Skip to content

Instantly share code, notes, and snippets.

View sumgr0's full-sized avatar

sumgr0 sumgr0

59 followers · 35 following
View GitHub Profile
@sumgr0
sumgr0 / gist:bb664ddfa7f492acb79676f93818860a
Created May 29, 2020 19:29
#cloud-config
packages:
- nginx
writehomepage:
- &write_homepage |
cat > /var/www/html/index.html <<EOF
<html>
<header><title>Welcome!</title></header>
@sumgr0
sumgr0 / nginx_setup.sh
Last active May 28, 2020 20:02
#!/bin/bash
domain=$1
root="/var/www/$domain/html"
block="/etc/nginx/sites-available/$domain"
# Create the Document Root directory
sudo mkdir -p $root
#Create index.html & POC file
@sumgr0
sumgr0 / wordlist.txt
Created May 19, 2020 12:59 — forked from random-robbie/wordlist.txt
bruteforce wordlist for bug bountys
This file has been truncated, but you can view the full file.
20-ev-allgemein
20-years
200
2000
20000719
2001
2001cc
2002
2003
2004
@sumgr0
sumgr0 / ssrf.sh
Created May 9, 2020 15:08 — forked from hussein98d/ssrf.sh
This script takes a domain name and a callback server, parses links , appends SSRF parameters and fire the requests.
echo "Blind SSRF testing - append to parameters and add new parameters @hussein98d"
echo "Usage: bash script.sh domain.com http://server-callbak"
echo "This script uses https://github.com/ffuf/ffuf, https://github.com/lc/gau, https://github.com/tomnomnom/waybackurls"
if [ -z "$1" ]; then
echo >&2 "ERROR: Domain not set"
exit 2
fi
if [ -z "$2" ]; then
echo >&2 "ERROR: Sever link not set"
exit 2
@sumgr0
sumgr0 / github_dorks.txt
Last active January 11, 2020 19:08
password
https://github.com/search?q=%22<url>%22+password&type=Code
https://github.com/search?q=%22%22+password&type=Code
npmrc _auth
https://github.com/search?q=%22<url>%22+npmrc%20_auth&type=Code
https://github.com/search?q=%22%22+npmrc%20_auth&type=Code
dockercfg
https://github.com/search?q=%22<url>%22+dockercfg&type=Code
@sumgr0
sumgr0 / gist:e7eb83bac6f54d89e809dbf972cd10f4
Created January 7, 2020 04:04 — forked from the-xentropy/gist:05ab1c5efd7ae7651b14e0fb85c6312c
Use wfuzz or ffuf to enumerate s3
Ffuf (faster):
ffuf -u "https://s3.REGION.amazonaws.com/COMPANYDELIMITERENVIRONMENT" -w "aws-regions.txt:REGION" -w "company.txt:COMPANY" -w "delimiters.txt:DELIMITER" -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt:ENVIRONMENT" -mc 200 -v
Wfuzz:
wfuzz -u "https://s3.FUZZ.amazonaws.com/FUZ2ZFUZ3ZFUZ4Z" -w aws-regions.txt -w company.txt -w delimiters.txt -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt" --sc 200 -v -t 50
The files:
@sumgr0
sumgr0 / foxyproxy.json
Created November 4, 2019 08:17 — forked from liamosaur/foxyproxy.json
{
"mode": "patterns",
"proxySettings": [
{
"address": "127.0.0.1",
"port": 8080,
"username": "",
"password": "",
"type": 1,
"title": "127.0.0.1:8080",
@sumgr0
sumgr0 / paths.txt
Last active October 18, 2019 14:19
paths.txt
/apidocs
/phpinfo.php
/test.php
/test1.php
/test2.php
/_index.php
/__index.php
/index.php~
/index.php-bak
/index-bak
@sumgr0
sumgr0 / hostsbyasnname.py
Created October 18, 2019 09:23 — forked from ziot/hostsbyasnname.py
Get hosts by ASN->CIDR->Hosts via company name
import requests, json
from requests.packages.urllib3.exceptions import InsecureRequestWarning, InsecurePlatformWarning, SNIMissingWarning
from bs4 import BeautifulSoup
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
requests.packages.urllib3.disable_warnings(InsecurePlatformWarning)
requests.packages.urllib3.disable_warnings(SNIMissingWarning)
# another source of cidrs by asn
def getIPCidrs(asn):
@sumgr0
sumgr0 / altname.txt
Created October 10, 2019 13:30
%25
%25admin%25
%25api%25
%25backend%25
%25beta%25
%25console%25
%25dev%25
%25internal%25
%25mobile%25
%25portal%25