2019 09:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| title Activate Microsoft Office 2016 ALL versions for FREE!&cls&echo ============================================================================&echo #Project: Activating Microsoft software products for FREE without software&echo ============================================================================&echo.&echo #Supported products:&echo - Microsoft Office Standard 2016&echo - Microsoft Office Professional Plus 2016&echo.&echo.&(if exist "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" cd /d "%ProgramFiles%\Microsoft Office\Office16")&(if exist "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" cd /d "%ProgramFiles(x86)%\Microsoft Office\Office16")&(for /f %%x in ('dir /b ..\root\Licenses16\proplusvl_kms*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%%x" >nul)&(for /f %%x in ('dir /b ..\root\Licenses16\proplusvl_mak*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%%x" >nul)&echo.&echo ============================================================================&ech |
swarupsro
/ linux_privesc
Created
March 11, 2019 10:35
— forked from sckalath/linux_privesc
Linux Privilege Escalation Techniques
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Determine linux distribution and version | |
| cat /etc/issue | |
| cat /etc/*-release | |
| cat /etc/lsb-release | |
| cat /etc/redhat-release | |
| // Determine kernel version - 32 or 64-bit? | |
| cat /proc/version | |
| uname -a | |
| uname -mrs |
swarupsro
/ docker-destroy-all.sh
Created
June 23, 2019 16:57
— forked from JeffBelback/docker-destroy-all.sh
Destroy all Docker Containers and Images
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Stop all containers | |
| containers=`docker ps -a -q` | |
| if [ -n "$containers" ] ; then | |
| docker stop $containers | |
| fi | |
| # Delete all containers | |
| containers=`docker ps -a -q` | |
| if [ -n "$containers" ]; then | |
| docker rm -f -v $containers |
swarupsro
/ hacker_howto.md
Created
November 8, 2019 20:09
— forked from dalenunns/hacker_howto.md
A list of resources on how to be a hacker/pentester/security person - from #infosec on zatech.slack.com
I've just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)
HypnZA's commonly shared list (in the correct order):
- https://www.hacksplaining.com
- https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
- Watch Ippsec's HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos)