Skip to content

Instantly share code, notes, and snippets.

View myuyu's full-sized avatar

El Mehdi myuyu

23 followers · 27 following
View GitHub Profile
@msrkp
msrkp / review.md
Last active February 6, 2024 20:30
https://portswigger.net/polls/top-10-web-hacking-techniques-2023
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active June 10, 2024 08:32
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@AvasDream
AvasDream / oscp_prep.md
Last active March 30, 2024 00:01
Resource for OSCP like HTB Boxes with Ippsec Videos and Writeups.
@dwisiswant0
dwisiswant0 / st8out.sh
Last active February 17, 2024 16:48
St8out - Extra one-liner for reconnaissance
#!/bin/bash
#####
#
# St8out - Extra one-liner for reconnaissance
#
# Usage: ./st8out.sh target.com
#
# Resources:
# - https://github.com/j3ssie/metabigor
@pikpikcu
pikpikcu / .zshrc
Created January 27, 2020 16:09
```zshrc
#▄███████▄ ▄████████ ▄█ █▄ ▄████████ ▄████████
#██▀ ▄██ ███ ███ ███ ███ ███ ███ ███ ███
# ▄███▀ ███ █▀ ███ ███ ███ ███ ███ █▀
#▀█▀▄███▀▄▄ ███ ▄███▄▄▄▄███▄▄ ▄███▄▄▄▄██▀ ███
# ▄███▀ ▀ ▀███████████ ▀▀███▀▀▀▀███▀ ▀▀███▀▀▀▀▀ ███
#▄███▀ ███ ███ ███ ▀███████████ ███ █▄
#███▄ ▄█ ▄█ ███ ███ ███ ███ ███ ███ ███
#▀████████▀ ▄████████▀ ███ █▀ ███ ███ ████████▀
# ███ ███
@Edu4rdSHL
Edu4rdSHL / parallel-subdomains-resolv.md
Created November 11, 2019 16:03 
[ SecHackLabs ~/Projects/Rust/Development/findomain ] [develop]
└─ ▶ time ./target/release/findomain -t aol.com --query-database -i --threads 100

Target ==> aol.com

Searching subdomains in the Findomain database for the target aol.com 🔍

Performing asynchronous subdomains resolution for 70600 subdomains with 100 threads, it will take a while. 🧐
@tomnomnom
tomnomnom / short-wordlist.txt
Created September 29, 2019 19:44
short-wordlist
/.s3cfg
/phpunit.xml
/nginx.conf
/.vimrc
/LICENSE.md
/yarn.lock
/Gulpfile
/Gulpfile.js
/composer.json
/.npmignore
@tehryanx
tehryanx / trufflehog.json
Last active June 3, 2022 08:26
High signal patterns from trufflehog refactored to work with tomnomnom's gf
{
"flags": "-HnriE",
"patterns": [
"(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})",
"-----BEGIN RSA PRIVATE KEY-----",
"-----BEGIN DSA PRIVATE KEY-----",
"-----BEGIN EC PRIVATE KEY-----",
"-----BEGIN PGP PRIVATE KEY BLOCK-----",
"AKIA[0-9A-Z]{16}",
"amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
@zenosxx
zenosxx / subdomain.sh
Last active April 26, 2021 08:28
Subdomain recon
#!/bin/bash
echo "Recon $1"
domain=$1
path="~/Desktop/Asset-note/"
folder=recon-$(date +"%Y-%m-%d")
sub_path=$path/$domain/$folder/subdomain
filemon_path=$path/$domain/Filemonitor
@cyberheartmi9
cyberheartmi9 / Bug Bounty methodology
Last active February 2, 2024 12:17
██████╗ ███████╗ ██████╗ ██████╗ ███╗ ██╗
██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗ ██║
██████╔╝█████╗ ██║ ██║ ██║██╔██╗ ██║
██╔══██╗██╔══╝ ██║ ██║ ██║██║╚██╗██║
██║ ██║███████╗╚██████╗╚██████╔╝██║ ╚████║
╚═╝ ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝
@intx0x80