h4x0r-dz

(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k

cihanmehmet

🚨BIGIP CVE-2020-5902 Exploit POC 🔥🧱🔨👀

---

Shodan Seaarch

title:"Big-IP®" org:"Organization Name"
http.title:"BIG-IP®- Redirect" org:"Organization Name"
http.favicon.hash:-335242539 "3992" org:"Organization Name"

---

🔸LFI

fnmsd

package aa;
//Author:fnmsd
//Blog:https://blog.csdn.net/fnmsd
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Field;
import java.util.HashSet;
import java.util.Scanner;

muink

shadowsocks作者说的很对的一句话与感想

个人感想:

• 中国人很投机, 包括本人在部分情况下也是投机者. 总想不劳而获, 抄袭他人劳动成果. 想想我们学生时代的抄袭作弊之风盛行便可知... (然而为什么会这样)
• "土皇帝"情节, 因自己在某方面上比别人强, 听听粉丝的追捧, 就觉得自己不可一世, 比别人优越, 殊不知人外有人山外有山, 而且自己在其他方面也有不如他人的地方. (然而为什么会这样)
• 家长情节 总想要一个"家长"来管理一切, 把应该由自己解决的问题抛给别人"包办解决", 图一时之便. 久而久之结果就是并不了解你一切的"家长""包办解决"你的一切, 而你却失去了基本的思考解决问题能力, 看不到目标, 找不到方法, 只好任由"家长"摆布. 这种"爱"是现实的囚笼. (然而为什么会这样)

原文内容:

muink

翻墙 | 懒人在思考：我是如何优雅且靠谱地翻墙

曲径这个优秀的“翻墙”解决方案向大家说再见了，官方声明如下：

向曲径说再见
曲径从诞生至今，为科技工作者和在校师生，在获取商业信息和学术研究等方面提供了很大的方便和技术支持。在曲径运作中，个别问题还处于法律空白，有些问题还存在争议。
为了维护国家互联网法律和政策，保证互联网用户获取信息内容和渠道的安全性，国家要求互联网用户从正规渠道获取信息。基于该原因，曲径自觉遵守国家的法律、法规和政策，已在2015年7月28日，自愿将名下所有互联网服务关停，并不再提供类似的服务。曲径开发者将从事其它领域的工作。
给各位所造成的不便和麻烦深表歉意。在未来几天，将给涉及到费用的用户发送邮件，处理退费事宜。请留意邮件和这里的消息。
如果还有问题，请发邮件至[email protected]。
曲径

calzoneman

Iodine Setup

Table of Contents

• Installation
• Domain Setup
• Running the Server
• Connecting the Client
• Routing: Server

worawit

#!/usr/bin/python
"""
PoC for Samba vulnerabilty (CVE-2015-0240) by sleepya
This PoC does only triggering the bug

Reference:
- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/

#################
Exploitability against CentOS/Ubuntu binaries

steve-jansen

This script enables you stop and start Symantec Endpoint Protection on OS X

Installation

sudo curl https://gist.githubusercontent.com/steve-jansen/61a189b6ab961a517f68/raw/sep -o /usr/local/bin/sep
sudo chmod 755 /usr/local/bin/sep
sudo chown root:staff /usr/local/bin/sep

nukeador

This guide provides detailed steps for setting up DNS records, configuring a DNS tunneling server and client, and setting up a browser for secure proxy connections.

Why iodine?

• Bypassing Network Restrictions: iodine excels in environments with strict network restrictions. It utilizes DNS queries, which are typically allowed through firewalls, to tunnel data where traditional methods like VPNs might be blocked.
• Efficient for Limited Bandwidth: Ideal for situations with bandwidth limitations, iodine requires less bandwidth compared to standard VPNs, making it a practical choice for networks with restricted data flow.
• Customizability and Open Source: As an open-source tool, iodine offers extensive customization options. Users with specific technical needs or those interested in a hands-on approach to network tunneling can tailor iodine to their requirements.

Prerequisites

jhass

#!/bin/bash

# Parameters
socket="/run/foo.sock"
dump="/tmp/capture.pcap"

# Extract repetition
port=9876
source_socket="$(dirname "${socket}")/$(basename "${socket}").orig"