and0x00
/ CVE-2025-29927.bcheck
Created
July 7, 2025 00:49
— forked from fourcube/CVE-2025-29927.bcheck
Burp BCheck for CVE-2025-29927 (Next.js middleware bypass)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| metadata: | |
| language: v2-beta | |
| name: "CVE-2025-29927 - Next.js middleware bypass" | |
| description: "Checks for differences in responses when using different x-middleware-subrequest header paths" | |
| author: "Chris Grieger - blueredix.com" | |
| tags: "next.js", "middleware" | |
| run for each: | |
| middleware_value = "pages/_middleware", | |
| "middleware", |
and0x00
/ waf-smoke-test.sh
Created
April 12, 2025 17:10
— forked from ridjex/waf-smoke-test.sh
Lightweight Bash script to test basic WAF (Web Application Firewall) protections against common SQL injection and XSS payloads. Use this to quickly assess your web application’s surface against low-hanging injection vulnerabilities.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # 🚀 Discover More: Testing Your Firewall in 60 Seconds: A Lightweight WAF Testing Script That Anyone Can Use | |
| # Learn how this script works and the best practices for WAF testing. | |
| # Read the full article here: | |
| # 👉 https://medium.com/@kochuraa/testing-your-firewall-in-60-seconds-a-lightweight-waf-testing-script-that-anyone-can-use-a7a725fefcb7 | |
| # Safe WAF Tester Script | |
| # Usage: ./waf-smoke-test.sh <URL> [-o output.md] [-H "Header: Value"] | |
| # Examples: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script to split files into chunks, process each line with "subfy", | |
| # and consolidate results while avoiding duplicate processing via hashes. | |
| # --- Usage --------------------------------------------------------------- | |
| usage() { | |
| cat <<EOF | |
| Usage: $0 [options] <file1> [file2 ... fileN] | |
| Options: | |
| --no-hash Skip hash file creation/verification. |
and0x00
/ entropy.sh
Last active
March 23, 2025 14:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$#" -lt 2 ]; then | |
| echo "Usage: $0 input_file output_file [--debug]" | |
| exit 1 | |
| fi | |
| input_file="$1" | |
| output_file="$2" | |
| debug_mode=0 | |
| if [ "$3" == "--debug" ]; then |
and0x00
/ datas_ddmmyyyy.txt
Created
March 22, 2025 18:10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 22031985 | |
| 23031985 | |
| 24031985 | |
| 25031985 | |
| 26031985 | |
| 27031985 | |
| 28031985 | |
| 29031985 | |
| 30031985 | |
| 31031985 |
and0x00
/ datas_ddmmyy.txt
Created
March 22, 2025 18:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 220385 | |
| 230385 | |
| 240385 | |
| 250385 | |
| 260385 | |
| 270385 | |
| 280385 | |
| 290385 | |
| 300385 | |
| 310385 |
and0x00
/ brazilian_girl_names.txt
Created
March 22, 2025 17:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aana | |
| abadia | |
| abda | |
| abelina | |
| abelita | |
| abgail | |
| abia | |
| abigail | |
| abigaiu | |
| abilene |
and0x00
/ brazilian_boy_names.txt
Last active
March 22, 2025 17:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aantonio | |
| aarao | |
| aaron | |
| abadio | |
| abdala | |
| abdias | |
| abdiel | |
| abdo | |
| abdon | |
| abdoral |
and0x00
/ brazilian_names.txt
Created
March 22, 2025 17:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aana | |
| aantonio | |
| aarao | |
| aaron | |
| abadia | |
| abadio | |
| abda | |
| abdala | |
| abdias | |
| abdiel |
and0x00
/ bg_notify.sh
Last active
March 23, 2025 10:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ]; then | |
| echo "No command provided." | |
| echo "Usage: $0 <command> [arguments...]" | |
| exit 1 | |
| fi | |
| mkdir -p "$HOME/.bg_log" | |
| echo "$(date +'%Y-%m-%d %H:%M:%S') - $*" >> "$HOME/.bg_history" |
NewerOlder