| Service | SSL | status | Response Type | Allowed methods | Allowed headers |
|---|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # download webarchive.sh | |
| # bash webarchive.sh example.com | |
| curl -s 'http://web.archive.org/cdx/search/cdx?url=*.$1/*&output=json&collapse=urlkey'|jq ".[][2]"|tr '"' ' '|awk "{print $2}"|tr '://' ' '|awk '{print $2}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # by m4ll0k | |
| # github.com/m4ll0k | |
| import sys | |
| try: | |
| import jsbeautifier | |
| import requests | |
| except Exception as e: | |
| sys.exit(print("{0}.. please download this module/s".format(e))) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # by m4ll0k | |
| # github.com/m4ll0k | |
| # gist.github.com/m4ll0k | |
| # Usage: | |
| #------ python3 tojson.py https://www.example.com | |
| #------ cat targets.txt | python3 tojson.py | |
| import requests as _0x1 | |
| import sys as _0x2 |
m4ll0k
/ getpoint.py
Last active
November 26, 2021 16:54
getpoint.py - Take a wordlist and generate the potential injection point for make dns bruteforce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ----------------------------- | |
| # by m4ll0k (@m4ll0k) | |
| # github.com/m4ll0k | |
| # ------------------------------ | |
| # e.g: | |
| # echo -e "test.example.com\ntest-dev.example.com\nstaging-test.example.com" > targets.txt && python3 getpoint.py targets.txt %FUZZ% | |
| # output: | |
| ''' | |
| %FUZZ%.test.example.com | |
| %FUZZ%.test-dev.example.com |
m4ll0k
/ content_discovery_all.txt
Created
June 17, 2020 11:18
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
m4ll0k
/ all.txt
Created
June 17, 2020 11:19
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
m4ll0k
/ gist:c33c3bac057584642c8a63144888e3d1
Created
June 22, 2020 13:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # replace $mytarget with your target | |
| gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli' | |
| # use -r option for extract anything | |
| gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli -r "$anything"' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| undefined | |
| undef | |
| null | |
| NULL | |
| (null) | |
| nil | |
| NIL | |
| true | |
| false | |
| True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # github.com/m4ll0k (@m4ll0k2) | |
| ''' | |
| Steps: | |
| 0. Make dir like chaos 'mkdir chaos' | |
| 1. Download this script in choas dir 'wget https://..' | |
| 2. Now: 'python3 choas.py |sort -u > dns_wordlist.txt' | |
| ''' |
OlderNewer