Skip to content

Instantly share code, notes, and snippets.


Robbie random-robbie

Block or report user

Report or block random-robbie

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
marzavec / run.js
Created Aug 8, 2019
Browser-based subdomain bruteforcing using DNS over HTTP(s) (DoH)
View run.js
Developer: Marzavec ( )
Description: A simple browser-based subdomain bruteforcing script, using DoH providers. Developed as a 5 minute hack, just to see it's preformance. Many improvements could be made, such as adding error handling or informing the user when the script is done.
Usage: Open the browsers dev console (usually F12), paste this script, change the `rootTld`, press enter to run. Ezpz.
const rootTld = ''; // change to your target's root tld
// url to newline seperated wordlist
const wordlistUrl = '';
# If you find a site with /_wpeprivate/config.json file exposed, run this and get all kinds of fun goodies.
# If it "no worked" (Technical Term) then you probably need to install jq!
TARGETDOMAIN=$(echo $TARGET | cut -d/ -f3)
# Pretty Colors
carnal0wnage /
Last active Oct 1, 2019
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
# gcloud auth activate-service-account --key-file=85.json
# gcloud projects list
echo "gcloud auth list"
gcloud auth list
echo -e "$space"
# Exploit Title: LibreNMS v1.46 authenticated Remote Code Execution
# Date: 24/12/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-20434
# Vendor Homepage:
# Version: v1.46
# Tested on: Ubuntu 18.04 / PHP 7.2.10
fransr /
Last active Jan 11, 2020
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
# Written by Frans Rosén (
_debug="$2" #turn on debug
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
g0tmi1k /
Last active Dec 9, 2019
drupalgeddon2 / SA-CORE-2018-002 / CVE-2018-7600 cURL (PoC)
AlbinoDrought /
Created Apr 12, 2018
Drupal CVE-2018-7600 PoC - reverse netcat shell ;)
# Start up a netcat server
# netcat -l 6969
View CVE-2018-1273.http
POST /users HTTP/1.1
Host: localhost:8080
Content-Type: application/x-www-form-urlencoded
Content-Length: 164
jhaddix / cloud_metadata.txt
Last active Jan 17, 2020 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
oldo /
Last active Oct 16, 2019
A python function utilising `ffprobe` to find any metadata related to a video file. Examples of what it can find include bitrate, fps, codec details, duration and many more. This gist returns the video height and width as an example.
import subprocess
import shlex
import json
# function to find the resolution of the input video file
def findVideoMetada(pathToInputVideo):
cmd = "ffprobe -v quiet -print_format json -show_streams"
args = shlex.split(cmd)
You can’t perform that action at this time.