The Web Application Hacker's Handbook
Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
View exercise_4.ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Stooge.Worker do | |
| @moduledoc """ | |
| Exercises from The Little Elixir & OTP Guidebook, Section 4.4. | |
| Write a `GenServer` taht can store any valid Elixir term, given a key. Here are a few operations to get you started: | |
| - `Cache.write(:stooges, ["Larry", "Curly", "Moe"])` | |
| - `Cache.read(:stooges)` | |
| - `Cache.delete(:stooges)` | |
| - `Cache.clear(:stooges)` | |
| - `Cache.exist(:stooges)` | |
| """ |
View bookstack_md_import.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from glob import glob | |
| from pathlib import Path | |
| from os import path | |
| BOOKSTACK_URL = "" # Your Bookstack URL | |
| API_ID_TOKEN = "" # API ID and TOKEN in "ID:TOKEN" format | |
| BOOK_ID = 8 #Your Book ID | |
| Directory_path = "/home/notes/Web" # Path to the directory having all the files which needs to be uploaded as new pages |
mzfr
/ WAHH_Task_Checklist.md
Created Aug 19, 2020
— forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
mzfr
/ google-dorks
Created Aug 10, 2020
— forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
View google-dorks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " _ _ " | |
| " _ /|| . . ||\ _ " | |
| " ( } \||D ' ' ' C||/ { % " | |
| " | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
| " |_\_ |----| |----| _/_|" | |
| " | |/ | | | | \| |" | |
| " | /_ | | | | _\ |" | |
| It is all fun and games until someone gets hacked! |
mzfr
/ cloud_metadata.txt
Created Jul 30, 2020
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
mzfr
/ BurpSuiteSSLPassTrough.json
Created Jun 26, 2020
— forked from vsec7/BurpSuiteSSLPassTrough.json
Filter out the noise
View BurpSuiteSSLPassTrough.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "proxy":{ | |
| "ssl_pass_through":{ | |
| "automatically_add_entries_on_client_ssl_negotiation_failure":false, | |
| "rules":[ | |
| { | |
| "enabled":true, | |
| "host":".*\\.google\\.com", | |
| "protocol":"any" | |
| }, |
mzfr
/ bb-foxyproxy-pattern.json
Created Jun 26, 2020
— forked from ignis-sec/bb-foxyproxy-pattern.json
foxyproxy pattern (install Storage area explorer and import this file, foxyproxy import/export is broken)
View bb-foxyproxy-pattern.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "30523382": { | |
| "className": "Proxy", | |
| "data": { | |
| "bypassFPForPAC": true, | |
| "color": "#f57575", | |
| "configUrl": "", | |
| "credentials": "U2FsdGVkX1+tf3lvD5TBClW2UUSZAT4AWsCo/i0kU2M=", | |
| "cycle": false, | |
| "enabled": true, |
View Tanner-data-analysis.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
mzfr
/ sessions_downloader.py
Created May 31, 2020
This script helps you download all sessions from tanner if your API is accesible from outside
View sessions_downloader.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This is a small script that will help you download | |
| all your data from snare tanner using tanner's API. | |
| Always remember to deploy the API if the honeypot is | |
| being deployed in the real world environment. | |
| """ | |
| import json | |
| import requests |
View ip2dh.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| You can run this in the following format: | |
| For decimal: python3 ip2dh.py D <Ip-address> | |
| For Hexadecimal: python3 ip2dh.py H <Ip-address> | |
| """ | |
| #!/usr/bin/python3 | |
| import sys | |
| if len(sys.argv) < 3: |
NewerOlder