Skip to content

Instantly share code, notes, and snippets.


Christopher Ashby ashbyca

View GitHub Profile

Keybase proof

I hereby claim:

  • I am ashbyca on github.
  • I am ashby ( on keybase.
  • I have a public key whose fingerprint is B966 BDF6 C4FE DDCF BE6B 6F93 AD9B DB92 3F8C 42BD

To claim this, I am signing this object:

View 00-header
# 00-header - create the header of the MOTD
# Copyright (c) 2013 Nick Charlton
# Copyright (c) 2009-2010 Canonical Ltd.
# Authors: Nick Charlton <>
# Dustin Kirkland <>
# This program is free software; you can redistribute it and/or modify
ashbyca / 10-sysinfo
Last active Sep 10, 2019
View 10-sysinfo
# 10-sysinfo - generate the system information
# Copyright (c) 2013 Nick Charlton
# Authors: Nick Charlton <>
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
View 90-footer
View ip-context-menu.xml
<?xml version="1.0" encoding="UTF-8"?>
<menuEntry name="Domain Crawler Query" url="" />
<menuEntry name="DomainTools Query" url="" />
<menuEntry name="Exposure Lookup" url="" />
<menuEntry name="Fortiguard Threat Research" url=";lookup=Lookup" />
<menuEntry name="Google SafeBrowsing Report" url="" />
<menuEntry name="HoneyNet Project Lookup" url="" />
<menuEntry name="IPVoid Query" url="" />
<menuEntry name="IsitAPT" url="" />
System Setup
# Install Python PIP and Dependencies
sudo apt-get install python3-dev python3-pip python3-setuptools libyaml-dev wget libreadline7 libreadline-dev git python-dnspython python-mechanize python-slowaes python-xlsxwriter python-jsonrpclib python-lxml lsb-release figlet update-motd libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev -y
# Setup and configure Dynamic MOTD
# Remove the current directory
sudo rm -r /etc/update-motd.d/
# Create new directory
View crontab
# Edit this file to introduce tasks to be run by cron.
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system

Stored XSS

Description A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim's browser in such a way that the browser executes part of the string as code. The string contains malicious data and is initially stored server-side, often in the application's database.

Steps To Reproduce:

  1. Log in to the application.
  2. Navigate to the necessary URL found from Automated tool
  3. Navigate to the section identified as vulnerable
  4. Enter any of the below mentioned payloads in the "various form/other input fields and also fill in any mandatory fields.
View criticalstart.txt
{"searchproviders":[["-1","DuckDuck Go","",true,false,7,false,"",false,""],["-1","Twitter Term","",true,false,7,false,"",false,""],["-1","Google Safe Browsing","",true,false,3,false,"",false,""],["-1","RIPE","",true,false,3,false,"",false,""],["-1","ARIN","",true,false,3,false,"",false,""],["-1","Domain Tools","",true,false,3,false,"",false,""],["-1","AlienVault OTX Domain","",true,false,2,false,"",false,""],["-1","VirusTotal Domain Info","",true,false,2,false,"",false,""],["-1","WhoIS DNS Info","",true,false,2,false,"",false,""],["-1","McAfee TI","