Skip to content

Instantly share code, notes, and snippets.

Jason Haddix jhaddix

View GitHub Profile
@jhaddix
jhaddix / all.txt
Last active Aug 4, 2020
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
View all.txt
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@jhaddix
jhaddix / WAHH_Task_Checklist.md
Last active Aug 3, 2020 — forked from gbedoya/WAHH_Task_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
View WAHH_Task_Checklist.md
@jhaddix
jhaddix / cloud_metadata.txt
Last active Aug 5, 2020 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@jhaddix
jhaddix / content_discovery_all.txt
Created May 26, 2018
a masterlist of content discovery URLs and files (used most commonly with gobuster)
View content_discovery_all.txt
This file has been truncated, but you can view the full file.
`
~/
~
ים
___
__
_
@jhaddix
jhaddix / all.txt
Created Jan 19, 2019 — forked from orangetw/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
View all.txt
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
View bountyscan_setup.sh
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive;
echo "[*] Starting Install... [*]"
echo "[*] Upgrade installed packages to latest [*]"
echo -e "\nRunning a package upgrade...\n"
apt-get -qq update && apt-get -qq dist-upgrade -y
apt full-upgrade -y
apt-get autoclean
echo "[*] Install stuff I use all the time [*]"
@jhaddix
jhaddix / bgp.sh
Created Nov 21, 2019
copy in bghp.he.net to this script and get amass command
View bgp.sh
#!/bin/bash
expand $1 |cut -d " " -f1|sed 's/AS//g'
echo ""
echo ""
lined=`expand $1 |cut -d " " -f1|sed 's/AS//g'| tr '\n' ','`
@jhaddix
jhaddix / amass_intel_for_loop
Created Nov 21, 2019
Foir loop to run amass intel for easy killing of single thread
View amass_intel_for_loop
for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done
@jhaddix
jhaddix / Github bash generated search links (from hunter.sh)
Created Jan 12, 2020
Github bash generated search links (from hunter.sh)
View Github bash generated search links (from hunter.sh)
@jhaddix
jhaddix / bucket-disclose.sh
Created Jul 22, 2020 — forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
View bucket-disclose.sh
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
You can’t perform that action at this time.