The Web Application Hacker's Handbook
Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
Jason Haddix jhaddix
-
https://jasonhaddix.com/
- United States
- Sign in to view email
- https://twitter.com/Jhaddix
jhaddix
/ amass_intel_for_loop
Created Nov 21, 2019
Foir loop to run amass intel for easy killing of single thread
View amass_intel_for_loop
| for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done |
View bgp.sh
| #!/bin/bash | |
| expand $1 |cut -d " " -f1|sed 's/AS//g' | |
| echo "" | |
| echo "" | |
| lined=`expand $1 |cut -d " " -f1|sed 's/AS//g'| tr '\n' ','` |
jhaddix
/ bountyscan_setup.sh
Created Jan 27, 2019
— forked from random-robbie/bountyscan_setup.sh
View bountyscan_setup.sh
| #!/bin/bash | |
| export DEBIAN_FRONTEND=noninteractive; | |
| echo "[*] Starting Install... [*]" | |
| echo "[*] Upgrade installed packages to latest [*]" | |
| echo -e "\nRunning a package upgrade...\n" | |
| apt-get -qq update && apt-get -qq dist-upgrade -y | |
| apt full-upgrade -y | |
| apt-get autoclean | |
| echo "[*] Install stuff I use all the time [*]" |
jhaddix
/ all.txt
Created Jan 19, 2019
— forked from orangetw/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
View all.txt
This file has been truncated, but you can view the full file.
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
jhaddix
/ content_discovery_all.txt
Created May 26, 2018
a masterlist of content discovery URLs and files (used most commonly with gobuster)
View content_discovery_all.txt
This file has been truncated, but you can view the full file.
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
jhaddix
/ cloud_metadata.txt
Last active Nov 17, 2019
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
jhaddix
/ WAHH_Task_Checklist.md
Last active Nov 17, 2019
— forked from gbedoya/WAHH_Task_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
View all.txt
This file has been truncated, but you can view the full file.
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|