nullenc0de
nullenc0de
/ interesting_dirsearch.txt
Last active
October 22, 2023 11:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| uploads/affwp-debug.log | |
| certs/server.key | |
| server.key | |
| .CSV | |
| .README.md.bud | |
| .action | |
| .actionScriptProperties | |
| .angular-cli.json | |
| .apport-ignore.xml |
nullenc0de
/ breach.sh
Created
January 27, 2021 15:06
Script will look up company assets and search them on greynoise.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat cust.txt |assetfinder -subs-only | filter-resolved -c 100 | while read resolved; do host -t A "$resolved" | awk '{print $NF}' | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; done |sort -u |while read ip; do greynoise quick $ip ; done |grep -v "NOT" |cut -d ' ' -f1 |greynoise ip |sed -e '/malicious/,/rDNS/!d' |
nullenc0de
/ resolvers.txt
Created
June 26, 2021 02:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1.1.1.1 | |
| 8.8.8.8 | |
| 64.6.64.6 | |
| 74.82.42.42 | |
| 1.0.0.1 | |
| 8.8.4.4 | |
| 64.6.65.6 | |
| 77.88.8.1 |
nullenc0de
/ whey-cewler.py
Created
June 29, 2021 18:16
— forked from lanmaster53/whey-cewler.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written | |
| in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer | |
| runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It | |
| does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in | |
| convenience. | |
| The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written | |
| in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python, | |
| making it "way cooler". |
nullenc0de
/ apk-recon.yaml
Created
July 30, 2021 14:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: apk-recon | |
| info: | |
| name: APK Recon | |
| author: nullenc0de | |
| severity: info | |
| tags: android,file | |
| file: | |
| - extensions: |
nullenc0de
/ api-linkfinder.yaml
Created
August 7, 2021 11:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: api-linkfinder | |
| info: | |
| name: API Recon | |
| author: nullenc0de | |
| severity: info | |
| tags: file | |
| requests: | |
| - method: GET |
nullenc0de
/ api-linkfinder.sh
Created
August 7, 2021 11:17
Exports links and params from API documentation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://gist.githubusercontent.com/nullenc0de/bb16be959686295b3b1caff519cc3e05/raw/2016dc0e692821ec045edd5ae5c0aba5ec9ec3f1/api-linkfinder.yaml | |
| echo https://stripe.com/docs/api | hakrawler -t 500 -d 10 |nuclei -t ./linkfinder.yaml -o api.txt | |
| cat api.txt |grep url_params |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_params.txt | |
| cat api.txt |grep relative_links |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_link_finder.txt |
nullenc0de
/ apk_params.txt
Last active
March 23, 2022 20:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MD | |
| TermUrl | |
| a | |
| adjust_campaign | |
| alternatives | |
| amount | |
| app | |
| app_id | |
| appname | |
| avoid |
nullenc0de
/ apk_relative_links.txt
Created
August 13, 2021 00:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ../wiki/ImageDatabaseSummary.md | |
| ./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz | |
| /.. | |
| /... | |
| /../ | |
| /.DS_Store | |
| /.codepushrelease | |
| /0-. | |
| /10000000 | |
| /3- |
nullenc0de
/ resolve.sh
Last active
January 2, 2022 21:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bbrf domains --view unresolved | \ | |
| dnsx -silent -a -resp | tr -d '[]' | tee \ | |
| >(awk '{print $1":"$2}' | bbrf domain update - -s dnsx) \ | |
| >(awk '{print $1":"$2}' | bbrf domain add - -s dnsx) \ | |
| >(awk '{print $2":"$1}' | bbrf ip add - -s dnsx) \ | |
| >(awk '{print $2":"$1}' | bbrf ip update - -s dnsx) |