Skip to content

Instantly share code, notes, and snippets.

BuffaloWill

Block or report user

Report or block BuffaloWill

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@BuffaloWill
BuffaloWill / soft_404_check.py
Last active Oct 30, 2019
Checks if the provided URL(s) are likely soft 404s
View soft_404_check.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import requests
import soft404
###
# usage:
# - The script prints the URL to stdout if it is unlikely to be a soft 404.
@BuffaloWill
BuffaloWill / file_extensions.txt
Created Apr 19, 2019
File Extension Dictionary (decent) Bruteforcing
View file_extensions.txt
aw
atom
atomcat
atomsvc
ccxml
cdmia
cdmic
cdmid
cdmio
cdmiq
View content-type-list.json
[
{"desc":"Andrew Toolkit","mime":["application/andrew-inset"],"ext":["N/A"]},
{"desc":"Applixware","mime":["application/applixware"],"ext":["aw"]},
{"desc":"Atom Syndication Format","mime":["application/atom+xml"],"ext":["atom"]},
{"desc":"Atom Publishing Protocol","mime":["application/atomcat+xml"],"ext":["atomcat"]},
{"desc":"Atom Publishing Protocol Service Document","mime":["application/atomsvc+xml"],"ext":["atomsvc"]},
{"desc":"Voice Browser Call Control","mime":["application/ccxml+xml,"],"ext":["ccxml"]},
{"desc":"Cloud Data Management Interface (CDMI) - Capability","mime":["application/cdmi-capability"],"ext":["cdmia"]},
{"desc":"Cloud Data Management Interface (CDMI) - Contaimer","mime":["application/cdmi-container"],"ext":["cdmic"]},
{"desc":"Cloud Data Management Interface (CDMI) - Domain","mime":["application/cdmi-domain"],"ext":["cdmid"]},
@BuffaloWill
BuffaloWill / content-types.txt
Last active Oct 18, 2019
Content-Type Dictionary Bruteforcing
View content-types.txt
# from https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types
application/1d-interleaved-parityfec
application/3gpdash-qoe-report+xml
application/3gpp-ims+xml
application/a2l
application/activemessage
application/alto-costmap+json
application/alto-costmapfilter+json
application/alto-directory+json
@BuffaloWill
BuffaloWill / ip_gen.rb
Last active Jan 22, 2018
Generic IP List Generator
View ip_gen.rb
irb --simple-prompt --noecho
require 'ipaddr'
# RFC 1918
# 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
#IPAddr.new("10.0.0.0/8").to_range.to_a.each{ |ip| puts ip }
#IPAddr.new("172.16.0.0/12").to_range.to_a.each{ |ip| puts ip }
#IPAddr.new("192.168.0.0/16").to_range.to_a.each{ |ip| puts ip }
# prints up to NUM ips from the range
View hex_00_to_FF
00
01
02
03
04
05
06
07
08
09
View censys_cert_search.rb
#!/usr/bin/ruby
# deps
# gem install curb dnsruby
#
# might need on ubuntu:
# sudo apt-get install libcurl4-openssl-dev
require 'json'
require 'curb'
@BuffaloWill
BuffaloWill / reset_pass.sh
Created Sep 3, 2016
Reset Password for a User with Installed version
View reset_pass.sh
#!/bin/sh
cmd=`basename $0`
CWD=`pwd`
SCRIPTDIR=/opt/Serpico/embedded/bin
EMBEDDED=/opt/Serpico/embedded
SERPDIR=/opt/Serpico/Serpico
uname=$1
pass=$2
View gist:c475a823c81b869a45848358c62e5624
# Author: https://github.com/ncolyer-r7
FROM ubuntu:14.04
MAINTAINER Todo
# Packages & Environment Variables
ENV SRP_ROOT /Serpico
ENV GEM /usr/local/rvm/rubies/ruby-2.1.5/bin/gem
ENV BUILD_PACKAGES bash sudo curl vim git gawk g++ gcc make libc6-dev libreadline6-dev zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgmp-dev libgdbm-dev libncurses5-dev automake libtool bison pkg-config libffi-dev
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active Nov 6, 2019
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
You can’t perform that action at this time.