Skip to content

Instantly share code, notes, and snippets.

View marz-hunter's full-sized avatar
🕷️
bug

Marzuki marz-hunter

🕷️
bug
View GitHub Profile
saya punya sinyal untuk entry GOLD di C:\Users\Administrator\Documents\EA\sinyal.txt
dalam 3 detik sinyal.txt akan di hapus dan di buat lagi setelah ada sinyal baru dan di hapus dalam 3 detik lagi. contoh isi:
sell-limit: 2653.4
action: sell
symbol: Gold
range: 2651.3-2655.3
sl: 2657.3
tp1: 2649
@marz-hunter
marz-hunter / zendesk.md
Created October 20, 2024 05:36 — forked from hackermondev/zendesk.md
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like support@company.com), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

Berikut adalah langkah-langkah untuk mengaktifkan Remote Desktop Protocol (RDP) di Windows 10 dan mengaksesnya melalui Ngrok:

1. Aktifkan RDP di Windows 10

  1. Buka Settings dengan menekan tombol Windows + I.

  2. Pilih System > Remote Desktop.

  3. Aktifkan Enable Remote Desktop.

import requests
# Step 1: Get the initial buildId from the first request
response1 = requests.get('https://immunefi.com/bug-bounty/')
response1.raise_for_status() # Ensure we got a successful response
# Find the buildId in the response body
start_index = response1.text.find('"buildId":"') + len('"buildId":"')
end_index = response1.text.find('"', start_index)
build_id = response1.text[start_index:end_index]
#!/usr/bin/python
import io
import tldextract
def extract(infile):
with io.open(infile, encoding='utf-8') as f:
for line in f:
domain = line.strip('\n')
extracted = tldextract.extract(domain)
@marz-hunter
marz-hunter / xss.sh
Last active November 29, 2023 22:46
uro -i waymore.txt -o uro
sleep 1
/root/urldedupe/urldedupe -u uro -s -qs | tee dup
sleep 1
httpx -l dup -nc -sc -ct -o duph
sleep 5
from burp import IBurpExtender
from burp import IHttpListener
from burp import IProxyListener
from burp import IExtensionHelpers
from burp import IScannerListener
from burp import IExtensionStateListener
from burp import IParameter
from java.io import PrintWriter
from java.net import URLEncoder
from burp import ITab
wget --mirror --convert-links --adjust-extension --page-requisites --no-parent
https://www.editpad.org/tool/extract-text-from-image
#!/usr/bin/env python3
import json
from urllib.parse import quote, quote_plus
import sys
import os
import argparse
parser = argparse.ArgumentParser(