| <a[1]href[2]=[3]"[4]java[5]script:[6]alert(1)"> | |
| [1] | |
| Bytes: | |
| \x09 \x0a \x0c \x0d \x20 \x2f | |
| <a/href="javascript:alert(1)"> | |
| <a\x09href="javascript:alert(1)"> | |
| [2,3] |
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
WAPT-https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf
Authenication-https://github.com/HolyBugx/HolyTips/blob/main/Checklist/Authentication.pdf
Oauth Misconfiguration-https://binarybrotherhood.io/oauth2_threat_model.html
File Upload-https://github.com/HolyBugx/HolyTips/blob/main/Checklist/File%20Upload.pdf
| #!/usr/bin/env python3 | |
| ''' | |
| Determine if this python is part of an executable or a standalone script and then delete the file accordingly. | |
| If the script has been bundled into an executable using pyinstaller (such as pyinstaller --onefile <fname>.py) then the realpath of __file__ will be incorrect, thus the use of sys.executable. | |
| Example of just relying on __file__: | |
| $ pyinstaller --onefile test.py | |
| [...] | |
| $ ls dist/ |
| Document infos: | |
| - Author = Peter Kim | |
| - CreationDate = D:20180505020009+00'00' | |
| - Creator = calibre 2.69.0 [https://calibre-ebook.com] | |
| - Pages = 308 | |
| - Producer = calibre 2.69.0 [https://calibre-ebook.com] | |
| - Title = The Hacker Playbook 3: Practical Guide To Penetration Testing | |
| - dc = {'publisher': ['Secure Planet'], 'description': {'x-default': None}, 'language': ['en'], 'creator': ['Peter Kim'], 'title': {'x-default': 'The Hacker Playbook 3: Practical Guide To Penetration Testing'}, 'date': ['2018-05-01T00:00:00+02:00'], 'subject': []} | |
| - http://calibre-ebook.com/xmp-namespace = {'timestamp': '2018-05-03T18:05:43.134685+02:00', 'author_sort': 'Kim, Peter'} | |
| - xap = {'Identifier': ['\n '], 'MetadataDate': '2018-05-05T04:00:09.811485+02:00'} |
| title: Suspicious Keyboard Layout Load | |
| description: Detects the keyboard preload installation with a suspicious keyboard layout, e.g. Chinese, Iranian or Vietnamese layout load in user session on systems maintained by US staff only | |
| references: | |
| - https://renenyffenegger.ch/notes/Windows/registry/tree/HKEY_CURRENT_USER/Keyboard-Layout/Preload/index | |
| author: Florian Roth | |
| date: 2019/10/12 | |
| logsource: | |
| product: windows | |
| service: sysmon | |
| definition: 'Requirements: Sysmon config that monitors \Keyboard Layout\Preload subkey of the HKLU hives - see https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files' |
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.
| // Launch WinAFL with current function as hook location | |
| //@author richinseattle | |
| //@category _NEW_ | |
| //@keybinding | |
| //@menupath | |
| //@toolbar | |
| // Usage: | |
| // Install DynamoRIO and WinAFL | |
| // Add LaunchWinAFL to Ghidra scripts |
An open redirect was almost everything I needed in two different bug bounty programs to get access to user accounts. In one of the cases a JWT was leaked, and in the other the CSRF token was leaked. The issue was mostly the same in both cases: not validating, or URI encoding, user input in the client-side, and sending sensitive information to my server using an open redirect.
x-csrf-token set to the CSRF token for the session of the user
GET /verify/VALUE HTTP/1.1
Host: example.com
| / | |
| $$$lang-translate.service.js.aspx | |
| $367-Million-Merger-Blocked.html | |
| $defaultnav | |
| ${idfwbonavigation}.xml | |
| $_news.php | |
| $search2 | |
| £º | |
| .0 |