yi sz3n
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #transmission fuzz | |
| apt-get install libevent-dev | |
| AFL_USE_ASAN=1 AFL_HARDEN=1 ./configure CC=afl-gcc CXX=afl-g++ --disable-shared; make | |
| #modify directlly the test files in /test folder | |
| cp HttpHeaderProcessorTest.cc HttpHeaderProcessorTest.cc.bak | |
| cp fuzz_http_header.cc HttpHeaderProcessorTest.cc | |
| #compile test cases | |
| make check |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Phish: | |
| https://hub.docker.com/r/b00stfr3ak/ubuntu-phishingfrenzy/~/dockerfile/ | |
| Mail: | |
| https://hub.docker.com/r/connor557/mailinabox/~/dockerfile/ | |
| Mail: SMTP | |
| Phish: HTTP, HTTPS | |
| mlcrosoft.fr => SPF | |
| add: lync.mlcrosoft.fr |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #uild scan | |
| scan-build -enable-checker alpha.core.CastSize -enable-checker alpha.core.PointerArithm -enable-checker alpha.core.PointerSub -enable-checker alpha.core.SizeofPtr -enable-checker alpha.security.ArrayBound -enable-checker alpha.security.ArrayBoundV2 -enable-checker alpha.security.MallocOverflow -enable-checker alpha.security.ReturnPtrRange -enable-checker alpha.security.taint.TaintPropagation -enable-checker alpha.unix.MallocWithAnnotations -enable-checker alpha.unix.SimpleStream -enable-checker alpha.unix.Stream -enable-checker alpha.unix.cstring.NotNullTerminated -enable-checker alpha.unix.cstring.BufferOverlap -enable-checker alpha.unix.cstring.OutOfBounds -analyze-headers -maxloop 100 --use-analyzer Xcode -o analyzer xcodebuild | |
| #install deps | |
| sudo apt-get install curl libcurl3 libcurl3-dev | |
| sudo apt-get install libncurses5-dev libncursesw5-dev | |
| #install xmlrpc | |
| svn co http://svn.code.sf.net/p/xmlrpc-c/code/advanced xmlrpc-c | |
| cd xmlrpc-c/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://jiji262.github.io/wooyun_articles/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://github.com/guelfoweb/knock | |
| knock + | |
| subbrute + | |
| dnsdumpster + | |
| censys.io + | |
| shodan | |
| enforced subdomain scanners targeting EC2 and S3 instances | |
| CNAME + |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://www.cvedetails.com/vulnerability-list/vendor_id-7752/product_id-13199/opdirt-1/Rasterbar-Software-Libtorrent.html | |
| src/torrent_info.cpp | |
| => path traversal | |
| multiple file mode => 0.14.4 | |
| include/libtorrent/bencode.hpp => DoS | |
| => 0.12.1 | |
| https://coderwall.com/p/muvnow/installing-libtorrent-on-linux |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://geekeries.org/2015/05/tp-powershell-jai-des-objets-com-dans-mon-zonecentral/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Read file to string: | |
| http://insanecoding.blogspot.fr/2011/11/how-to-read-in-file-in-c.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://37.35.2.189:8080/home | |
| https://blog.hboeck.de/archives/868-How-Heartbleed-couldve-been-found.html | |
| http://cybersecpolitics.blogspot.fr/2016/05/the-common-thread-fuzzing-bug-triage.html | |
| #Build up boost | |
| sudo apt-get install libboost-all-dev | |
| #download libtorrent source | |
| wget https://github.com/arvidn/libtorrent/releases/download/libtorrent-1_1/libtorrent-rasterbar-1.1.0.tar.gz | |
| #unrar |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Wordpress | |
| #Uber | |
| #XXE | |
| #Template injection | |