Skip to content

Instantly share code, notes, and snippets.

View snoopysecurity's full-sized avatar

Sam Sanoop snoopysecurity

437 followers · 40 following
View GitHub Profile
@snoopysecurity
snoopysecurity / Building_v8_Windows.md
Created February 13, 2023 17:25 — forked from jhalon/Building_v8_Windows.md
@snoopysecurity
snoopysecurity / wordpress.md
Created February 1, 2023 22:47 — forked from cure53/wordpress.md
WordPress Flash XSS in flashmediaelement.swf
@snoopysecurity
snoopysecurity / big_query_examples.md
Created September 19, 2022 13:00 — forked from arfon/big_query_examples.md
BigQuery Examples for blog post

How many times shouldn't it happen...

-- https://news.ycombinator.com/item?id=11396045

SELECT count(*)
FROM (SELECT id, repo_name, path
        FROM [bigquery-public-data:github_repos.sample_files]
 ) AS F
@snoopysecurity
snoopysecurity / README.md
Created April 26, 2022 12:29 — forked from paolocarrasco/README.md
How to understand the `gpg failed to sign the data` problem in git

Problem

You have installed GPG, then tried to commit and suddenly you see this error message after it:

error: gpg failed to sign the data
fatal: failed to write commit object

Debug

@snoopysecurity
snoopysecurity / phpdangerousfuncs.md
Created January 5, 2021 23:26 — forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@snoopysecurity
snoopysecurity / README.md
Created December 26, 2020 22:40 — forked from FrankSpierings/README.md
Linux Container Escapes and Hardening
@snoopysecurity
snoopysecurity / 3_years_of_attacking_javascript_engines.txt
Created December 14, 2020 21:11 — forked from saelo/3_years_of_attacking_javascript_engines.txt
3 Years of Attacking JavaScript Engines
|=-----------------------------------------------------------------------=|
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=|
|=-----------------------------------------------------------------------=|
|=------------------------------=[ saelo ]=------------------------------=|
|=-----------------------------------------------------------------------=|
The following are some brief notes about the changes that have taken place
since the release of the "Attacking JavaScript Engines" paper [1]. In
general, no big conceptional changes have happened since. Mitigations have
been added to break some of the presented techniques and, as expected, a
@snoopysecurity
snoopysecurity / paths_h1.txt
Created November 14, 2020 23:03 — forked from caioluders/paths_h1.txt
Set-Cookie=test=test
"--><svg
"><script>prompt("exr")<
$
$1
$a
$account_id
$code
@snoopysecurity
snoopysecurity / parameters_h1.txt
Created November 14, 2020 23:03 — forked from caioluders/parameters_h1.txt
-
.
..
...
....
.AMRU
.json
.onion
.txt
0
@snoopysecurity
snoopysecurity / subdomains_h1.txt
Created November 14, 2020 23:03 — forked from caioluders/subdomains_h1.txt
$$
$Any$
$shop$
$your-shop$
%20%44omain%20%3d
%2f%2f%2fbing
%60x
%domain%
%user%
%your_domain%