Skip to content

Instantly share code, notes, and snippets.


Thomas Patzke thomaspatzke

  • Code published here is private and not affiliated with my employer.
  • Germany
View GitHub Profile
ImJasonH / markdown.css
Last active Oct 19, 2020
Render Markdown as unrendered Markdown (see
View markdown.css
* {
font-size: 12pt;
font-family: monospace;
font-weight: normal;
font-style: normal;
text-decoration: none;
color: black;
cursor: default;
mwielgoszewski /
Last active Jun 3, 2020
This extension registers an IHttpListener configured to execute a custom script editable via the Script tab added to Burp. The script is executed in the context with the following global and local variables (extender, callbacks, helpers, toolFlag, messageIsRequest, messageInfo).
from java.awt import Font
from javax.swing import JScrollPane, JTextPane
from javax.swing.text import SimpleAttributeSet
from burp import IBurpExtender, IExtensionStateListener, IHttpListener, ITab
import base64
import traceback
willurd /
Last active Dec 4, 2020
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000
0xabad1dea / phppasswordfunctions.txt
Last active Dec 14, 2015
List of PHP functions that take password or key arguments
View phppasswordfunctions.txt
Here is a huge list of functions listed in the PHP manual which take an argument
which contains sensitive data, either directly or as an array element. Use it to
"audit" for statically embedded passwords in "your" codebase. Some of these are
very obscure/deprecated/whatever. The ones with "construct" in the name are
classes called in source like new foo("password");...
You can’t perform that action at this time.