Skip to content

Instantly share code, notes, and snippets.

View haidv35's full-sized avatar
🇻🇳

haidv haidv35

🇻🇳
14 followers · 29 following
View GitHub Profile
@haidv35
haidv35 / get_crobat_domains.py
Created January 2, 2023 17:31 — forked from Aetsu/get_crobat_domains.py
Discover new domains/subdomains with sonar.omnisint.io API
# pip3 install requests argparse
# @author: @aetsu
import logging
import requests
import json
import urllib3
import socket
import sys
import argparse
@haidv35
haidv35 / phpdangerousfuncs.md
Created March 26, 2022 05:19 — forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@haidv35
haidv35 / shodan-dorks.txt
Created January 17, 2022 03:49 — forked from JoyGhoshs/shodan-dorks.txt
hostname:target.com | to find all asset available for target.com on shodan
http.title:"title" | to find server/host with similer title
http.html:"/file" | to find server/host with similar path
html:"context" | to find server/host with similar string
server: "apache 2.2.3" | to find server/host with same server
port:80 | to find server/host with same port
os:"windows" | to find server/host with same os
asn:AS3214 | to find host/server with matched asn
http.status:200 | to find server/host with 200 http response code
http.favicon.hash:"hash" | to find server/host with same favico hash