Skip to content

Instantly share code, notes, and snippets.

ajxchapman /
Last active Jul 23, 2020
Scripts developed for solving HackerOne H1-702 2019 CTF

Scripts developed for solving HackerOne H1-702 2019 CTF

  • performs character extraction on targetted against the HackerOne H1-702 CTF announcement image
  • performs blind sqli data extraction with encrypted payloads targetting against the FliteThermostat API
  • performs an HTTP piplining based timing against the FliteThermostat Backend
  • generates wordlists from a give corpus or set of corpuses
  • performs efficient asynchronous HTTP requests against the FliteThermostat Backend
ajxchapman /
Created Mar 8, 2019
Wordlist generator based on observed words from given URLs
import re
import requests
import inflect
seed_urls = [
cookies = {"session" : "2eyhsb2dnZxWRJ9biI6dHJ1ZXr0"}
prefixes = ["get", "set", "get_", "set_"]
ajxchapman /
Created Jan 15, 2019
Linux Gateway with WPAD and PAC

Linux Gateway with WPAD and PAC

Simple setup to create a Linux gateway on Ubuntu 18.04 that provides WPAD settings via DHCP option 252.

systemctl disable systemd-resolved.service
systemctl stop systemd-resolved
apt update
apt install dnsmasq
unlink /etc/resolv.conf
echo "nameserver" > /etc/resolv.conf
ajxchapman /
Created Jan 15, 2019
Extract files from Burp Suite "Save Items" save file
import base64
import os
import sys
search = " ".join(sys.argv[2:]) or None
path = None
with open(sys.argv[1]) as f:
for line in f:
if '<path>' in line:
import argparse
import pickle
import sys
if sys.version_info < (3, 0, 0):
_exec = None
buff = sys.stdout # Buffer to write binary strings to
import builtins
ajxchapman / chrome_screenshot.js
Created Jul 11, 2017
Node script to screenshot web pages using chrome debugging protocol
View chrome_screenshot.js
// npm install chrome-remote-interface minimist
const CDP = require('chrome-remote-interface');
const argv = require('minimist')(process.argv.slice(2));
const file = require('fs');
const spawn = require('child_process').spawn;
const net = require('net');
const crypto = require('crypto');
const url = argv.url || '';
const id = || crypto.createHash('sha256').update(url).digest("hex");