Command injection vulnerability was identified in NPM package rising version 1.0.2
Resources:
- Project's NPM Package: https://www.npmjs.com/package/rising
- Project's NPM JS registery: https://registry.npmjs.org/rising
Splint3r7
/ domain_All-Live-Datadog-Sites.csv
Created
December 25, 2023 18:19
— forked from JorgeFraga/domain_All-Live-Datadog-Sites.csv
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| domain | |
| 123rf.com | |
| 1stdibs.com | |
| 2u.com | |
| ba.com | |
| babylist.com | |
| bananatag.com | |
| baylor.edu | |
| bbcgoodfood.com | |
| bcm.edu |
Splint3r7
/ rising-1.0.2-command-injection.md
Last active
November 11, 2023 14:16
Command Injection Vulnerability in Rising 1.0.2
Splint3r7
/ AllRubyGemNames.txt
Last active
October 31, 2023 06:54
Extract All Ruby Gem Names From - https://rubygems.org/gems
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a | |
| a-- | |
| A- | |
| a0 | |
| a0-tzmigration-ruby | |
| a1 | |
| a11n | |
| A_123 | |
| a1330ks_bmi | |
| a13g |
Splint3r7
/ names.json
Created
August 21, 2023 10:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| "express", | |
| "afnan" | |
| ] |
Splint3r7
/ CF_waf_generate.sh
Last active
December 27, 2022 19:22
bash script to genereate a firewall rule for CloudFlare WAF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| filename=$1 | |
| output_str="(" | |
| while read -r line; do | |
| output_str+="ip.src eq $line) or (" | |
| done < "$filename" | |
| output_str=${output_str% or (*} |
Splint3r7
/ npm-package-emails.py
Last active
November 1, 2022 06:48
Extract Emails from Npm Packge Names - https://api.npms.io/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| import concurrent.futures | |
| output_file = open("emails_res.txt", "w") | |
| def Emails(package): | |
| req = requests.get("https://api.npms.io/v2/package/{}".format(package)) |
Splint3r7
/ content_discovery_all.txt
Created
May 5, 2019 11:00
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
Splint3r7
/ tlds.txt
Created
September 20, 2022 11:19
Root Zone Database TLDs- https://www.iana.org/domains/root/db
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .aaa | |
| .aarp | |
| .abarth | |
| .abb | |
| .abbott | |
| .abbvie | |
| .abc | |
| .able | |
| .abogado | |
| .abudhabi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Coded by Geekink | |
| #!/usr/bin/env python3 | |
| import urllib.request | |
| import sqlite3 | |
| import os.path | |
| import re | |
| import math |
Splint3r7
/ plugin.php
Created
March 16, 2022 07:14
— forked from htdat/plugin.php
An intentionally vulnerable plugin developed for WordPress plugin author education. http://make.wordpress.org/plugins/2013/04/09/intentionally-vulnerable-plugin/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* Plugin Name: Damn Vulnerable WordPress Plugin | |
| * Description: Intentionally vulnerable plugin for plugin author education | |
| * Version: 0.1 | |
| * Plugin URI: http://make.wordpress.org/plugins/2013/04/09/intentionally-vulnerable-plugin/ | |
| * Author: Jon Cave | |
| * Author URI: http://joncave.co.uk | |
| * License: GPLv2+ | |
| * | |
| * DO NOT RUN THIS PLUGIN ON AN INTERNET ACCESSIBLE SITE |
NewerOlder