EdOverflow EdOverflow

## secured_domains.txt
www.nulloy.com
geoway.xyz
electriceel.xyz
cheriandcherie.com
ysm.life
yetanothergamestudio.com
woholer.info
wnereiz.net
webdevroom.net
waitlist.live

## blockstack
Verifying my Blockstack ID is secured with the address 1C7SnTWig9cr3cuPhAeC4BoMhA4yejXC8m https://explorer.blockstack.org/address/1C7SnTWig9cr3cuPhAeC4BoMhA4yejXC8m

## code_snippets.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                EdOverflow
                / code_snippets.md
            
            
              Last active
              March 3, 2018 17:51
            
              
                Ed's code snippets.
              
          
    Ed's code snippets


## H1-Report-ID-Bookmark
javascript:var%20report=prompt("Report%20ID:","");window.location.href="https://hackerone.com/reports/"+report;

## googlegroups.sh
#!/bin/bash

# Find a public Google group for a particular host.
# Some of these groups contain sensitive information.
# The tool runs against a list of hosts and returns all public groups.

while read domain; do
    if curl -LIs "https://groups.google.com/a/$domain" | grep "overview" > /dev/null; then
        echo "[+] https://groups.google.com/a/$domain/forum/#!overview"
    fi

## gitgrepper
#!/bin/bash

echo "*** Running..."

keywords=(
	"password"
	"key"
	"passwd"
	"secret"
)

## reddit.sh
#!/bin/bash

# Variables
BOLD='\033[1m'
END='\033[0m'

# Queries
site_results=$(curl -Ls "https://www.reddit.com/search?q=site%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" | tidy -q  2> /dev/null | grep "search-link")
url_results=$(curl -Ls "https://www.reddit.com/search?q=url%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" | tidy -q  2> /dev/null | grep "search-link")
self_results=$(curl -Ls "https://www.reddit.com/search?q=selftext%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" | grep "search-title")

## bucket-disclose.sh
#!/bin/bash

# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"

## a-recon-services-list-for-liveoverflow.md

      
              2 files
            
          
              15 forks
            
          
              0 comments
            
          
              36 stars
            
          
                EdOverflow
                / a-recon-services-list-for-liveoverflow.md
            
            
              Last active
              April 29, 2021 13:29
            
          
https://scans.io/
https://commoncrawl.org/
https://web.archive.org/ (For JS snippets this can be extremely handy. See killbox.sh below that was written for a HackerOne event.)
https://www.shodan.io/
https://opendata.rapid7.com/
https://www.virustotal.com/en/documentation/public-api/ (You can fetch previously-scanned URLs via the API.)
https://securitytrails.com/
https://threatcrowd.org/
https://dnsdumpster.com/
https://crt.sh/


## ghcheck
#!/bin/bash

GREEN='\033[0;32m'
RED='\033[0;31m'
END='\033[0m'

request=$(curl -s -u "hehe:$1" https://api.github.com/user)
name=$(echo "$request" | jq -r ".login" 2> /dev/null)
if [[ $name == "null" ]]; then
	echo -e "${RED}Not a GitHub access token.${END}"
	www.nulloy.com
	geoway.xyz
	electriceel.xyz
	cheriandcherie.com
	ysm.life
	yetanothergamestudio.com
	woholer.info
	wnereiz.net
	webdevroom.net
	waitlist.live
	#!/bin/bash

	# Find a public Google group for a particular host.
	# Some of these groups contain sensitive information.
	# The tool runs against a list of hosts and returns all public groups.

	while read domain; do
	if curl -LIs "https://groups.google.com/a/$domain" \| grep "overview" > /dev/null; then
	echo "[+] https://groups.google.com/a/$domain/forum/#!overview"
	fi
	#!/bin/bash

	echo "*** Running..."

	keywords=(
	"password"
	"key"
	"passwd"
	"secret"
	)
	#!/bin/bash

	# Variables
	BOLD='\033[1m'
	END='\033[0m'

	# Queries
	site_results=$(curl -Ls "https://www.reddit.com/search?q=site%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" \| tidy -q 2> /dev/null \| grep "search-link")
	url_results=$(curl -Ls "https://www.reddit.com/search?q=url%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" \| tidy -q 2> /dev/null \| grep "search-link")
	self_results=$(curl -Ls "https://www.reddit.com/search?q=selftext%3A$1" -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0" \| grep "search-title")
	#!/bin/bash

	# Written by Frans Rosén (twitter.com/fransrosen)
	_debug="$2" #turn on debug
	_timeout="20"
	#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
	_aws_key="AKIA..."
	H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
	H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
	#!/bin/bash

	GREEN='\033[0;32m'
	RED='\033[0;31m'
	END='\033[0m'

	request=$(curl -s -u "hehe:$1" https://api.github.com/user)
	name=$(echo "$request" \| jq -r ".login" 2> /dev/null)
	if [[ $name == "null" ]]; then
	echo -e "${RED}Not a GitHub access token.${END}"