philipsinnott
/ SteamHoursPlayedLast2Weeks.py
Created
January 20, 2024 12:50
Enter a users Steam ID and see how many hours they've played games for the past 2 weeks.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| # Steam ID example: 76561198833313974 | |
| api_key = "<REDACTED>" | |
| print("Enter Steam ID:") | |
| user_steamid = input() | |
| user_data = requests.get(f"http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key={api_key}&steamids={user_steamid}").json()["response"]["players"][0] | |
| user_data_name = user_data["personaname"] |
philipsinnott
/ insertion-point-adder.sh
Created
January 20, 2024 12:55
Adds insertion points to all values of variables, and saves the output to a new file. Useful when you're dealing with big requests that have a lot of variables and wish to perform some type of automated scanning on them in Burp Suite.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Example usage # | |
| ################# | |
| # sample_req.txt == "var1=test&var2=test&var3=test&var4=test" | |
| # chmod +x ./insertion-point-adder.sh | |
| # ./insertion-point-adder.sh sample_req.txt --> "var1=§test§&var2=§test§&var3=§test§&var4=§test§" | |
| if [ "$#" -ne 1 ]; then | |
| echo "Usage: $0 <input_file>" | |
| exit 1 |
philipsinnott
/ gist:ab02988c9ec670eae543e8c33320af03
Last active
April 15, 2024 02:05
Fuzz for IDOR by bypassing/terminating regex/logic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %00 | |
| %01 | |
| %02 | |
| %03 | |
| %04 | |
| %05 | |
| %06 | |
| %07 | |
| %08 | |
| %09 |
philipsinnott
/ capitalizer.py
Created
February 7, 2024 13:26
Capitalize the first letter of a list of words
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| def display_help(): | |
| print("USAGE: python ~/tools/capitalizer.py input.txt output.txt\n") | |
| print("ARGS:") | |
| print(" [input_file] --> Input file containing a list of words") | |
| print(" [output_file] --> Output file to write the capitalized words") | |
| # Display help if --help flag is provided or if number of arguments is less than 2 | |
| if "--help" in sys.argv or len(sys.argv) < 3: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <script>alert(24)</script> | |
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ~/tools/endpointz.py urls.txt | tee endpoints.txt | |
| import sys | |
| from urllib.parse import urlparse | |
| def extract_endpoints(urls): | |
| endpoints = set() | |
| for url in urls: | |
| parsed_url = urlparse(url) | |
| path = parsed_url.path.strip() | |
| if path: |
philipsinnott
/ r.php
Created
March 20, 2024 20:55
Redirect to arbitrary URLs via user-supplied input
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $url = $_GET['u']; | |
| header("Location: $url"); | |
| ?> |