Skip to content

Instantly share code, notes, and snippets.

View resolve.sh
for p in $(bbrf programs); do
bbrf domains --view unresolved -p $p | \
dnsx -silent -a -resp | tr -d '[]' | tee \
>(awk '{print $1":"$2}' | bbrf domain update - -p $p -s dnsx) \
>(awk '{print $1":"$2}' | bbrf domain add - -p $p -s dnsx) \
>(awk '{print $2":"$1}' | bbrf ip add - -p $p -s dnsx) \
>(awk '{print $2":"$1}' | bbrf ip update - -p $p -s dnsx)
done
View apk_relative_links.txt
View apk_params.txt
MD
TermUrl
a
adjust_campaign
alternatives
amount
app
app_id
appname
avoid
@nullenc0de
nullenc0de / api-linkfinder.sh
Created Aug 7, 2021
Exports links and params from API documentation
View api-linkfinder.sh
wget https://gist.githubusercontent.com/nullenc0de/bb16be959686295b3b1caff519cc3e05/raw/2016dc0e692821ec045edd5ae5c0aba5ec9ec3f1/api-linkfinder.yaml
echo https://stripe.com/docs/api | hakrawler -t 500 -d 10 |nuclei -t ./linkfinder.yaml -o api.txt
cat api.txt |grep url_params |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_params.txt
cat api.txt |grep relative_links |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_link_finder.txt
View api-linkfinder.yaml
id: api-linkfinder
info:
name: API Recon
author: nullenc0de
severity: info
tags: file
requests:
- method: GET
View apk-recon.yaml
id: apk-recon
info:
name: APK Recon
author: nullenc0de
severity: info
tags: android,file
file:
- extensions:
View whey-cewler.py
'''
Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written
in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer
runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It
does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in
convenience.
The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written
in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python,
making it "way cooler".
View resolvers.txt
1.1.1.1
8.8.8.8
64.6.64.6
74.82.42.42
1.0.0.1
8.8.4.4
64.6.65.6
77.88.8.1
@nullenc0de
nullenc0de / breach.sh
Created Jan 27, 2021
Script will look up company assets and search them on greynoise.
View breach.sh
cat cust.txt |assetfinder -subs-only | filter-resolved -c 100 | while read resolved; do host -t A "$resolved" | awk '{print $NF}' | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; done |sort -u |while read ip; do greynoise quick $ip ; done |grep -v "NOT" |cut -d ' ' -f1 |greynoise ip |sed -e '/malicious/,/rDNS/!d'
View interesting_dirsearch.txt
uploads/affwp-debug.log
certs/server.key
server.key
.CSV
.PDF
.README.md.bud
.action
.actionScriptProperties
.angular-cli.json
.apport-ignore.xml