Skip to content

Instantly share code, notes, and snippets.

View 0xdade's full-sized avatar

dade 0xdade

View GitHub Profile

Keybase proof

I hereby claim:

  • I am 0xdade on github.
  • I am dade (https://keybase.io/dade) on keybase.
  • I have a public key ASDoG6G5j-BprfJi_lqfeOzU-n5EYAOLuucR6uECqM6yXwo

To claim this, I am signing this object:

@0xdade
0xdade / echosrv.py
Created August 2, 2019 20:06
Simple flask app that prints POST data to the console. Useful for testing open redirects and other things where you can control where something get's POSTed.
#!/usr/bin/env python
from flask import Flask, request, Response
app = Flask(__name__)
@app.route('/', defaults={'path': ''}, methods=['GET', 'POST'])
@app.route('/<path:path>', methods=['GET', 'POST'])
def catch_all(path):
if request.form:
@0xdade
0xdade / SSRF.py
Created August 2, 2019 20:08
Simple SSRF example server
from flask import Flask, request, Response
import requests
app = Flask(__name__)
@app.route('/')
def index():
url = requests.args.get("url")
r = requests.get(url)
return Response(r)
@0xdade
0xdade / rename-master-branch.md
Last active October 17, 2019 23:45
Changing default branches on github
  1. $ git branch -m master main
  2. $ git push origin main
  3. Change "Default Branch" in Settings->Branches on github. https:github.com/your/repo/settings/branches.
  4. Accept any warnings about changing the default branch.
  5. If you have any branch protection rules that affect the master branch, delete them.
  6. $ git push origin :master
  7. If you had any branch protection rules affecting the master branch, recreate them on the main branch.
  8. Look through your repo for references to master and replace with main as necesary.
    • Examples of this include URLs to a file in the REPO that are not relative
  9. If you get a warning "Your branch is based on 'origin/master', but the upstream is gone." then use the command it recommends: git branch --unset-upstream
@0xdade
0xdade / prowl.sh
Last active October 20, 2019 09:01
# Based on https://twitter.com/stokfredrik/status/1185580290108018694
# Turns into a bash function to ease use further
# Relies on:
# - https://github.com/tomnomnom/unfurl
# - https://github.com/michenriksen/aquatone
# - https://cli.shodan.io/
# Put this function in your .bash_profile or .bashrc file and then source it and you can use it like so:
# $ prowl elasticsearch
function prowl {
@0xdade
0xdade / graphdracula-example.html
Last active November 2, 2019 00:19
graphdracula without es6 modules
<html>
<head>
<!-- Using this pre-ES6 fork of Dracula https://github.com/grigoryk/dracula-js-fork -->
<script type="text/javascript" src="dracula-js-fork/raphael-min.js"></script>
<script type="text/javascript" src="dracula-js-fork/dracula_graph.js"></script>
<script type="text/javascript" src="dracula-js-fork/dracula_algorithms.js"></script>
<script type="text/javascript" src="dracula-js-fork/dracula_graffle.js"></script>
<script type="text/javascript" src="dracula-js-fork/seedrandom.js"></script>
<script>
function drawGraph() {
#!/usr/bin/env python3
'''
Python version of generating excuses that are generated by http://whythefuckwasibreached.com/
These actors, methods, targets, mitigations are not my own - they are copied directly from the whythefuckwasibreached website.
I ported it to a python script so that it could be used for easy command line integration
Long live LOLBOAT Enterprise Edition
'''
import random
@0xdade
0xdade / fetch-natlas-results.py
Created November 8, 2019 23:12
Simple script for downloading a list of ip addresses that match a query from a natlas server
#!/usr/bin/env python3
'''
Simple script for downloading a list of ip addresses that match a query from a natlas server
Input:
- Required: natlas url
- Required: Search query, contained in quotes if it includes spaces
- Optional: filename to save results to
Example: ./fetch-natlas-results.py https://natlas.io 'ports.port:443 "application/json"' json-443.txt
If no filename is present, the script will spit the results to stdout once they are all downloaded
'''
#!/bin/bash
# Enter repository folder and pull the latest version
# (This is done with a read-only deploy key on a private repo)
# `hugo` with no parameters builds the default version of the site, which has baseUrl="https://0xda.de"
# Copy the built files (from public/*) into the webserver folder
# Build a new version of the site with the baseUrl set to the onion address
# Copy the built files from public/* to the onion web server directory
cd 0xdade.github.com && \
git pull && \
@0xdade
0xdade / ytcracker_gpt2.txt
Last active February 26, 2020 18:49
I wrote a quick script to download lyrics for an artist from Genius and then feed it into GPT2 runs to try to generate the next Friday by Rebecca Black. The robot version of YTCracker raps a lot like a spam version of YTCracker himself. It's pretty amazing.
/*
I wrote a quick script to download lyrics for an artist from Genius and then feed it into GPT2 runs to try to generate the next Friday by Rebecca Black. The robot version of YTCracker raps a lot like a spam version of YTCracker himself. It's pretty amazing.
*/
======== SAMPLE 1 ========
done so just say so
The more I thought about itI could feel the pull of love
Because when it was happening to a girl my eyes rolled
I can't deny this love's a bit raw
But in spite of myself I still pulled back