Nuclei Templates
ThoundsN
ruevaughn
/ 1_top+hacker_methodologies.md
Last active
May 19, 2024 19:47
Hacker Methodologies & Tools (NEW)
bugbountynights
/ log4j-keywords
Last active
March 25, 2024 22:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${ctx:loginId} | |
| ${map:type} | |
| ${filename} | |
| ${date:MM-dd-yyyy} | |
| ${docker:containerId} | |
| ${docker:containerName} | |
| ${docker:imageName} | |
| ${env:USER} | |
| ${event:Marker} | |
| ${mdc:UserId} |
fransr
/ logger.js
Last active
August 6, 2022 06:36
logger.js for hunting script gadgets. More info about script gadgets: https://github.com/google/security-research-pocs/tree/master/script-gadgets (Sebastian Lekies / Eduardo Vela Nava / Krzysztof Kotowicz)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var logger = console.trace; | |
| // ELEMENT | |
| ;(getElementByIdCopy => { | |
| Element.prototype.getElementById = function(q) { | |
| logger('getElementById', q, this, this.innerHTML); | |
| return Reflect.apply(getElementByIdCopy, this, [q]) | |
| } | |
| })(Element.prototype.getElementById) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import httplib | |
| import urllib | |
| http = httplib.HTTPSConnection('example.com', 443) | |
| cookie = 'your=cookies'; | |
| http.request("GET", "/api/v1/csrf", "", { | |
| 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36', | |
| 'referer': 'https://example.com/', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import requests | |
| import time | |
| import os | |
| import json | |
| import sys | |
| headers = { | |
| 'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0', | |
| 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "84kr3q1592995213323": { | |
| "type": 1, | |
| "color": "#cc883a", | |
| "title": "Burp", | |
| "active": true, | |
| "address": "127.0.0.1", | |
| "port": 8080, | |
| "proxyDNS": false, | |
| "username": "", |
yassineaboukir
/ List of API endpoints & objects
Last active
May 15, 2024 02:19
A list of 3203 common API endpoints and objects designed for fuzzing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 00 | |
| 01 | |
| 02 | |
| 03 | |
| 1 | |
| 1.0 | |
| 10 | |
| 100 | |
| 1000 |
pich4ya
/ root_bypass.js
Created
August 5, 2019 20:14
Bypass Android Root Detection / Bypass RootBeer - August 2019
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // $ frida -l antiroot.js -U -f com.example.app --no-pause | |
| // CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): | |
| // - I added extra whitelisted items to deal with the latest versions | |
| // of RootBeer/Cordova iRoot as of August 6, 2019 | |
| // - The original one just fucked up (kill itself) if Magisk is installed lol | |
| // Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
| // If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
| Java.perform(function() { | |
| var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
a7v8x
/ graphql_introspection_query.graphql
Last active
November 5, 2023 12:36
GraphQL introspection query - for fetching the whole schema (from GraphiQL IDE) for https://atheros.ai/blog/graphql-introspection-and-introspection-queries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| query IntrospectionQuery { | |
| __schema { | |
| queryType { name } | |
| mutationType { name } | |
| types { | |
| ...FullType | |
| } | |
| directives { | |
| name | |
| description |
hermanbanken
/ Dockerfile
Last active
April 22, 2024 10:53
Compiling NGINX module as dynamic module for use in docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM nginx:alpine AS builder | |
| # nginx:alpine contains NGINX_VERSION environment variable, like so: | |
| # ENV NGINX_VERSION 1.15.0 | |
| # Our NCHAN version | |
| ENV NCHAN_VERSION 1.1.15 | |
| # Download sources | |
| RUN wget "http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" -O nginx.tar.gz && \ |
NewerOlder