Daniel Pryor pryorda

## github_bugbountyhunting.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                pryorda
                / github_bugbountyhunting.md
            
            
              Created
              August 7, 2019 05:46
                — forked from EdOverflow/github_bugbountyhunting.md
            
              
                My tips for finding security issues in GitHub projects.
              
          
    GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output

  
## s3.sh
# You don't need Fog in Ruby or some other library to upload to S3 -- shell works perfectly fine
# This is how I upload my new Sol Trader builds (http://soltrader.net)
# Based on a modified script from here: http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash

S3KEY="my aws key"
S3SECRET="my aws secret" # pass these in

function putS3
{
  path=$1

## VDI-shrink-trim.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                pryorda
                / VDI-shrink-trim.md
            
            
              Created
              April 21, 2018 01:20
                — forked from stoneage7/VDI-shrink-trim.md
            
              
                Automatically shrinking VDI images under VirtualBox
              
          
    Motivation

The purpose of this gist is to set up a virtual machine in such a way that the on-disk image in the host machine automatically grows and shrinks as needed by the guest machine. This utilizes the (still undocumented) "--discard" and "--nonrotational" parameters in "VBoxManage storageattach" which make the attached image appear as an SSD to the guest. Guest OS will then issue TRIM commands to the virtual controller where such an image is attached. VirtualBox is then able to capture the commands and punch holes in the attached VDIs.
Although there is some initial setup needed, I think the time saved with babysitting the VDIs is worth it. Usually you would need to zero out the free space with zerofree or sdelete and then run "VBoxManage --compact" on your images. With this setup you can allocate a large dynamic VDI (1TB or so) and it will keep itself at minimum size for easy syncing, backup, etc. You can also set it up in a template machine if you use one for clones etc.
Requirements


Linux


## VDI-shrink-trim.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                pryorda
                / VDI-shrink-trim.md
            
            
              Created
              April 21, 2018 01:20
                — forked from stoneage7/VDI-shrink-trim.md
            
              
                Automatically shrinking VDI images under VirtualBox
              
          
    Motivation

The purpose of this gist is to set up a virtual machine in such a way that the on-disk image in the host machine automatically grows and shrinks as needed by the guest machine. This utilizes the (still undocumented) "--discard" and "--nonrotational" parameters in "VBoxManage storageattach" which make the attached image appear as an SSD to the guest. Guest OS will then issue TRIM commands to the virtual controller where such an image is attached. VirtualBox is then able to capture the commands and punch holes in the attached VDIs.
Although there is some initial setup needed, I think the time saved with babysitting the VDIs is worth it. Usually you would need to zero out the free space with zerofree or sdelete and then run "VBoxManage --compact" on your images. With this setup you can allocate a large dynamic VDI (1TB or so) and it will keep itself at minimum size for easy syncing, backup, etc. You can also set it up in a template machine if you use one for clones etc.
Requirements


Linux


## Upgrade-Centos5-to-Centos6.sh
# Build the CentOS 6 release package for earlier RPM database
yum remove -y ius-release
yum install -y rpm-build
wget -c http://vault.centos.org/6.5/os/Source/SPackages/centos-release-6-5.el6.centos.11.1.src.rpm
rpm2cpio centos-release-6-5.el6.centos.11.1.src.rpm | cpio -idmv
mv centos-release*.tar.gz /usr/src/redhat/SOURCES
rpmbuild -bb centos-release.spec

# Install hash support (to unbreak yum)
yum install -y python-hashlib

## Upgrade-Centos5-to-Centos6.sh
# Build the CentOS 6 release package for earlier RPM database

yum install -y rpm-build
wget -c http://vault.centos.org/6.5/os/Source/SPackages/centos-release-6-5.el6.centos.11.1.src.rpm
rpm2cpio centos-release-6-5.el6.centos.11.1.src.rpm | cpio -idmv
mv centos-release*.tar.gz /usr/src/redhat/SOURCES
rpmbuild -bb centos-release.spec

# Install hash support (to unbreak yum)
yum install -y python-hashlib

## build-openssl.sh
#!/bin/bash

# Get latest OpenSSL 1.0.2 version from https://openssl.org/source/
# v1.1.0 seems to have removed SSLv2/3 support
openssl_version=1.0.2k

# Build OpenSSL
wget https://openssl.org/source/openssl-$openssl_version.tar.gz
tar -xvf openssl-$openssl_version.tar.gz
cd openssl-$openssl_version

## ssl_test.sh
#!/bin/bash
# Author: Jay Dansand, Technology Services, Lawrence University
# Date: 10/17/2014

# OpenSSL requires a port specification; default to 443.
SERVER="$1:443"
SERVER_HOST=$(echo "$SERVER" | cut -d ":" -f 1)
SERVER_PORT=$(echo "$SERVER" | cut -d ":" -f 2)
if [[ -z "$SERVER_HOST" || -z "$SERVER_PORT" ]]; then
  echo "Usage: $0 host[:port] [ciphers [delay in ms]]"

## SSLPoke.java
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/** Establish a SSL connection to a host and port, writes a byte and
 * prints the response. See
 * http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
 */
public class SSLPoke {
    public static void main(String[] args) {
	# You don't need Fog in Ruby or some other library to upload to S3 -- shell works perfectly fine
	# This is how I upload my new Sol Trader builds (http://soltrader.net)
	# Based on a modified script from here: http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash

	S3KEY="my aws key"
	S3SECRET="my aws secret" # pass these in

	function putS3
	{
	path=$1
	# Build the CentOS 6 release package for earlier RPM database
	yum remove -y ius-release
	yum install -y rpm-build
	wget -c http://vault.centos.org/6.5/os/Source/SPackages/centos-release-6-5.el6.centos.11.1.src.rpm
	rpm2cpio centos-release-6-5.el6.centos.11.1.src.rpm \| cpio -idmv
	mv centos-release*.tar.gz /usr/src/redhat/SOURCES
	rpmbuild -bb centos-release.spec

	# Install hash support (to unbreak yum)
	yum install -y python-hashlib
	#!/bin/bash

	# Get latest OpenSSL 1.0.2 version from https://openssl.org/source/
	# v1.1.0 seems to have removed SSLv2/3 support
	openssl_version=1.0.2k

	# Build OpenSSL
	wget https://openssl.org/source/openssl-$openssl_version.tar.gz
	tar -xvf openssl-$openssl_version.tar.gz
	cd openssl-$openssl_version
	#!/bin/bash
	# Author: Jay Dansand, Technology Services, Lawrence University
	# Date: 10/17/2014

	# OpenSSL requires a port specification; default to 443.
	SERVER="$1:443"
	SERVER_HOST=$(echo "$SERVER" \| cut -d ":" -f 1)
	SERVER_PORT=$(echo "$SERVER" \| cut -d ":" -f 2)
	if [[ -z "$SERVER_HOST" \|\| -z "$SERVER_PORT" ]]; then
	echo "Usage: $0 host[:port] [ciphers [delay in ms]]"
	import javax.net.ssl.SSLSocket;
	import javax.net.ssl.SSLSocketFactory;
	import java.io.*;

	/** Establish a SSL connection to a host and port, writes a byte and
	* prints the response. See
	* http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
	*/
	public class SSLPoke {
	public static void main(String[] args) {