Skip to content

Instantly share code, notes, and snippets.

View giuliocomi's full-sized avatar
🇮🇹

giuliocomi

🇮🇹
View GitHub Profile
@saelo
saelo / 3_years_of_attacking_javascript_engines.txt
Created October 27, 2019 16:04
3 Years of Attacking JavaScript Engines
|=-----------------------------------------------------------------------=|
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=|
|=-----------------------------------------------------------------------=|
|=------------------------------=[ saelo ]=------------------------------=|
|=-----------------------------------------------------------------------=|
The following are some brief notes about the changes that have taken place
since the release of the "Attacking JavaScript Engines" paper [1]. In
general, no big conceptional changes have happened since. Mitigations have
been added to break some of the presented techniques and, as expected, a
@mccabe615
mccabe615 / AngularTI.md
Last active April 18, 2024 11:37
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@Svenito
Svenito / idle_scan.py
Created June 16, 2014 14:29
Run idle scan using scapy to craft packets
#!/bin/env python2.6
import os
import sys
from scapy.all import *
def is_root():
return os.getuid() == 0