// http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html?m=1
{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| memory=$1 | |
| cd ~/hacking/tools/burpsuite | |
| echo "[+] Running Burp..." | |
| java -jar -Xmx${memory}M -Djava.net.preferIPv4Stack=true burpsuite_free_*.jar |
bl4de
/ reinstall_c5.sh
Created
July 6, 2017 15:13
— forked from a3020/reinstall_c5.sh
Reinstall concrete5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| REPO_PATH=concrete5-develop | |
| DB_HOST=localhost | |
| DB_USER=root | |
| DB_PASS= | |
| DB_DBAS=concrete5 | |
| ADMIN_EMAIL=no-reply@localhost |
bl4de
/ listurl.py
Created
June 8, 2017 09:48
From: https://github.com/JusticeRage/freedomfighting#listurlpy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import argparse | |
| import Queue | |
| import re | |
| import requests | |
| import sys | |
| import threading | |
| import urlparse |
bl4de
/ jasmine.json
Last active
May 19, 2017 12:46
Jasmine.js BDD library code snippets for Visual Studio Code (VSCode, twitter.com/code)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Jasmine BDD JavaScript snippets for VS Code | |
| */ | |
| { | |
| "describe": { | |
| "prefix": "jasd", | |
| "body": [ | |
| "describe(\"$1\", function() {", | |
| "$2", | |
| "});" |
bl4de
/ waybackrobots.py
Created
April 30, 2017 16:45
— forked from mhmdiaa/waybackrobots.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| import sys | |
| from multiprocessing.dummy import Pool | |
| def robots(host): | |
| r = requests.get( | |
| 'https://web.archive.org/cdx/search/cdx\ | |
| ?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import subprocess | |
| current_process = subprocess.Popen(['./tp.sh']) | |
| exit_code = current_process.wait() | |
| print exit_code |
bl4de
/ xml.py
Created
April 13, 2017 13:47
— forked from chrisguitarguy/xml.py
Parse an XML sitemap with Python, requests and BeautifulSoup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import with_statement # we'll use this later, has to be here | |
| from argparse import ArgumentParser | |
| import requests | |
| from BeautifulSoup import BeautifulStoneSoup as Soup | |
| def parse_sitemap(url): | |
| resp = requests.get(url) | |
| # we didn't get a valid response, bail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set number | |
| syntax enable | |
| colorscheme sunburst | |
| set tabstop=4 | |
| set softtabstop=4 | |
| set showcmd | |
| set showmatch | |
| set incsearch | |
| set hlsearch |
bl4de
/ AngularTI.md
Last active
October 24, 2017 13:52
— forked from mccabe615/AngularTI.md
Angular Template Injection Payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| import requests | |
| SCHEMA = 'http://' | |
| # here will come first argument passed to the script (sys.argv[0] is the | |
| # name of script itself) | |
| IP = sys.argv[1] | |
| resp = requests.get(SCHEMA + IP) |