Skip to content

Instantly share code, notes, and snippets.

View s0md3v's full-sized avatar

Somdev Sangwan s0md3v

View GitHub Profile
import random
import string
import requests
import argparse
import threading
parser = argparse.ArgumentParser()
parser.add_argument('-t', '--threads', help='number of threads', dest='threads', type=int)
parser.add_argument('-r', '--referer', help='referer to use', dest='referer')
args = parser.parse_args()
@s0md3v
s0md3v / redos.py
Last active April 21, 2019 10:59
Scan a directory for exploitable regular expressions
#!/usr/bin/env python3
import os, re, sys, glob, math, warnings
end = '\033[0m'
red = '\033[91m'
green = '\033[92m'
info = '\033[93m[!]\033[0m'
good = '\033[92m[+]\033[0m'
line = red + ('-' * 100) + end
@s0md3v
s0md3v / portscanner.py
Created July 5, 2019 13:57
Striker's 1 second portscanning module
import sys
import socket
import concurrent.futures
from contextlib import closing
ports = [1,3,4,6,7,9,13,17,19,20,21,22,23,24,25,26,30,32,33,37,42,43,49,53,70,79,80,81,82,
83,84,85,88,89,90,99,100,106,109,110,111,113,119,125,135,139,143,144,146,161,163,179,199,
211,212,222,254,255,256,259,264,280,301,306,311,340,366,389,406,407,416,417,425,427,443,
444,445,458,464,465,481,497,500,512,513,514,515,524,541,543,544,545,548,554,555,563,587,
593,616,617,625,631,636,646,648,666,667,668,683,687,691,700,705,711,714,720,722,726,749,
@s0md3v
s0md3v / cli.py
Created August 2, 2019 17:17
multi-threaded goop
import sys
import json
import concurrent.futures
from goop import goop
green = '\033[92m'
white = '\033[97m'
yellow = '\033[93m'
end = '\033[0m'
@s0md3v
s0md3v / nvd-dump.sql
Created January 7, 2020 11:51
Dump vuln CPEs from NVD
WITH
deep AS(
WITH
nested AS(
SELECT
configurations.nodes AS arr
FROM
`red-team-project.bq_nvd.nvd`
WHERE
EXISTS (
AABH
AADA
AADE
AADH
AADI
AADR
AAFT
AAGA
AAGN
AAHI
@s0md3v
s0md3v / concurrency.go
Last active October 15, 2020 08:52
concurrency in golang
package main
import (
"sync"
"net/http"
)
func example_function(){
// function to be run concurrently
}
@s0md3v
s0md3v / events
Created December 16, 2020 10:10
event handlers
bruh
onabort
onactivate
onafterprint
onafterscriptexecute
onafterupdate
onanimationend
onanimationiteration
onanimationstart
onariarequest
@s0md3v
s0md3v / waffer.py
Created December 16, 2020 10:12
enumerates working event handlers
import requests
with open("events", "r") as events:
for event in events:
event = event.rstrip("\n")
print(requests.get("http://game1.aliyundemo.com/demo/xss.php?name=<x/%s=" % event).status_code, event)
@s0md3v
s0md3v / cod.py
Created March 10, 2021 18:52
poc for cod mobile gunsmith helper
# Author: Somdev Sangwan (@s0md3v)
#
# GPL v3 License
# Copyright 2021 Somdev Sangwan
import itertools
attachments = {
'tactical suppressor': {
'type': 'muzzle',