Skip to content

Instantly share code, notes, and snippets.

ajxchapman /
Created Mar 25, 2020
Turn a list of scopes into a Burpsuite target import JSON configuration file
import json
import re
import sys
scopes = []
f = sys.stdin
if len(sys.argv) == 2:
f = open(sys.argv[1])
scopes_defs = [x.strip().lower() for x in f.readlines() if len(x.strip())]
import re
import requests
import sys
TOKEN="*x-csrf-token Header*"
COOKIE="*__Host-session Cookie*"
USERNAME="*HackerOne Username*"
bugs = []
pages = 1
ajxchapman / client.go
Last active Sep 24, 2021
NFT Benchmarking
View client.go
package main
import (
func connect() {
c, err := net.Dial("tcp4", fmt.Sprintf("%s:4444", os.Args[1]))
View wireshark_install.ahk
#NoEnv ; Recommended for performance and compatibility with future AutoHotkey releases.
; #Warn ; Enable warnings to assist with detecting common errors.
SendMode Input ; Recommended for new scripts due to its superior speed and reliability.
SetWorkingDir %A_ScriptDir% ; Ensures a consistent starting directory.
SetTitleMatchMode, RegEx
Run, "Wireshark-win64-3.2.6.exe"
WinWait, Wireshark [\d\.]+ 64-bit Setup,, 30
Loop, 7
ajxchapman /
Last active Jul 23, 2020
Scripts developed for solving HackerOne H1-702 2019 CTF

Scripts developed for solving HackerOne H1-702 2019 CTF

  • performs character extraction on targetted against the HackerOne H1-702 CTF announcement image
  • performs blind sqli data extraction with encrypted payloads targetting against the FliteThermostat API
  • performs an HTTP piplining based timing against the FliteThermostat Backend
  • generates wordlists from a give corpus or set of corpuses
  • performs efficient asynchronous HTTP requests against the FliteThermostat Backend
ajxchapman / hexdump.c
Last active Jul 10, 2020
Bunch of `hexdump -C` like functions for various languages
View hexdump.c
#include <stdio.h>
#include <ctype.h>
#define HEXDUMP_COLS 16
void hexdump(void *mem, unsigned int len)
ajxchapman /
Last active Apr 17, 2020
CVE-2019-5418 Demo

CVE-2019-5418 Demo

Build Docker container: Dockerfile

FROM ruby:2.5
RUN apt-get update -qq && apt-get install -y nodejs postgresql-client
RUN mkdir /myapp
WORKDIR /myapp
COPY Gemfile /myapp/Gemfile
ajxchapman / gist:e88adeed1b1bb1582ac46ed2ed0b1b97
Last active Jun 4, 2019
Wfuzz a host that keeps timing out
View gist:e88adeed1b1bb1582ac46ed2ed0b1b97
if [ ! -f _wordlist.txt ] || [ `wc -l _wordlist.txt | cut -f 1 -d " "` -eq 0 ]
sort -u $WORDLIST > _wordlist.txt
if [ -f $OUTPUT ]
ajxchapman /
Last active May 7, 2019
Install Windows on Digital Ocean droplet
ajxchapman /
Last active Apr 29, 2019
Installing Apache Guacamole
  1. Install Docker
apt-get update
apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL | apt-key add -
add-apt-repository "deb [arch=amd64] $(lsb_release -cs) stable"
apt-get update
apt-get install -y docker-ce docker-ce-cli
docker run hello-world