Skip to content

Instantly share code, notes, and snippets.

View ethicalhack3r's full-sized avatar
💭
"><img src=x onerror=alert('Github @ethicalhack3r')><"

Ryan Dewhurst ethicalhack3r

💭
"><img src=x onerror=alert('Github @ethicalhack3r')><"
1.2k followers · 9 following
View GitHub Profile
@ethicalhack3r
ethicalhack3r / gist:6336705
Created August 25, 2013 22:32
Every 2.0s: ls -l /tmp/ Sun Aug 25 23:32:20 2013
total 52
-rw------- 1 nginx nginx 650 Aug 25 22:50 phpFi0W7e
-rw------- 1 nginx nginx 1862 Apr 24 10:53 phpLm2rDl
-rw------- 1 nginx nginx 26468 Jun 19 01:33 phpLp8mgp
-rw------- 1 nginx nginx 730 Aug 15 16:24 phpOKZhXI
-rw------- 1 nginx nginx 730 Aug 15 16:24 phpT1EBnQ
-rw------- 1 nginx nginx 1862 Apr 23 23:24 phpkCvyLZ
@ethicalhack3r
ethicalhack3r / gist:6779373
Created October 1, 2013 14:28
<a href=”http://www.example.com”>Some Example</a>
<a href=”http://www.example.com”>http://www.example.com</a>
@ethicalhack3r
ethicalhack3r / license.txt
Created January 21, 2015 14:17
WPScan Public Source License
WPScan Public Source License
The WPScan software (henceforth referred to simply as "WPScan") is dual-licensed - Copyright 2011-2015 WPScan Team.
Cases that include commercialization of WPScan require a commercial, non-free license. Otherwise, WPScan can be used without charge under the terms set out below.
Definitions
“License” means this document.
“Contributor” means each individual or legal entity that creates, contributes to the creation of, or owns WPScan.
@ethicalhack3r
ethicalhack3r / euskalhack.md
Created February 29, 2016 15:36
[CFP] EuskalHack (San Sebastian / Donostia) 2016

Introduction

EuskalHack Security Congress is the first Ethical Hacking association in Euskadi, with the aim of promoting the community and culture in digital security to anyone who may be interested.

This exclusive conference is shaping up to be the most relevant in the Basque Country, with an estimated 125 attendees for the first edition.

The participants include specialised companies, state security organisations, professionals, hobbyists and students in the area of security and Information Technology.

Estimated date and location

@ethicalhack3r
ethicalhack3r / gist:6145925
Created August 3, 2013 09:59
Zone Transfer Alexa Top 1 Million using dnsrecon
#!/bin/bash
while read LINE ; do
N=$((N+1))
echo "$N - $LINE"
python dnsrecon.py -d $LINE -t axfr -c axfr_results/$N-$LINE.csv
done < alexa.txt
@ethicalhack3r
ethicalhack3r / http_ntlm__auth_brute.rb
Created August 17, 2018 12:51
Brute Forces HTTP NTLM Basic Authentication using Typhoeus
#!/usr/bin/env ruby
require 'typhoeus'
target_url = ARGV[0]
usernames = File.read(ARGV[1]).split("\n")
passwords = File.read(ARGV[2]).split("\n")
hydra = Typhoeus::Hydra.new
@ethicalhack3r
ethicalhack3r / mad5.txt
Created March 1, 2019 15:09
Yes, this is a joke. But we will really be releasing a WordPress plugin. Let us know if you find any vulnerabilities ;)
9f10c5276812e8fdabc2c4e5bb75f836
@ethicalhack3r
ethicalhack3r / is_wordpress.rb
Last active October 17, 2019 09:21
#!/usr/bin/env ruby
require 'wpscan'
require 'uri'
filename = ARGV[0]
def check_wordpress( website )
WPScan::Browser.instance( disable_tls_checks: true )
@ethicalhack3r
ethicalhack3r / ids.txt
Created October 18, 2019 14:03
> select id from vulnerabilities where poc != '';
+------+
| id |
+------+
| 6028 |
| 6219 |
| 6499 |
| 6548 |
| 7680 |
| 7710 |
@ethicalhack3r
ethicalhack3r / magento_version.rb
Created December 12, 2016 11:09
Finds the remote version of magento
#!/usr/bin/env ruby
require 'typhoeus'
require 'json'
require 'uri'
require 'digest/md5'
# https://raw.githubusercontent.com/gwillem/magento-version-identification/master/version_hashes.json
target = ARGV[0]