Nathan nmalcolm

## gist:74ba3211cd67e9139e10
curl -sI www.site.com/file.tar.gz | grep Content-Length | awk '{print $2}'

## base.py.patch
diff --git a/core/base.py b/core/base.py
index 4d957f8..67e838c 100644
--- a/core/base.py
+++ b/core/base.py
@@ -120,7 +120,7 @@ class Recon(framework.Framework):
             # create the database and table
             self.query_keys('CREATE TABLE keys (name TEXT PRIMARY KEY, value TEXT)')
             # populate key names
-            for name in ['bing_api', 'builtwith_api', 'facebook_api', 'facebook_password', 'facebook_secret', 'facebook_username', 'flickr_api', 'google_api', 'google_cse', 'ipinfodb_api', 'jigsaw_api', 'jigsaw_password', 'jigsaw_username', 'linkedin_api', 'linkedin_secret', 'linkedin_token', 'pwnedlist_api', 'pwnedlist_iv', 'pwnedlist_secret', 'rapportive_token', 'shodan_api', 'sonar_api', 'twitter_api', 'twitter_secret', 'twitter_token', 'virustotal_api']:
+            for name in ['bing_api', 'builtwith_api', 'facebook_api', 'facebook_password', 'facebook_secret', 'facebook_username', 'flickr_api', 'instagram_api', 'google_api', 'google_cse', 'ipinfodb_api', 'jigsaw_api', 'jigsaw_pas

## open_redirect_wordlist.txt
/http://example.com
/%5cexample.com
/%2f%2fexample.com
/example.com/%2f%2e%2e
/http:/example.com
/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com
/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
	diff --git a/core/base.py b/core/base.py
	index 4d957f8..67e838c 100644
	--- a/core/base.py
	+++ b/core/base.py
	@@ -120,7 +120,7 @@ class Recon(framework.Framework):
	# create the database and table
	self.query_keys('CREATE TABLE keys (name TEXT PRIMARY KEY, value TEXT)')
	# populate key names
	- for name in ['bing_api', 'builtwith_api', 'facebook_api', 'facebook_password', 'facebook_secret', 'facebook_username', 'flickr_api', 'google_api', 'google_cse', 'ipinfodb_api', 'jigsaw_api', 'jigsaw_password', 'jigsaw_username', 'linkedin_api', 'linkedin_secret', 'linkedin_token', 'pwnedlist_api', 'pwnedlist_iv', 'pwnedlist_secret', 'rapportive_token', 'shodan_api', 'sonar_api', 'twitter_api', 'twitter_secret', 'twitter_token', 'virustotal_api']:
	+ for name in ['bing_api', 'builtwith_api', 'facebook_api', 'facebook_password', 'facebook_secret', 'facebook_username', 'flickr_api', 'instagram_api', 'google_api', 'google_cse', 'ipinfodb_api', 'jigsaw_api', 'jigsaw_pas
	/http://example.com
	/%5cexample.com
	/%2f%2fexample.com
	/example.com/%2f%2e%2e
	/http:/example.com
	/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
	/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
	/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com
	/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
	/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com