├── .github ├── FUNDING.yml └── auto_assign.yml ├── .gitignore ├── LICENSE ├── README.md ├── credentials ├── README.md ├── admin-passwords-small.txt ├── admin-username-small.txt ├── passwords-small.txt └── ssh-usernames.txt ├── cronjob ├── README.md └── dns-update.sh ├── dns ├── nameservers.txt ├── trusted-resolvers-big.txt ├── trusted-resolvers-medium.txt └── trusted-resolvers-small.txt ├── dorks ├── github.md ├── google.md └── shodan.md ├── dotfiles ├── .bashrc ├── .golangci.yml ├── .golangci_v2.yml └── topgrade.toml ├── fuzzing └── chars │ ├── chars-big.txt │ └── chars-small.txt ├── nuclei-templates ├── .yamllint ├── CVEs │ ├── CVE-2017-5631.yaml │ ├── CVE-2018-18264.yaml │ ├── CVE-2018-5715.yaml │ ├── CVE-2019-20210.yaml │ ├── CVE-2021-24245.yaml │ ├── CVE-2021-27309.yaml │ ├── CVE-2021-3002.yaml │ ├── CVE-2021-37416.yaml │ ├── CVE-2021-45422.yaml │ ├── CVE-2022-0208.yaml │ ├── CVE-2022-0381.yaml │ ├── CVE-2022-29014.yaml │ ├── CVE-2022-29548.yaml │ ├── CVE-2022-31299.yaml │ ├── CVE-2022-34121.yaml │ └── CVE-2022-34328.yaml ├── check-gxss.yaml └── param-generic-ssrf.yaml ├── ports ├── common-ports-medium.txt └── common-ports-small.txt ├── regex ├── errors.md ├── info.md └── secrets.md ├── subdomains ├── permutations.txt └── subdomains-small.txt ├── web ├── extensions.txt ├── parameters.txt ├── python.txt ├── robots-txt.all ├── shells │ └── webshell.php ├── sqli │ ├── sqli-payloads-big.txt │ └── sqli-payloads-small.txt ├── svg │ ├── README.md │ ├── etc-hostname.svg │ ├── php-ls.svg │ ├── ssrf-css-include.svg │ ├── ssrf-css-stylesheet.svg │ ├── ssrf-css.svg │ ├── ssrf-iframe.svg │ ├── ssrf-image.svg │ ├── ssrf-use.svg │ ├── ssrf-xxe.svg │ ├── xss-alert-1.svg │ ├── xss-alert-2.svg │ ├── xss-alert-3.svg │ ├── xss-alert-4.svg │ └── xss-iframe.svg ├── wordpress.txt └── xml │ ├── README.md │ ├── xxe-aws-ssrf.xml │ ├── xxe-blind-ssrf-oob.xml │ ├── xxe-blind-ssrf.xml │ ├── xxe-etc-passwd-error.xml │ ├── xxe-etc-passwd.xml │ ├── xxe-file-etc-passwd.xml │ ├── xxe-java-ls.xml │ ├── xxe-php-etc-passwd.xml │ ├── xxe-php-rce.xml │ ├── xxe-php-win-hosts.xml │ ├── xxe-test.xml │ ├── xxe-win-hosts.xml │ └── xxe-xss.xml └── yara ├── README.md ├── WShell_PHP_in_images.yar └── github-repo-compromise-myjino.yar /.github/FUNDING.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/.github/FUNDING.yml -------------------------------------------------------------------------------- /.github/auto_assign.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/.github/auto_assign.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/README.md -------------------------------------------------------------------------------- /credentials/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/credentials/README.md -------------------------------------------------------------------------------- /credentials/admin-passwords-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/credentials/admin-passwords-small.txt -------------------------------------------------------------------------------- /credentials/admin-username-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/credentials/admin-username-small.txt -------------------------------------------------------------------------------- /credentials/passwords-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/credentials/passwords-small.txt -------------------------------------------------------------------------------- /credentials/ssh-usernames.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/credentials/ssh-usernames.txt -------------------------------------------------------------------------------- /cronjob/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/cronjob/README.md -------------------------------------------------------------------------------- /cronjob/dns-update.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/cronjob/dns-update.sh -------------------------------------------------------------------------------- /dns/nameservers.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dns/nameservers.txt -------------------------------------------------------------------------------- /dns/trusted-resolvers-big.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dns/trusted-resolvers-big.txt -------------------------------------------------------------------------------- /dns/trusted-resolvers-medium.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dns/trusted-resolvers-medium.txt -------------------------------------------------------------------------------- /dns/trusted-resolvers-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dns/trusted-resolvers-small.txt -------------------------------------------------------------------------------- /dorks/github.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dorks/github.md -------------------------------------------------------------------------------- /dorks/google.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dorks/google.md -------------------------------------------------------------------------------- /dorks/shodan.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dorks/shodan.md -------------------------------------------------------------------------------- /dotfiles/.bashrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dotfiles/.bashrc -------------------------------------------------------------------------------- /dotfiles/.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dotfiles/.golangci.yml -------------------------------------------------------------------------------- /dotfiles/.golangci_v2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dotfiles/.golangci_v2.yml -------------------------------------------------------------------------------- /dotfiles/topgrade.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/dotfiles/topgrade.toml -------------------------------------------------------------------------------- /fuzzing/chars/chars-big.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/fuzzing/chars/chars-big.txt -------------------------------------------------------------------------------- /fuzzing/chars/chars-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/fuzzing/chars/chars-small.txt -------------------------------------------------------------------------------- /nuclei-templates/.yamllint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/.yamllint -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2017-5631.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2017-5631.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2018-18264.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2018-18264.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2018-5715.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2018-5715.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2019-20210.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2019-20210.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2021-24245.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2021-24245.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2021-27309.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2021-27309.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2021-3002.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2021-3002.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2021-37416.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2021-37416.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2021-45422.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2021-45422.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-0208.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-0208.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-0381.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-0381.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-29014.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-29014.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-29548.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-29548.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-31299.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-31299.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-34121.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-34121.yaml -------------------------------------------------------------------------------- /nuclei-templates/CVEs/CVE-2022-34328.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/CVEs/CVE-2022-34328.yaml -------------------------------------------------------------------------------- /nuclei-templates/check-gxss.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/check-gxss.yaml -------------------------------------------------------------------------------- /nuclei-templates/param-generic-ssrf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/nuclei-templates/param-generic-ssrf.yaml -------------------------------------------------------------------------------- /ports/common-ports-medium.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/ports/common-ports-medium.txt -------------------------------------------------------------------------------- /ports/common-ports-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/ports/common-ports-small.txt -------------------------------------------------------------------------------- /regex/errors.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/regex/errors.md -------------------------------------------------------------------------------- /regex/info.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/regex/info.md -------------------------------------------------------------------------------- /regex/secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/regex/secrets.md -------------------------------------------------------------------------------- /subdomains/permutations.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/subdomains/permutations.txt -------------------------------------------------------------------------------- /subdomains/subdomains-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/subdomains/subdomains-small.txt -------------------------------------------------------------------------------- /web/extensions.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/extensions.txt -------------------------------------------------------------------------------- /web/parameters.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/parameters.txt -------------------------------------------------------------------------------- /web/python.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/python.txt -------------------------------------------------------------------------------- /web/robots-txt.all: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/robots-txt.all -------------------------------------------------------------------------------- /web/shells/webshell.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/shells/webshell.php -------------------------------------------------------------------------------- /web/sqli/sqli-payloads-big.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/sqli/sqli-payloads-big.txt -------------------------------------------------------------------------------- /web/sqli/sqli-payloads-small.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/sqli/sqli-payloads-small.txt -------------------------------------------------------------------------------- /web/svg/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/README.md -------------------------------------------------------------------------------- /web/svg/etc-hostname.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/etc-hostname.svg -------------------------------------------------------------------------------- /web/svg/php-ls.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/php-ls.svg -------------------------------------------------------------------------------- /web/svg/ssrf-css-include.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-css-include.svg -------------------------------------------------------------------------------- /web/svg/ssrf-css-stylesheet.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-css-stylesheet.svg -------------------------------------------------------------------------------- /web/svg/ssrf-css.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-css.svg -------------------------------------------------------------------------------- /web/svg/ssrf-iframe.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-iframe.svg -------------------------------------------------------------------------------- /web/svg/ssrf-image.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-image.svg -------------------------------------------------------------------------------- /web/svg/ssrf-use.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-use.svg -------------------------------------------------------------------------------- /web/svg/ssrf-xxe.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/ssrf-xxe.svg -------------------------------------------------------------------------------- /web/svg/xss-alert-1.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/xss-alert-1.svg -------------------------------------------------------------------------------- /web/svg/xss-alert-2.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/xss-alert-2.svg -------------------------------------------------------------------------------- /web/svg/xss-alert-3.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/xss-alert-3.svg -------------------------------------------------------------------------------- /web/svg/xss-alert-4.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/xss-alert-4.svg -------------------------------------------------------------------------------- /web/svg/xss-iframe.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/svg/xss-iframe.svg -------------------------------------------------------------------------------- /web/wordpress.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/wordpress.txt -------------------------------------------------------------------------------- /web/xml/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/README.md -------------------------------------------------------------------------------- /web/xml/xxe-aws-ssrf.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-aws-ssrf.xml -------------------------------------------------------------------------------- /web/xml/xxe-blind-ssrf-oob.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-blind-ssrf-oob.xml -------------------------------------------------------------------------------- /web/xml/xxe-blind-ssrf.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-blind-ssrf.xml -------------------------------------------------------------------------------- /web/xml/xxe-etc-passwd-error.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-etc-passwd-error.xml -------------------------------------------------------------------------------- /web/xml/xxe-etc-passwd.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-etc-passwd.xml -------------------------------------------------------------------------------- /web/xml/xxe-file-etc-passwd.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-file-etc-passwd.xml -------------------------------------------------------------------------------- /web/xml/xxe-java-ls.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-java-ls.xml -------------------------------------------------------------------------------- /web/xml/xxe-php-etc-passwd.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-php-etc-passwd.xml -------------------------------------------------------------------------------- /web/xml/xxe-php-rce.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-php-rce.xml -------------------------------------------------------------------------------- /web/xml/xxe-php-win-hosts.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-php-win-hosts.xml -------------------------------------------------------------------------------- /web/xml/xxe-test.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-test.xml -------------------------------------------------------------------------------- /web/xml/xxe-win-hosts.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-win-hosts.xml -------------------------------------------------------------------------------- /web/xml/xxe-xss.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/web/xml/xxe-xss.xml -------------------------------------------------------------------------------- /yara/README.md: -------------------------------------------------------------------------------- 1 | yara rules 2 | -------------------------------------------------------------------------------- /yara/WShell_PHP_in_images.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/yara/WShell_PHP_in_images.yar -------------------------------------------------------------------------------- /yara/github-repo-compromise-myjino.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/edoardottt/secfiles/HEAD/yara/github-repo-compromise-myjino.yar --------------------------------------------------------------------------------