Nathan nmalcolm

## ssrf_iframe.svg

      
              1 file
            
          
              4 forks
            
          
              0 comments
            
          
              10 stars
            
          
                akhil-reni
                / ssrf_iframe.svg
            
            
              Created
              April 4, 2019 11:17
            
              
                SVG Foreign Objects IFrame SSRF
              
          
      Sorry, something went wrong. Reload?
      Sorry, we cannot display this file.
      Sorry, this file is invalid so it cannot be displayed.
      
          Viewer requires iframe.
      
    
## broken_link_hijacking.md

      
              1 file
            
          
              8 forks
            
          
              0 comments
            
          
              32 stars
            
          
                EdOverflow
                / broken_link_hijacking.md
            
            
              Last active
              May 30, 2023 18:31
            
              
                This post aims to give you a basic overview of the different issues that could possibly arise if a target links to an expired endpoint.
              
          
    Broken Link Hijacking - How expired links can be exploited.

Broken Link Hijacking (BLH) exists whenever a target links to an expired domain or page. Broken Link Hijacking comes in two forms, reflected and stored. This issue has been exploited in the wild numerous times, but surprisingly few researchers actively look for broken links in bug bounty programs.

This post aims to give you a basic overview of the different issues that could possibly arise if a target links to an expired endpoint.
Stored Broken Link Hijacking


## github_bugbountyhunting.md

      
              1 file
            
          
              98 forks
            
          
              15 comments
            
          
              532 stars
            
          
                EdOverflow
                / github_bugbountyhunting.md
            
            
              Last active
              April 13, 2024 13:20
            
              
                My tips for finding security issues in GitHub projects.
              
          
    GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output

  
## Security of cloaks.md

      
              1 file
            
          
              4 forks
            
          
              11 comments
            
          
              33 stars
            
          
                maxteufel
                / Security of cloaks.md
            
            
              Last active
              October 21, 2021 16:50
            
              
                About the security of (unaffiliated) cloaks on freenode
              
          
    Copyright (c) 2014, 2016, 2017 M. Teufel
Unlimited redistribution and modification of this document is allowed provided that the above copyright notice and this permission notice remains in tact.

If you are reading this, you probably asked for a (unaffiliated) cloak on freenode because you wanted to hide your IP or hostname.
This text is here to tell you that cloaks and vHosts don't hide your IP very well. Cloaks on freenode show your (lack of) affiliation with a project or a group being hosted on freenode.

  
## xhprof-check.php
<?php
$run1   = $_SERVER['argv'][1];
$run2   = $_SERVER['argv'][2];
$extra  = isset($_SERVER['argv'][3])?$_SERVER['argv'][3]:'';
$source = isset($_SERVER['argv'][4])?$_SERVER['argv'][4]:'drupal-perf';

include_once '/var/www/xhprof/xhprof_lib/utils/xhprof_lib.php';
include_once '/var/www/xhprof/xhprof_lib/utils/xhprof_runs.php';
include_once '/var/www/xhprof/xhprof_lib/display/xhprof.php';

## gist:1904652
#!/bin/bash

mkdir ~/.arc_install
cd ~/.arc_install
git clone git://github.com/facebook/libphutil.git
git clone git://github.com/facebook/arcanist.git

echo
echo
echo "DONE *************************************************"
	<?php
	$run1 = $_SERVER['argv'][1];
	$run2 = $_SERVER['argv'][2];
	$extra = isset($_SERVER['argv'][3])?$_SERVER['argv'][3]:'';
	$source = isset($_SERVER['argv'][4])?$_SERVER['argv'][4]:'drupal-perf';

	include_once '/var/www/xhprof/xhprof_lib/utils/xhprof_lib.php';
	include_once '/var/www/xhprof/xhprof_lib/utils/xhprof_runs.php';
	include_once '/var/www/xhprof/xhprof_lib/display/xhprof.php';
	#!/bin/bash

	mkdir ~/.arc_install
	cd ~/.arc_install
	git clone git://github.com/facebook/libphutil.git
	git clone git://github.com/facebook/arcanist.git

	echo
	echo
	echo "DONE *************************************************"