Skip to content

Instantly share code, notes, and snippets.

View zenosxx's full-sized avatar

Navjeet zenosxx

View GitHub Profile
@zenosxx
zenosxx / project.py
Created July 30, 2019 03:21
import requests,re,os,schedule,time,subprocess
from bs4 import BeautifulSoup
from urllib.parse import urlparse
from sendgrid import SendGridAPIClient
from sendgrid.helpers.mail import Mail
url=str(input("Enter domain:\n"))
@zenosxx
zenosxx / project.py
Created July 30, 2019 03:21
import requests,re,os,schedule,time,subprocess
from bs4 import BeautifulSoup
from urllib.parse import urlparse
from sendgrid import SendGridAPIClient
from sendgrid.helpers.mail import Mail
url=str(input("Enter domain:\n"))
@zenosxx
zenosxx / get_ippsec_details.py
Created July 3, 2019 04:54 — forked from sminez/get_ippsec_details.py
Find examples of pen testing methods and tools in videos by Ippsec (as of 26th June 2019)
#!/usr/bin/env python3
"""
Script used to pull down the current video descriptions from ippsec's youtube channel.
The raw output still has a few HTML tags that need to be manually removed and there
also seem to be multiple duplicates of videos that have been removed in the output
saved as ippsec-details.txt
"""
import re
import sys
@zenosxx
zenosxx / subdomain.sh
Last active April 26, 2021 08:28
Subdomain recon
#!/bin/bash
echo "Recon $1"
domain=$1
path="~/Desktop/Asset-note/"
folder=recon-$(date +"%Y-%m-%d")
sub_path=$path/$domain/$folder/subdomain
filemon_path=$path/$domain/Filemonitor
@zenosxx
zenosxx / github_bugbountyhunting.md
Created September 3, 2018 02:21 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@zenosxx
zenosxx / 9anime.py
Last active August 25, 2018 16:09
9anime downloader
import requests
from bs4 import BeautifulSoup
#id extractor
url = input("Url: ")
data = requests.get(url)
html = BeautifulSoup(data.text,'html.parser')
data = [""]
@zenosxx
zenosxx / gist:4e88a8cdd54f0f7f717c4e59e6716c4a
Created December 16, 2017 13:47 — forked from JosephPecoraro/shell-execution.rb
Shell Execution in Ruby
# Ways to execute a shell script in Ruby
# Example Script - Joseph Pecoraro
cmd = "echo 'hi'" # Sample string that can be used
# 1. Kernel#` - commonly called backticks - `cmd`
# This is like many other languages, including bash, PHP, and Perl
# Returns the result of the shell command
# Docs: http://ruby-doc.org/core/classes/Kernel.html#M001111