ruevaughn

GraphQL introspection query via curl

cat introspection_query.json

{ 
  "query": "query IntrospectionQuery {
      __schema {
        queryType { name }
        mutationType { name }

ruevaughn

FROM golang:1.11-alpine as builder
WORKDIR /myapp

COPY go.mod . 
COPY go.sum .

RUN apk add --no-cache ca-certificates git

# Get dependancies - will also be cached if we won't change mod/sum
RUN go mod download

ruevaughn

While building a React Chrome extension using the create-react-app utility (v2.x), I came across the following error on loading my unpacked extension:

Refused to execute inline script because it violates the following Content Security Policy directive: “script-src ‘self’
blob: filesystem: chrome-extension-resource:”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-
GgRxrVOKNdB4LrRsVPDSbzvfdV4UqglmviH9GoBJ5jk=’), or a nonce (‘nonce-…’) is required to enable inline execution.

Basically, this error arises as Chrome (or almost any modern browser) will not allow inline scripts to get executed. This CSP restriction resulted in the above error as the build script in create-react-app bundles the .js files in <script> tags in the <body> of index.html.

ruevaughn

‎‎​

ruevaughn

Here’s a quick tip to find forgotten database dumps using this small but quick fuzz list:
/back.sql
/backup.sql
/accounts.sql
/backups.sql
/clients.sql
/customers.sql
/data.sql
/database.sql
/database.sqlite

ruevaughn

Redirect dorks

/{payload}
?next={payload}
?url={payload}
?target={payload}
?rurl={payload}
?dest={payload}
?destination={payload}
?redir={payload}

ruevaughn

Recommended extentions for BurpSuite  
JSON Beautifier 
Param Miner 
HTTP Request Smuggler 
Backslash Powered Scanner 
Reflected Parameters 
Software Vulnerability Scanner 
Java Deserialization Scanner 
. Net Beautifier 
Copy As Python-Request 

ruevaughn

Free stuff is always exciting. But, what if it is free and awesome? Free tools and resources you’re gonna love.
Let's start!

1. UI Garage

Daily UI inspiration & patterns for designers, developers to find inspiration, tools and the best resources for your project.

Link: https://uigarage.net/
2. Remove bg

ruevaughn

Free stuff is always exciting. But, what if it is free and awesome? Free tools and resources you're gonna love. Part 2.
Let's start!
1. Caniuse.com

"Can I use" provides up-to-date browser support tables for support of front-end web technologies on desktop and mobile web browsers.

Link: https://caniuse.com/
2. Javascript.info

Modern JavaScript Tutorial: simple, but detailed explanations with examples and tasks, including: closures, document and events, object oriented programming and more.

ruevaughn

❌❌ :RECON CHECKLIST:❌❌

1.  Subdomain Enumeration: subfinder-amass-altdns-sublister-assetfinder-findomain
2.Resolving Subdomains: HTTPX/HTTPROBE
3. Screenshotting: HTTPX/AQUATONE/EYEWITNESS/GOWITNESS
4. Port Scan: Nmap/Zenmap/Aquatone/Amass
5. Directory Bruteforce: FFUF/Dirsearch/Dirbuster
6. Crawling: waybackurls/gau
7. Finding endpoints from JS: relative-url-extracter
8. Manual Recon: Burp Suite