Skip to content

Instantly share code, notes, and snippets.

Avatar

Jason Haddix jhaddix

View GitHub Profile
@jhaddix
jhaddix / reconftw.cfg
Last active February 5, 2023 22:33
reconFTW config file: NO google/osint, wordlist creation, nuclei js analysis
View reconftw.cfg
#################################################################
# reconFTW config file #
#################################################################
# General values
tools=~/Tools # Path installed tools
SCRIPTPATH="$( cd "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" # Get current script's path
profile_shell=".$(basename $(echo $SHELL))rc" # Get current shell profile
reconftw_version=$(git rev-parse --abbrev-ref HEAD)-$(git describe --tags) # Fetch current reconftw version
generate_resolvers=false # Generate custom resolvers with dnsvalidator
View Github Dorks
echo ""
echo "************ Github Dork Links (must be logged in) *******************"
echo ""
echo " password"
echo "https://github.com/search?q="hackertarget.site"+password&type=Code"
echo "https://github.com/search?q=""hackertarget""+password&type=Code"
echo ""
echo " npmrc _auth"
@jhaddix
jhaddix / bucket-disclose.sh
Created July 22, 2020 17:49 — forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
View bucket-disclose.sh
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
@jhaddix
jhaddix / Github bash generated search links (from hunter.sh)
Created January 12, 2020 19:55
Github bash generated search links (from hunter.sh)
View Github bash generated search links (from hunter.sh)
@jhaddix
jhaddix / amass_intel_for_loop
Created November 21, 2019 05:29
Foir loop to run amass intel for easy killing of single thread
View amass_intel_for_loop
for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done
@jhaddix
jhaddix / bgp.sh
Created November 21, 2019 05:27
copy in bghp.he.net to this script and get amass command
View bgp.sh
#!/bin/bash
expand $1 |cut -d " " -f1|sed 's/AS//g'
echo ""
echo ""
lined=`expand $1 |cut -d " " -f1|sed 's/AS//g'| tr '\n' ','`
View bountyscan_setup.sh
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive;
echo "[*] Starting Install... [*]"
echo "[*] Upgrade installed packages to latest [*]"
echo -e "\nRunning a package upgrade...\n"
apt-get -qq update && apt-get -qq dist-upgrade -y
apt full-upgrade -y
apt-get autoclean
echo "[*] Install stuff I use all the time [*]"
@jhaddix
jhaddix / all.txt
Created January 19, 2019 04:35 — forked from orangetw/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
View all.txt
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@jhaddix
jhaddix / content_discovery_all.txt
Created May 26, 2018 11:51
a masterlist of content discovery URLs and files (used most commonly with gobuster)
View content_discovery_all.txt
This file has been truncated, but you can view the full file.
`
~/
~
ים
___
__
_
---
@jhaddix
jhaddix / cloud_metadata.txt
Last active January 28, 2023 08:39 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key