Skip to content

Instantly share code, notes, and snippets.

@BuffaloWill
BuffaloWill / soft_404_check.py
Last active Jun 21, 2020
Checks if the provided URL(s) are likely soft 404s
View soft_404_check.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import requests
import soft404
###
# usage:
# - The script prints the URL to stdout if it is unlikely to be a soft 404.
@BuffaloWill
BuffaloWill / file_extensions.txt
Created Apr 19, 2019
File Extension Dictionary (decent) Bruteforcing
View file_extensions.txt
aw
atom
atomcat
atomsvc
ccxml
cdmia
cdmic
cdmid
cdmio
cdmiq
View content-type-list.json
[
{"desc":"Andrew Toolkit","mime":["application/andrew-inset"],"ext":["N/A"]},
{"desc":"Applixware","mime":["application/applixware"],"ext":["aw"]},
{"desc":"Atom Syndication Format","mime":["application/atom+xml"],"ext":["atom"]},
{"desc":"Atom Publishing Protocol","mime":["application/atomcat+xml"],"ext":["atomcat"]},
{"desc":"Atom Publishing Protocol Service Document","mime":["application/atomsvc+xml"],"ext":["atomsvc"]},
{"desc":"Voice Browser Call Control","mime":["application/ccxml+xml,"],"ext":["ccxml"]},
{"desc":"Cloud Data Management Interface (CDMI) - Capability","mime":["application/cdmi-capability"],"ext":["cdmia"]},
{"desc":"Cloud Data Management Interface (CDMI) - Contaimer","mime":["application/cdmi-container"],"ext":["cdmic"]},
{"desc":"Cloud Data Management Interface (CDMI) - Domain","mime":["application/cdmi-domain"],"ext":["cdmid"]},
@BuffaloWill
BuffaloWill / content-types.txt
Last active Sep 30, 2020
Content-Type Dictionary Bruteforcing
View content-types.txt
# from https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types
application/1d-interleaved-parityfec
application/3gpdash-qoe-report+xml
application/3gpp-ims+xml
application/a2l
application/activemessage
application/alto-costmap+json
application/alto-costmapfilter+json
application/alto-directory+json
@BuffaloWill
BuffaloWill / ip_gen.rb
Last active Jun 21, 2020
Generic IP List Generator
View ip_gen.rb
irb --simple-prompt --noecho
require 'ipaddr'
# RFC 1918
# 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
#IPAddr.new("10.0.0.0/8").to_range.to_a.each{ |ip| puts ip }
#IPAddr.new("172.16.0.0/12").to_range.to_a.each{ |ip| puts ip }
#IPAddr.new("192.168.0.0/16").to_range.to_a.each{ |ip| puts ip }
# prints up to NUM ips from the range
View hex_00_to_FF
00
01
02
03
04
05
06
07
08
09
View censys_cert_search.rb
#!/usr/bin/ruby
# deps
# gem install curb dnsruby
#
# might need on ubuntu:
# sudo apt-get install libcurl4-openssl-dev
require 'json'
require 'curb'
@BuffaloWill
BuffaloWill / reset_pass.sh
Created Sep 3, 2016
Reset Password for a User with Installed version
View reset_pass.sh
#!/bin/sh
cmd=`basename $0`
CWD=`pwd`
SCRIPTDIR=/opt/Serpico/embedded/bin
EMBEDDED=/opt/Serpico/embedded
SERPDIR=/opt/Serpico/Serpico
uname=$1
pass=$2
View gist:c475a823c81b869a45848358c62e5624
# Author: https://github.com/ncolyer-r7
FROM ubuntu:14.04
MAINTAINER Todo
# Packages & Environment Variables
ENV SRP_ROOT /Serpico
ENV GEM /usr/local/rvm/rubies/ruby-2.1.5/bin/gem
ENV BUILD_PACKAGES bash sudo curl vim git gawk g++ gcc make libc6-dev libreadline6-dev zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgmp-dev libgdbm-dev libncurses5-dev automake libtool bison pkg-config libffi-dev
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active Nov 26, 2020
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
You can’t perform that action at this time.