hackhunt
/ sqlmap-waf_bypass-cheatsheet
Created
February 10, 2021 17:07
Cheatsheet for Bypassing WAF using SQLMap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # All scripts | |
| --tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords | |
| # General scripts | |
| --tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes | |
| # Microsoft access | |
| --tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfv |
hackhunt
/ sqlmap-enumeration-cheatsheet
Created
February 10, 2021 17:00
Cheatsheet for enumeration flags in SQLMap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -a, --all Retrieve everything | |
| -b, --banner Retrieve DBMS banner | |
| --current-user Retrieve DBMS current user | |
| --current-db Retrieve DBMS current database | |
| --hostname Retrieve DBMS server hostname | |
| --is-dba Detect if the DBMS current user is DBA | |
| --users Enumerate DBMS users | |
| --passwords Enumerate DBMS users password hashes | |
| --privileges Enumerate DBMS users privileges | |
| --roles Enumerate DBMS users roles |
hackhunt
/ torrent-trackers.txt
Created
February 9, 2021 12:12
Contains a list of Public Trackers for Torrents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| udp://tracker.torrent.eu.org:451/announce | |
| http://vps02.net.orel.ru:80/announce | |
| https://tracker.nanoha.org:443/announce | |
| http://tracker.files.fm:6969/announce | |
| https://tracker.nitrix.me:443/announce | |
| https://tracker.tamersunion.org:443/announce | |
| udp://aaa.army:8866/announce | |
| https://tracker.imgoingto.icu:443/announce | |
| udp://blokas.io:6969/announce | |
| udp://discord.heihachi.pw:6969/announce |
hackhunt
/ mac-vendor.txt
Created
April 2, 2020 10:44
— forked from aallan/mac-vendor.txt
List of MAC addresses with vendors identities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 000000 Officially Xerox | |
| 000001 SuperLAN-2U | |
| 000002 BBN (was internal usage only, no longer used) | |
| 000003 XEROX CORPORATION | |
| 000004 XEROX CORPORATION | |
| 000005 XEROX CORPORATION | |
| 000006 XEROX CORPORATION | |
| 000007 XEROX CORPORATION | |
| 000008 XEROX CORPORATION | |
| 000009 powerpipes? |