Gistlog testing
noobh4x
noobh4x
/ noobrecon.sh
Created
October 11, 2019 22:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #################################### | |
| # Config | |
| ################## | |
| HTTPROBE_CONCURRENCY=100 | |
| HTTPROBE_TIMEOUT=3000 | |
| DIRSEARCH_THREADS=50 |
noobh4x
/ dns-recon.sh
Last active
January 20, 2024 15:11
Automated DNS enumeration. Cloudflare section is funky.. working on it..
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ -z "`which jq 2>/dev/null`" ]]; | |
| then | |
| echo '[!!] Error: jq is required to continue' | |
| fi | |
| if [[ -z "`which amass 2>/dev/null`" ]]; | |
| then | |
| echo '[!!] Error: amass is required to continue' |
Welcome to my simple blog. I'm, as the name suggests, a noob hacker. I've tinkered with things here and there, and I've gotten a decent grasp about the basics. But there's tons of things to learn still to be able to play with the big league.
I've been reading bounty and ctf write ups, following people on twitter and reading news. This has inspired me to continue what I started. Time to clear some time in my schedule.
Some probably thinks this, and it's a good question. Mainly I'm blogging for selfish reasons. It's first of all a place for me to collect what I learn. The side effect of it is that people that is also just starting out can learn from my mistakes,
noobh4x
/ cloudsub.alias
Created
April 2, 2019 21:06
Alias to detect possible subdomains subject to takeover.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This list of subdomains is from haccer/scanio.sh | |
| # Source: https://gist.github.com/haccer/3698ff6927fc00c8fe533fc977f850f8 | |
| export SUBOVER_SEARCH='.cloudfront.net|.s3-website|.s3.amazonaws.com|w.amazonaws.com|1.amazonaws.com|2.amazonaws.com|s3-external|s3-accelerate.amazonaws.com|.herokuapp.com|.herokudns.com|.wordpress.com|.pantheonsite.io|domains.tumblr.com|.zendesk.com|.github.io|.global.fastly.net|.helpjuice.com|.helpscoutdocs.com|.ghost.io|cargocollective.com|redirect.feedpress.me|.myshopify.com|.statuspage.io|.uservoice.com|.surge.sh|.bitbucket.io|custom.intercom.help|proxy.webflow.com|landing.subscribepage.com|endpoint.mykajabi.com|.teamwork.com|.thinkific.com|clientaccess.tave.com|wishpond.com|.aftership.com|ideas.aha.io|domains.tictail.com|cname.mendix.net|.bcvp0rtal.com|.brightcovegallery.com|.gallery.video|.bigcartel.com|.activehosted.com|.createsend.com|.acquia-test.co|.proposify.biz|simplebooklet.com|.gr8.com|.vendecommerce.com|.azurewebsites.net|.cloudapp.net|.trafficmanager.net|.blob.core.wind |
noobh4x
/ waybackurls.alias
Last active
April 2, 2019 21:15
Alias to search for domains on web.archive.org
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Add this to .bashrc or .bash_aliases | |
| waybackurls() { | |
| curl --silent "http://web.archive.org/cdx/search/cdx?url=$1*&output=text&fl=original&collapse=urlkey" | |
| } |