The Web Application Hacker's Handbook
Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
defmodule Stooge.Worker do | |
@moduledoc """ | |
Exercises from The Little Elixir & OTP Guidebook, Section 4.4. | |
Write a `GenServer` taht can store any valid Elixir term, given a key. Here are a few operations to get you started: | |
- `Cache.write(:stooges, ["Larry", "Curly", "Moe"])` | |
- `Cache.read(:stooges)` | |
- `Cache.delete(:stooges)` | |
- `Cache.clear(:stooges)` | |
- `Cache.exist(:stooges)` | |
""" |
import requests | |
from glob import glob | |
from pathlib import Path | |
from os import path | |
BOOKSTACK_URL = "" # Your Bookstack URL | |
API_ID_TOKEN = "" # API ID and TOKEN in "ID:TOKEN" format | |
BOOK_ID = 8 #Your Book ID | |
Directory_path = "/home/notes/Web" # Path to the directory having all the files which needs to be uploaded as new pages |
Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
" _ _ " | |
" _ /|| . . ||\ _ " | |
" ( } \||D ' ' ' C||/ { % " | |
" | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
" |_\_ |----| |----| _/_|" | |
" | |/ | | | | \| |" | |
" | /_ | | | | _\ |" | |
It is all fun and games until someone gets hacked! |
## AWS | |
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
http://169.254.169.254/latest/user-data | |
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/ami-id | |
http://169.254.169.254/latest/meta-data/reservation-id | |
http://169.254.169.254/latest/meta-data/hostname | |
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
{ | |
"proxy":{ | |
"ssl_pass_through":{ | |
"automatically_add_entries_on_client_ssl_negotiation_failure":false, | |
"rules":[ | |
{ | |
"enabled":true, | |
"host":".*\\.google\\.com", | |
"protocol":"any" | |
}, |
{ | |
"30523382": { | |
"className": "Proxy", | |
"data": { | |
"bypassFPForPAC": true, | |
"color": "#f57575", | |
"configUrl": "", | |
"credentials": "U2FsdGVkX1+tf3lvD5TBClW2UUSZAT4AWsCo/i0kU2M=", | |
"cycle": false, | |
"enabled": true, |
""" | |
This is a small script that will help you download | |
all your data from snare tanner using tanner's API. | |
Always remember to deploy the API if the honeypot is | |
being deployed in the real world environment. | |
""" | |
import json | |
import requests |
""" | |
You can run this in the following format: | |
For decimal: python3 ip2dh.py D <Ip-address> | |
For Hexadecimal: python3 ip2dh.py H <Ip-address> | |
""" | |
#!/usr/bin/python3 | |
import sys | |
if len(sys.argv) < 3: |