This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hello |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
id: CVE-2002-0561 | |
info: | |
name: Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication | |
author: Segfolt | |
severity: High | |
requests: | |
- method: GET | |
path: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
id: apache-webdav-dir-listing | |
info: | |
name: Apache WebDAV Module PROPFIND Arbitrary Directory Listing | |
author: segfolt | |
severity: Medium | |
# https://vuldb.com/?id.16000 | |
requests: | |
- raw: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
id: CVE-2017-12542 | |
info: | |
name: iLO 4 < 2.53 - Add New Administrator User | |
author: segfolt | |
severity: High | |
# Exploit Source: https://www.exploit-db.com/exploits/44005 | |
# Reference: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf03769en_us | |
requests: | |
- raw: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# @ih3bski | |
from flask import Flask | |
from flask_sqlalchemy import SQLAlchemy | |
import uuid | |
from loguru import logger | |
import sys | |
app = Flask(__name__) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo subdomains | grep '=' | qsreplace FUZZ\" -a | while read url;do target=$(curl -s -l $url | egrep -o '(FUZZ"|FUZZ\\")'); echo -e "Target:\e[1;33m $url\e[0m" "$target" "\n-------"; done | sed 's/FUZZ"/[Xss Possible] Reflection Found/g' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cat domains.txt | parallel -j250 'nmap -Pn --top-ports 100 -T4 -vv --open -oN results.txt {}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cat subdomains.txt | parallel -j250 'host {} | grep "has address" | cut -d " " -f1,4' | sort -u |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cat hosts.txt | parallel -j255 'netcat -znv -w 1 {} 80 443 8080 25' &> nc-scan.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Usage : | |
# $ echo "host1 host2 host3" | ./scanner | |
# $ cat myservers | ./scanner | |
# | |
servers="$(cat)" | |
for servers in $servers; do | |
host $servers | host $servers | cut -d ' ' -f1,4 |