elasticdump \
--input="./output.json" \
--output="http://127.0.0.1:9200" \
--output-index="subfinder" \
--limit=10000 \
--type=data \
--transform="doc._source=Object.assign({},doc)"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def payload_generator(context): | |
| payloads = [] | |
| if context == 'attribname': | |
| payloads = [] | |
| comb = {} | |
| # check for escaping < > | |
| comb['payload'] = "\"><svg onload=prompt`812132`>" | |
| comb['find'] = "//svg[@onload[contains(.,812132)]]" | |
| payloads.append(comb) |
akhil-reni
/ SCAN_TO_ES.md
Last active
May 23, 2020 13:18
An example how to normalise scan outputs and send to ES
curl -X GET "https://api.spyse.com/v2/data/as/search?limit=100&search_params=%7B%22as_org%22%3A%5B%7B%22operator%22%3A%22contains%22%2C%22value%22%3A%22Oath%20Holdings%20Inc.%22%7D%5D%7D" -H "accept: application/json" -H "Authorization: Bearer token"
curl -X GET "https://api.spyse.com/v2/data/as/domain?limit=100&asn=10310" -H "accept: application/json" -H "Authorization: Bearer token"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import logging | |
| from concurrent.futures import ThreadPoolExecutor | |
| import asyncio | |
| from urllib3.exceptions import InsecureRequestWarning | |
| # Suppress only the single warning from urllib3 needed. | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
akhil-reni
/ sample.py
Created
May 6, 2021 10:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from mainAPI.models import Organization, OrganizationMember, User, Asset, Bug, CWE, CVE, Package, Mobile, Web, Code, Port, Cloud, Endpoint, Network, AssetHealth, Team, Permissions | |
| import numpy as np | |
| import random | |
| import pandas as pd | |
| import os | |
| class Dummy: | |
| def __init__(self): | |
| self.create_organization() |
akhil-reni
/ gist:bec9900d8d3607598301aa82136c0cd3
Created
September 17, 2021 12:14
Fargate ECS metadata response
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Cluster": "arn:aws:ecs:ap-south-1:redacted:cluster/temp", | |
| "TaskARN": "arn:aws:ecs:ap-south-1:redacted:task/temp/ae92c046a2c348d888897f8a85da9bec", | |
| "Family": "nginx", | |
| "Revision": "13", | |
| "DesiredStatus": "RUNNING", | |
| "KnownStatus": "RUNNING", | |
| "Containers": [ | |
| { | |
| "DockerId": "ae92c046a2c348d888897f8a85da9bec-2531612879", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from gevent import monkey | |
| from psycogreen.gevent import patch_psycopg | |
| monkey.patch_all(httplib=False) | |
| patch_psycopg() | |
| import mainApp.celery | |
| from mainApp.celery import app | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from urllib.request import urlopen, Request | |
| import xml.etree.ElementTree as ET | |
| domain = input("Enter your target: \n") | |
| body = """<?xml version="1.0" encoding="utf-8"?> | |
| <soap:Envelope xmlns:exm="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:ext="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> | |
| <soap:Header> | |
| <a:Action soap:mustUnderstand="1">http://schemas.microsoft.com/exchange/2010/Autodiscover/Autodiscover/GetFederationInformation</a:Action> | |
| <a:To soap:mustUnderstand="1">https://autodiscover-s.outlook.com/autodiscover/autodiscover.svc</a:To> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from xml.etree import ElementTree | |
| import re | |
| from packaging import version | |
| pattern = "\{(.*?)\}" | |
| def stripNs(el): | |
| if el.tag.startswith("{"): | |
| el.tag = el.tag.split('}', 1)[1] # strip namespace |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pip install strobes-intel-client |