Skip to content

Instantly share code, notes, and snippets.

View ehsahil's full-sized avatar

Sahil Ahamad ehsahil

View GitHub Profile
@ehsahil
ehsahil / SoundCloud API Endpoints.cs
Created May 8, 2019 18:06 — forked from JBou/SoundCloud API Endpoints.cs
SoundCloud API Endpoints
//Authorization
{ ApiCommand.AuthorizationCodeFlow, new Uri("https://soundcloud.com/connect?scope=non-expiring&client_id={0}&response_type={1}&redirect_uri={2}") },
{ ApiCommand.UserAgentFlow, new Uri("https://soundcloud.com/connect?client_id={0}&response_type=token&redirect_uri={1}") },
{ ApiCommand.UserCredentialsFlow, new Uri("https://api.soundcloud.com/oauth2/token?client_id={0}&client_secret={1}&grant_type=password&username={2}&password={3}") },
{ ApiCommand.RefreshToken, new Uri("https://api.soundcloud.com/oauth2/token?client_id={0}&client_secret={1}&grant_type=refresh_token&refresh_token={2}") },
//Me
{ ApiCommand.Me, new Uri("https://api.soundcloud.com/me.json") },
{ ApiCommand.MeTracks, new Uri("https://api.soundcloud.com/me/tracks.json") },
{ ApiCommand.MeComments, new Uri("https://api.soundcloud.com/me/comments.json") },
@ehsahil
ehsahil / auto_git_query
Created August 29, 2019 04:21 — forked from nullenc0de/auto_git_query
Automated Github Queries (Can open 29 tabs at a time)
https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code
https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code
https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code
https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code
https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI
@ehsahil
ehsahil / recon.rb
Last active December 28, 2022 06:02
#Tool based on a resolver.rb by @melvinsh
#Original Repository: https://github.com/melvinsh/subresolve
#Modified by @ehsahil for Personal Use.
require 'socket'
require 'colorize'
begin
file = File.open(ARGV[0], "r")
rescue
puts "Usage: ruby recon.rb wordlist"
#Tools based on a resolver.rb by @melvinsh
#Repository: https://github.com/melvinsh/subresolve
#Modified by @ehsahil for Personal Use.
require 'socket'
require 'colorize'
begin
domain = ARGV[0]
rescue
puts "Usage: ruby subdomain.rb domain"
exit
“Hackme.tld” API_key
“Hackme.tld” secret_key
“Hackme.tld” aws_key
“Hackme.tld” Password 
“Hackme.tld” FTP
“Hackme.tld” login
“Hackme.tld” github_token
“Hackme.tld” http:// & https://  
“Hackme.tld” amazonaws
“Hackme.tld” digitaloceanspaces
.gitignore
.htaccess
.htpasswd
%20../
%2e%2e//google.com
%3f/
%EXT%
%ff/
..;/
.7z
#Finding subdomains via Nmap.
nmap --script dns-brute --script-args dns-brute.domain=domain.com,dns-brute.threads=6,dns-brute.hostlist=./sub1000.lst
nmap --script dns-brute --script-args dns-brute.domain=domain.com,dns-brute.threads=6,dns-brute.hostlist=./sub10000.lst
nmap --script dns-brute --script-args dns-brute.domain=domain.com,dns-brute.threads=6,dns-brute.hostlist=./sub100000.lst
nmap --script dns-brute --script-args dns-brute.domain=domain.com,dns-brute.threads=6,dns-brute.hostlist=./sub1000000.lst
http://whitelist1.com/
https://ocw.cs.pub.ro/courses/cns/labs/start
https://windowsexploit.com/blog
https://www.securitysift.com/windows-exploit-development-part-1-basics/
http://6.www.shogunlab.com/blog/2017/08/19/zdzg-windows-exploit-1.html
http://corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
https://tuts4you.com/e107_plugins/download/download.php?list.17=
https://learnxinyminutes.com/docs/c/
http://www.thegreycorner.com/
http://www.dmi.unipg.it/bista/didattica/sicurezza-pg/buffer-overrun/hacking-book/0x2a0-writing_shellcode.html
@ehsahil
ehsahil / find-aws-region.py
Created November 7, 2019 18:21 — forked from LyftGalactic/find-aws-region.py
A quick script to determine AWS Region from IP Address
from ipaddress import ip_network, ip_address
import json
import requests
import sys
def find_aws_region():
ip_json = requests.get('https://ip-ranges.amazonaws.com/ip-ranges.json')
#ip_json = json.load(open('ip-ranges.json'))
ip_json = ip_json.json()
prefixes = ip_json['prefixes']
_____ _ _ _ __ _______ _____ _____ _ _ _ _
| __ \ | | | | | \ \ / / ___/ ___| / __ \ | | | | | | |
| | \/ |__ ___| |_| |_ ___ \ V /\ `--.\ `--. | / \/ |__ ___ __ _| |_ ___| |__ ___ ___| |_
| | __| '_ \ / _ \ __| __|/ _ \ / \ `--. \`--. \ | | | '_ \ / _ \/ _` | __/ __| '_ \ / _ \/ _ \ __|
| |_\ \ | | | __/ |_| |_| (_) | / /^\ |\__/ /\__/ / | \__/\ | | | __/ (_| | |_\__ \ | | | __/ __/ |_
\____/_| |_|\___|\__|\__|\___/ \/ \|____/\____/ \____/_| |_|\___|\__,_|\__|___/_| |_|\___|\___|\__|
A ghetto collection of XSS payloads that I find to be useful during penetration tests, especially when faced with WAFs or application-based black-list filtering, but feel free to disagree or shoot your AK-74 in the air.
Simple character manipulations.