The main difference between the two pages is the method of sending messages. Recieving messages is the same in both.
Send messages to iframe using iframeEl.contentWindow.postMessage
Recieve messages using window.addEventListener('message')
def print_table(items, header=None, wrap=True, max_col_width=20, wrap_style="wrap", row_line=False, fix_col_width=False): | |
''' Prints a matrix of data as a human readable table. Matrix | |
should be a list of lists containing any type of values that can | |
be converted into text strings. | |
Two different column adjustment methods are supported through | |
the *wrap_style* argument: | |
wrap: it will wrap values to fit max_col_width (by extending cell height) | |
cut: it will strip values to max_col_width |
# /usr/share/doc/lighttpd/fastcgi.txt.gz | |
# http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions#mod_fastcgi-fastcgi | |
server.modules += ( "mod_fastcgi" ) |
# The MIT License (MIT) | |
# Copyright (c) 2016 Vladimir Ignatev | |
# | |
# Permission is hereby granted, free of charge, to any person obtaining | |
# a copy of this software and associated documentation files (the "Software"), | |
# to deal in the Software without restriction, including without limitation | |
# the rights to use, copy, modify, merge, publish, distribute, sublicense, | |
# and/or sell copies of the Software, and to permit persons to whom the Software | |
# is furnished to do so, subject to the following conditions: | |
# |
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
# Written as part of https://www.scrapehero.com/how-to-scrape-amazon-product-reviews-using-python/ | |
from lxml import html | |
import json | |
import requests | |
import json,re | |
from dateutil import parser as dateparser | |
from time import sleep |
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).update: A minor variant of the viru
graphql | |
terraform | |
supportuploads | |
supportmedia | |
supportdocs | |
helpcenter | |
helpcentre | |
helpmedia | |
knowledgebase | |
kbfiles |
I spent the weekend meeting hackers in Vegas, and I got talking to one of them about CRLF Injection. They'd not seen many CRLF Injection vulnerabilities in the wild, so I thought I'd write up an example that's similar to something I found a few months ago.
If you're looking for bugs legally through a program like hackerone, or you're a programmer wanting to write secure PHP: this might be useful to you.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
Users and their passwords attempts | |
[0] | |
4 | |
1 | |
1 - | |
2 ! | |
2 !@ | |
1 & | |
1 0 | |
3 0000 |