Tutorial: https://www.youtube.com/watch?v=hIqMrPTeGTc
Paste the below code in your browser console (F12 > Console):
(()=>{
markAllVideosAsNotBeingInteresting({
iterations: 1
});
})();
Daehee daehee
nicoandmee
/ playwright-stealth.js
Last active
April 16, 2024 05:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const pw = require('playwright'); | |
| const UserAgent = require('user-agents'); | |
| const uuid = require('uuid'); | |
| const tmp = require('tmp-promise'); | |
| const UINT32_MAX = (2 ** 32) - 1; | |
| const WEBGL_RENDERERS = ['ANGLE (NVIDIA Quadro 2000M Direct3D11 vs_5_0 ps_5_0)', 'ANGLE (NVIDIA Quadro K420 Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (NVIDIA Quadro 2000M Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (NVIDIA Quadro K2000M Direct3D11 vs_5_0 ps_5_0)', 'ANGLE (Intel(R) HD Graphics Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (Intel(R) HD Graphics Family Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (ATI Radeon HD 3800 Series Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (Intel(R) HD Graphics 4000 Direct3D11 vs_5_0 ps_5_0)', 'ANGLE (Intel(R) HD Graphics 4000 Direct3D11 vs_5_0 ps_5_0)', 'ANGLE (AMD Radeon R9 200 Series Direct3D11 vs_5_0 ps_5_0)', 'ANGLE (Intel(R) HD Graphics Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (Intel(R) HD Graphics Family Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (Intel(R) HD Graphics Direct3D9Ex vs_3_0 ps_3_0)', 'ANGLE (Intel(R) HD Graphics Family Direct3D |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # github.com/m4ll0k (@m4ll0k2) | |
| ''' | |
| Steps: | |
| 0. Make dir like chaos 'mkdir chaos' | |
| 1. Download this script in choas dir 'wget https://..' | |
| 2. Now: 'python3 choas.py |sort -u > dns_wordlist.txt' | |
| ''' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| (echo "Subdomain,IP,Region,Country,Organization,Netblock,Link Type" && while read line; do ip=$(echo $line| cut -d " " -f 2); name=$(echo $line | cut -d " " -f 1); echo -n "$name,"; echo $ip | ipi '[.ip,.city,.region,.country,.company.name,.asn.name,.asn.route,.asn.type] | @csv'; done) | tee -a assets.csv |
erikig
/ common-domain-prefix-suffix-list.tsv
Last active
March 19, 2024 11:12
Top 5000 Most Common Domain Prefix/Suffix List - Courtesy LeanDomainSearch - https://leandomainsearch.com/top-domain-name-prefixes-and-suffixes/, Google Sheets version with changes to domain length - https://docs.google.com/spreadsheets/d/1BzZJ7BNek7ssUB2hWc6ChdF-mxN7QOE4U380Qx8uvR8/edit#gid=1626652908
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rank | Type | Prefix/Suffix | Length | |
|---|---|---|---|---|
| 1 | Prefix | my+ | 2 | |
| 2 | Suffix | +online | 6 | |
| 3 | Prefix | the+ | 3 | |
| 4 | Suffix | +web | 3 | |
| 5 | Suffix | +media | 5 | |
| 6 | Prefix | web+ | 3 | |
| 7 | Suffix | +world | 5 | |
| 8 | Suffix | +net | 3 | |
| 9 | Prefix | go+ | 2 |
EdOverflow
/ bongchie.md
Last active
August 18, 2020 22:42
How to store all the bug bounty assets like domains, ip addresses, etc. in file and automatically check for the any 0day vuln that comes into the market?
Here is a simple approach that might work for you. Perform reconnaissance as you would typically do and collect hosts and targets. Next, find an application running the target software or setup a local instance. Gather strings that would easily allow you to discern the piece of software from other applications (e.g. with GitLab this may be _gitlab_session). With that small list of keywords in hand, fingerprint all hosts by requesting the index page using a tool such as meg by @TomNomNom and then grepping for the strings. Make sure to then store your findings in a structured fashion that allows you to query applications running that software in future. I primarily use text files in folders for this purpose but I know of others who prefer to store everything in a database.
kylejohnson
/ ecowater.py
Last active
October 26, 2023 19:03
Scrape your ecowater data. https://gnulnx.net/2020/02/18/ecowater-api-scraping/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import requests | |
| import json | |
| import re | |
| import paho.mqtt.client as mqtt | |
| import paho.mqtt.publish as publish | |
| # Regex to match the hidden input on the initial log in page |
jhaddix
/ Github bash generated search links (from hunter.sh)
Created
January 12, 2020 19:55
Github bash generated search links (from hunter.sh)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "" | |
| echo "************ Github Dork Links (must be logged in) *******************" | |
| echo "" | |
| echo " password" | |
| echo "https://github.com/search?q=%22$1%22+password&type=Code" | |
| echo "https://github.com/search?q=%22$without_suffix%22+password&type=Code" | |
| echo "" | |
| echo " npmrc _auth" |
spikegrobstein
/ docker-compose.yml
Last active
April 13, 2024 18:38
docker-compose file for sabnzbd/sonarr/radarr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # start up with 'docker-compose up -d' to start in background | |
| # update images with 'docker-compose pull' | |
| # this assumes that you have a sibling directory to this file called 'config' that contains all of the config for these services | |
| # you can reference 'sabnzbd' 'radarr' or 'sonarr' from inside the containers (in the apps) to reference the other containers. no need to deal with IPs or hostnames | |
| # remember that docker is isolated from the rest of your filesystem. you need to add volumes to the entries | |
| # in order to give the processes access to them. so if you have multiple target directories for TV or Movies, | |
| # then make sure you add each one that you want radarr/sonarr/sabnzbd to see. | |
| version: '3' | |
| services: |
vavkamil
/ blind-xss-cloudflare-worker.js
Last active
November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| addEventListener("fetch", event => { | |
| event.respondWith(handleRequest(event.request)) | |
| }) | |
| //////////////////////////////////////////////////////////////////////////////////////////////////// | |
| // ! DON'T LEAK THE SECRETS ! | |
| // Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/ | |
| const telegram_token = "*****REDACTED*****"; | |
| const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage"; |
NewerOlder