├── webapp ├── intruder │ └── union-column-counter.intruder ├── lists │ ├── unlisted-params.txt │ ├── discount-codes.txt │ └── union-column-counter.txt └── burpsuite │ ├── user_options.json │ └── project_options.json ├── configs ├── npp │ ├── README.md │ ├── weblog.xml │ ├── dockerfile.xml │ ├── nikto.xml │ ├── cisco.xml │ ├── txt.xml │ ├── nmap.xml │ ├── fortigate.xml │ ├── ss.xml │ ├── junos.xml │ └── userDefineLang.xml └── profile.ps1 ├── john ├── aspnet_membership_to_john.py ├── genwordlist.py ├── genwordlist-burp.py ├── README.md ├── format_tester.py └── rule_test.py ├── README.md ├── infrastructure └── buildreview.sh └── .gitignore /webapp/intruder/union-column-counter.intruder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rbsec/pentest/HEAD/webapp/intruder/union-column-counter.intruder -------------------------------------------------------------------------------- /webapp/lists/unlisted-params.txt: -------------------------------------------------------------------------------- 1 | debug 2 | debug=1 3 | debug=true 4 | debug=on 5 | trace=1 6 | trace=true 7 | umbDebugShowTrace=true 8 | isAdmin=1 9 | isadmin=true 10 | admin=1 11 | admin=true 12 | mode=debug 13 | mode=dev 14 | mode=test 15 | sap-ui-debug=true 16 | -------------------------------------------------------------------------------- /configs/npp/README.md: -------------------------------------------------------------------------------- 1 | # Introduction 2 | This folder contains custom sytax highlighting files for Notepad++. 3 | 4 | ## Importing 5 | You can import these from the User Defined Language panel (Language -> Define Your Language). 6 | 7 | Notepad++ will need a restart before they appear in the Languages menu. -------------------------------------------------------------------------------- /configs/profile.ps1: -------------------------------------------------------------------------------- 1 | # Bash style tab completion 2 | Set-PSReadlineKeyHandler -Key Tab -Function MenuComplete 3 | 4 | # Disable beep 5 | Set-PSReadlineOption -BellStyle None 6 | 7 | function Create-Folders ($jobref) 8 | { 9 | New-Item $jobref -ItemType directory 10 | New-Item $jobref/Admin -ItemType directory 11 | New-Item $jobref/Drafts -ItemType directory 12 | New-Item $jobref/Evidence -ItemType directory 13 | New-Item $jobref/Notes -ItemType directory 14 | New-Item $jobref/Reports -ItemType directory 15 | New-Item $jobref/Scans -ItemType directory 16 | } 17 | 18 | # Don't truncate lists in PowerShell 19 | $FormatEnumerationLimit=-1 20 | 21 | if ($home -eq (Get-Location).Path) 22 | { 23 | cd \users\$env:UserName\Desktop 24 | } 25 | clear -------------------------------------------------------------------------------- /john/aspnet_membership_to_john.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Convert password hashes from ASP.NET Membership provider to john's format 4 | # 5 | # SELECT aspnet_Users.UserName,aspnet_Membership.Password,aspnet_Membership.PasswordSalt 6 | # FROM aspnet_Users,aspnet_Membership WHERE aspnet_Membership.UserId = aspnet_Users.UserId 7 | # 8 | 9 | import base64 10 | import binascii 11 | import sys 12 | 13 | with open(sys.argv[1]) as f: 14 | lines = f.readlines() 15 | lines = [x.strip() for x in lines] 16 | 17 | for line in lines: 18 | user,password_hash,salt = line.split("\t") 19 | password_hash = base64.b64decode(password_hash).hex() 20 | salt = base64.b64decode(salt).hex() 21 | print(f"{user}:$pbkdf2-hmac-sha1$1000$.{salt}.{password_hash}") 22 | -------------------------------------------------------------------------------- /john/genwordlist.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Simple script to generate a sorted unique wordlist from an input file 4 | # Usage: $ ./genwordlist.py 5 | # Saves output to wordlist.txt 6 | # Saves output to wordlist.txt if not outfile specified 7 | 8 | import re 9 | import sys 10 | 11 | wordlist = set() 12 | with open(sys.argv[1]) as f: 13 | lines = f.readlines() 14 | for line in lines: 15 | words = re.findall("[a-zA-Z0-9]+", line) 16 | for word in words: 17 | if not word.isdigit(): 18 | wordlist.add(word) 19 | 20 | wordlist = sorted(wordlist, key=lambda s: s.lower()) 21 | try: 22 | outfile = sys.argv[2] 23 | except IndexError: 24 | outfile = "wordlist.txt" 25 | f = open(outfile, "w") 26 | for word in wordlist: 27 | f.write(word + "\n") 28 | print(f"Wrote {str(len(wordlist))} words to {outfile}") 29 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Introduction 2 | This repo contains various scripts and configuration files used for pentesting. They've very much a work in progress, and in some cases are related to custom tools or personal preferences. 3 | 4 | In most cases it's better to read the config files or scripts yourself and take elements that seem useful to you, rather than trying to import the whole files. 5 | 6 | A high level summary of the contents of each folder is given below. The folders may contain README files with further details. 7 | 8 | ## [Build Scripts](build_scripts) 9 | Scripts to build and setup Linux systems (Debian and Kali) 10 | 11 | ## [Configs](configs) 12 | Configuration files for various tools and applications. Primarily used for Windows tools, as Linux configs are mostly in https://github.com/rbsec/dotfiles 13 | 14 | ## [John](john) 15 | Scripts used with John the Ripper 16 | 17 | ## [Infrastructure](infrastructure) 18 | Scripts and tools for carrying out internal pentesting and build reviews. 19 | 20 | ## [Web Application](webapp) 21 | Scripts and configuration files for web application testing. 22 | -------------------------------------------------------------------------------- /infrastructure/buildreview.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | alias ll='ls -lh --color=auto' 3 | alias la='ls -lhA' 4 | alias ..='cd ..' 5 | alias ...='cd ../..' 6 | alias vim='vim -c "colorscheme elflord"' 7 | alias v='vim -R' 8 | alias sv='sudo vim -R -c "colorscheme elflord"' 9 | alias grep='grep --color=auto' 10 | alias nopen='sudo netstat -nlpt| grep tcp | grep -Ev "127\.0\.0\.1|[^a-f0-9]::1"' 11 | alias findwritable='find / -writable -type f 2>/dev/null | grep -vE "^$HOME" | grep -vE "^/sys|^/proc/"' 12 | alias findcaps='getcap -r / 2>/dev/null' 13 | 14 | function f () { find . -iname "*$1*" ; } 15 | function sf () { sudo find . -iname "*$1*" ;} 16 | function findsetuid () { sudo find $1 -type f \( -perm -4000 -o -perm -2000 \) -exec ls -lh --color=auto {} \; 2>/dev/null | grep -vE '/postdrop$|/userhelper$|/usernetctl$|/postqueue$|/sudo$|/wall$|/passwd$|/ssh-agent$|/newgrp$|/chsh$|/chage$|/crontab$|/locate$|/staprun$|/ksu$|/at$|/pkexec$|/chfn$|/write$|/gpasswd$|/netreport$|/unix_chkpwd$|/pam_timestamp_check$|/ping$|/umount$|/mount$|/ping6$|/su$|/pt_chown$|/ssh-keysign$|/dbus-daemon-launch-helper$|/polkit-agent-helper-1' | grep "^-rws" --color=auto ;} 17 | 18 | export PS1='\[\e[1;34m\]\u\[\e[1;30m\]@\[\e[1;32m\]\h \[\e[1;34m\]\w\[\e[0m\] \$ ' -------------------------------------------------------------------------------- /john/genwordlist-burp.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | # Simple script to generate a sorted unique wordlist from a burp sitemap 4 | # Input file can be b64 encoded or plain 5 | # Usage: $ ./genwordlist.py [outfile] 6 | # Saves output to wordlist.txt if not outfile specified 7 | 8 | import base64 9 | import re 10 | import sys 11 | try: # Use faster C implementation if we can 12 | import xml.etree.cElementTree as ET 13 | except ImportError: 14 | import xml.etree.ElementTree as ET 15 | 16 | wordlist = set() 17 | 18 | for event, elem in ET.iterparse(sys.argv[1]): 19 | if event == 'end': 20 | if elem.tag == 'response': 21 | if elem.attrib["base64"] == "true": 22 | response = str(base64.b64decode(elem.text)) 23 | else: 24 | response = str(elem.text) 25 | words = re.findall("[a-zA-Z0-9\-]+", response) 26 | for word in words: 27 | wordlist.add(word) 28 | elem.clear() # Discard the element to free memory 29 | 30 | 31 | wordlist = sorted(wordlist, key=lambda s: s.lower()) # Case insensitive sort 32 | 33 | try: 34 | outfile = sys.argv[2] 35 | except IndexError: 36 | outfile = "wordlist.txt" 37 | f = open(outfile, "w") 38 | for word in wordlist: 39 | f.write(word + "\n") 40 | print(f"Wrote {str(len(wordlist))} words to {outfile}") 41 | -------------------------------------------------------------------------------- /webapp/lists/discount-codes.txt: -------------------------------------------------------------------------------- 1 | 10OFF 2 | 15OFF 3 | 20OFF 4 | 5OFF 5 | AUTUMN 6 | AUTUMN10 7 | AUTUMN20 8 | BLACKFRIDAY 9 | BLACKFRIDAY10 10 | BLACKFRIDAY20 11 | CODE10 12 | CODE15 13 | CODE20 14 | CYBERMONDAY 15 | CYBERMONDAY10 16 | CYBERMONDAY20 17 | DISCOUNT 18 | DISCOUNT10 19 | DISCOUNT15 20 | DISCOUNT20 21 | EASTER 22 | EASTER10 23 | EASTER15 24 | EASTER20 25 | FACEBOOK 26 | FACEBOOK10 27 | FACEBOOK20 28 | FALL 29 | FALL10 30 | FALL20 31 | FREESHIP 32 | NHS 33 | NHS10 34 | NHS15 35 | NHS20 36 | SALE 37 | SALE10 38 | SALE15 39 | SALE20 40 | SAVE10 41 | SAVE20 42 | SAVE5 43 | SORRY 44 | SORRY10 45 | SORRY15 46 | SORRY20 47 | SORRY5 48 | SPRING 49 | SPRING10 50 | SPRING20 51 | STAFF 52 | STAFF10 53 | STAFF15 54 | STAFF20 55 | SUMMER 56 | SUMMER10 57 | SUMMER20 58 | TAKE 59 | TAKE10 60 | TAKE120 61 | TAKE15 62 | TEST 63 | TEST1 64 | TEST10 65 | TEST15 66 | TEST20 67 | TESTING 68 | TESTTEST 69 | THANKS 70 | THANKS10 71 | THANKS15 72 | THANKS20 73 | THANKYOU 74 | THANKYOU10 75 | THANKYOU15 76 | THANKYOU20 77 | TWITTER 78 | TWITTER10 79 | TWITTER20 80 | WELCOME 81 | WELCOME10 82 | WELCOME15 83 | WELCOME20 84 | WELCOME5 85 | WINTER 86 | WINTER10 87 | WINTER20 88 | XMAS 89 | XMAS10 90 | XMAS15 91 | XMAS20 92 | XMAS5 93 | % 94 | ? 95 | ?? 96 | ??? 97 | ???? 98 | ????? 99 | ?????? 100 | ??????? 101 | ???????? 102 | ????????? 103 | ?????????? 104 | ??????????? 105 | ???????????? -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | MANIFEST 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | .pytest_cache/ 49 | 50 | # Translations 51 | *.mo 52 | *.pot 53 | 54 | # Django stuff: 55 | *.log 56 | local_settings.py 57 | db.sqlite3 58 | 59 | # Flask stuff: 60 | instance/ 61 | .webassets-cache 62 | 63 | # Scrapy stuff: 64 | .scrapy 65 | 66 | # Sphinx documentation 67 | docs/_build/ 68 | 69 | # PyBuilder 70 | target/ 71 | 72 | # Jupyter Notebook 73 | .ipynb_checkpoints 74 | 75 | # pyenv 76 | .python-version 77 | 78 | # celery beat schedule file 79 | celerybeat-schedule 80 | 81 | # SageMath parsed files 82 | *.sage.py 83 | 84 | # Environments 85 | .env 86 | .venv 87 | env/ 88 | venv/ 89 | ENV/ 90 | env.bak/ 91 | venv.bak/ 92 | 93 | # Spyder project settings 94 | .spyderproject 95 | .spyproject 96 | 97 | # Rope project settings 98 | .ropeproject 99 | 100 | # mkdocs documentation 101 | /site 102 | 103 | # mypy 104 | .mypy_cache/ 105 | -------------------------------------------------------------------------------- /john/README.md: -------------------------------------------------------------------------------- 1 | # John Scripts 2 | This folder contains various scripts that are useful with John the Ripper. 3 | 4 | ## [aspnet_membership_to_john.py](aspnet_membership_to_john.py) 5 | Convert ASP.NET Membership hashes into a format that can be cracked with John. 6 | 7 | ## [format_tester.py](format_tester.py) 8 | 9 | Attempt to determine the type of a hash, or how a hash and salt are used together. The script works by attempting to crack a hash (or list of hashes) with a provided wordlist, using every format and subformat that John supports. 10 | 11 | This is useful if you have an unknown hash (such as 32 hexadecimal characters), or you have a hash and a salt but aren't sure how they're combined. 12 | 13 | It's slower than tools like hashID, which try to guess based on the length and character set - but it's also more reliable. 14 | 15 | It will be much faster and more accurate if you have a known password:hash pair. 16 | 17 | ## [genwordlist.py](genwordlist.py) 18 | 19 | Generate a sorted, unique wordlist from an input file. 20 | 21 | ## [genwordlist-burp.py](genwordlist-burp.py) 22 | 23 | Generate a sorted, unique wordlist from an exported Burpsuite site map. 24 | 25 | Export an XML site map by going to Target > Site map, right clicking on a node, and then choosing "Save selected items" 26 | 27 | This can be useful for quickly creating a targeted wordlist of the organisation when you've already explored their website with Burpsuite (rather than having to spider it again with something like CeWL). 28 | 29 | ## [rule_test.py](rule_test.py) 30 | 31 | Tests a set of John rules against a given hash file and wordlist, and then sorts them by the number of passwords cracked per second. 32 | 33 | This is useful to optimise rules, and to create a small and efficient set that can be run quickly. 34 | 35 | It also has a cumulative mode, which tracks how many new passwords a rule cracks compared to the previous ones, so that duplicate or overlapping rules can be identified. 36 | -------------------------------------------------------------------------------- /john/format_tester.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import os 3 | import platform 4 | import re 5 | import subprocess 6 | import sys 7 | 8 | # Attempt to determine the type of a hash by trying to crack it with every format John supports 9 | # Useful when you have a hash with an unknown format, or aren't sure how a salt is being used 10 | # This approach is slower than guessing based on length/characters, but more reliable 11 | # Works best when you have a known password for the hash 12 | # Defaults to 120s max per hash type 13 | 14 | # Usage: $ format_tester.py [runtime] 15 | 16 | 17 | # Class for coloured output 18 | class col: 19 | if sys.stdout.isatty() and platform.system() != "Windows": 20 | green = '\033[32m' 21 | blue = '\033[94m' 22 | red = '\033[31m' 23 | brown = '\033[33m' 24 | grey = '\033[90m' 25 | end = '\033[0m' 26 | else: # Colours mess up redirected or Windows output, disable them 27 | green = "" 28 | blue = "" 29 | red = "" 30 | brown = "" 31 | grey = "" 32 | end = "" 33 | 34 | # Arguments 35 | if len(sys.argv) < 3: 36 | print(f"\n{col.red}Usage: {sys.argv[0]} [runtime]{col.end}\n") 37 | sys.exit(1) 38 | hashfile = sys.argv[1] 39 | wordlist = sys.argv[2] 40 | 41 | if len(sys.argv) == 4: 42 | runtime = str(sys.argv[3]) 43 | else: 44 | runtime = "120" 45 | 46 | if not os.path.isfile(hashfile): 47 | print(f"{col.red}Hash file does not exist{col.end}") 48 | sys.exit(1) 49 | 50 | if not os.path.isfile(wordlist): 51 | print(f"{col.red}Wordlist does not exist{col.end}") 52 | sys.exit(1) 53 | 54 | # Get a list of formats 55 | flist = subprocess.check_output(["john", "--list=formats"]).decode('utf-8').replace("\n", "").replace(" ", "") 56 | formats = flist.split(",") 57 | 58 | # Get a list of subformats 59 | sflist = subprocess.check_output(["john", "--list=subformats"]).decode('utf-8').replace("\n", "").replace(" ", "") 60 | subformats = re.findall("(dynamic_\d+)", sflist) 61 | formats.extend(subformats) 62 | 63 | total = len(formats) 64 | i = 1 65 | 66 | # Get rid of the old pot if it exists 67 | try: 68 | os.remove("format_tester.pot") 69 | except OSError: 70 | pass 71 | 72 | # Loop through formats 73 | for format in formats: 74 | print(f"{col.blue}[{str(i)}/{str(total)}]{col.end} Trying format: {col.brown}{format}{col.end}") 75 | subprocess.call([ 76 | "john", 77 | hashfile, 78 | "--wordlist=" + wordlist, 79 | "--format=" + format, 80 | "--rules=none", 81 | "--pot=format_tester.pot", 82 | "--max-run-time=" + str(runtime) 83 | ]) 84 | try: 85 | if os.stat("format_tester.pot").st_size > 0: 86 | print(f"\n{col.green}Hash type is {format}{col.end}\n") 87 | os.remove("format_tester.pot") 88 | sys.exit(0) 89 | except OSError: 90 | pass 91 | i += 1 92 | -------------------------------------------------------------------------------- /john/rule_test.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # 3 | # Test a file of john rules and sort them by effectiveness 4 | # Runs a wordlist attack with each rule and sorts by passwords cracked/second 5 | # Can optionally be used in a cumulative mode to remove overlapping/duplicate rules 6 | # 7 | 8 | import re 9 | import os 10 | import subprocess 11 | import sys 12 | import datetime 13 | 14 | class col: 15 | if sys.stdout.isatty(): 16 | green = '\033[32m' 17 | blue = '\033[94m' 18 | red = '\033[31m' 19 | brown = '\033[33m' 20 | end = '\033[0m' 21 | else: # Colours mess up redirected output, disable them 22 | green = "" 23 | blue = "" 24 | red = "" 25 | brown = "" 26 | end = "" 27 | 28 | # Run a shell command and return output 29 | def runcmd(cmd): 30 | devnull = open(os.devnull, 'w') 31 | proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=devnull, shell=True) 32 | return proc.stdout.read() 33 | 34 | def getcrackedcount(): 35 | # You may need to change the hash path here 36 | joutput = runcmd("john --format=nt --show --pot=rtest.pot " + hashfile) 37 | lastline = joutput.splitlines()[-1] 38 | m = re.search('^\d+', lastline.decode()) 39 | count = int(m.group(0)) 40 | return count 41 | 42 | def test_rule(jrule, wordlist, hashfile): 43 | start = datetime.datetime.now() 44 | # You may need to change the hash path here 45 | joutput = runcmd("john --format=nt --session=rtest --pot=rtest.pot " + hashfile \ 46 | + " --wordlist=" + wordlist + " --rules=:" + jrule + " --max-run-time=300") 47 | elapsed = datetime.datetime.now() 48 | delta = elapsed - start 49 | return delta.total_seconds() 50 | 51 | def remove_pot(): 52 | try: 53 | os.remove("rtest.pot") 54 | except OSError: 55 | pass 56 | 57 | def getrules(rulefile): 58 | with open(rulefile) as f: 59 | rules = [] 60 | lines = f.readlines() 61 | for line in lines: 62 | line = line.rstrip() 63 | # Ignore comments and rule section headings 64 | if line.startswith('#') or line.startswith('[List.Rules') or line == '': 65 | continue 66 | rules.append(line) 67 | return rules 68 | 69 | if len(sys.argv) < 5: 70 | print("Usage: ruletest.py [cumulative]\n\n") 71 | sys.exit(1) 72 | 73 | rulefile = sys.argv[1] 74 | hashfile = sys.argv[2] 75 | wordlist = sys.argv[3] 76 | outfile = sys.argv[4] 77 | if len(sys.argv) > 5: 78 | cumulative = 1 79 | else: 80 | cumulative = 0 81 | 82 | crackrate = {} 83 | 84 | rules = getrules(rulefile) 85 | rulecount = len(rules) 86 | i = 1 87 | # remove_pot() 88 | 89 | for rule in rules: 90 | try: 91 | # If you want to do non-cumulative testing with an existing pot, use this 92 | # os.system("cp pot.main.dnwordlist rtest.pot") 93 | if cumulative: 94 | count_before = getcrackedcount() 95 | jrule = "'" + rule.replace("'", "\\'") + "'" 96 | elapsed = test_rule(jrule, wordlist, hashfile) 97 | count = getcrackedcount() 98 | if cumulative: 99 | count = count - count_before 100 | rate = count / elapsed 101 | crackrate[rule] = rate 102 | print("[" + col.blue + str(i) + col.end + "/" + str(rulecount) + "] Rule " 103 | + col.brown + rule + col.end + " cracked " + col.green + str(count) + col.end 104 | + " passwords " + "in " + col.blue + str(round(elapsed,2)) + col.end + " seconds (" 105 | + col.green + str(round(rate,2)) + col.end + " passwords/second)") 106 | if not cumulative: 107 | remove_pot() 108 | i += 1 109 | except KeyboardInterrupt: 110 | print("Caught keyboard interrupt, exiting.\n") 111 | break 112 | os.remove('rtest.log') 113 | 114 | with open(outfile, "w") as f: 115 | f.write("# Ruletest for wordlist " + wordlist + "\n") 116 | for rule in sorted(crackrate, key=crackrate.get, reverse=True): 117 | rate = str(round(crackrate[rule], 2)) 118 | print (rule.ljust(80) + "# " + rate) 119 | f.write(rule.ljust(80) + "# " + rate + "\n") 120 | -------------------------------------------------------------------------------- /configs/npp/weblog.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00# 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | : - / 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | GET get 28 | POST put 29 | Mozilla 30 | Notice 31 | Warning delete 404 32 | Fatal Parse error FAILED denied DENIED 33 | PHP on line in 34 | 200 35 | 00[ 01 02] 03( 04 05) 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/dockerfile.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00# 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | = :- :+ : [ ] , 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | FROM MAINTAINER ENV RUN CMD ADD EXPOSE COPY ENTRYPOINT VOLUME USER WORKDIR ONBUILD LABEL ARG STOPSIGNAL HEALTHCHECK SHELL AS 28 | $ ${ 29 | --platform --from --chown 30 | 31 | 32 | 33 | 34 | 35 | 00" 00' 01\ 02" 02' 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | -------------------------------------------------------------------------------- /configs/npp/nikto.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | : ? & 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | GET GET, HEAD HEAD, POST POST, OPTIONS OPTIONS, 28 | OSVDB- 29 | Nikto v2.1.4/2.1.5 30 | Hostname Target Host Port 31 | TRACE TRACE, alert 32 | / 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/cisco.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00remark 01 02 03! 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | ( ) 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | aaa aaa-server access-group access-list alias arp asdm auth-prompt auto-update banner boot ca checkheaps class-map clear client-update clock command-alias compression config-register configure console crashinfo crypto ctl-file ctl-provider ddns description dhcp-client dhcpd dhcprelay dns dns-group dns-guard domain-name dynamic-access-policy-record dynamic-map enable end eou established exit failover filter fips firewall fixup fragment ftp-map global group-delimiter group-policy h225-map help hostname http http-map icmp imap4s interface ip ipsec ipv6 isakmp l2tp ldap logging logout mac-list management-access map mgcp-map monitor-interface mroute mtu multicast-routing nac-policy name names nat ntp object-group pager passwd phone-proxy pim policy-map pop3s prefix-list priority-queue privilege prompt quit regex remote-access route route-map router routing same-security-traffic service service-policy setup sla smtp-server smtps snmp snmp-map snmp-server ssh ssl static sunrpc-server sysopt tcp-map terminal threat-detection time-range timeout tls-proxy track tunnel-group tunnel-group-map url-block url-cache url-server username virtual vpdn vpn-addr-assign vpn-sessiondb vpnsetup wccp webvpn zonelabs-integrity 28 | address speed duplex nameif security-level vlan class extended accounting authentication authorization network-object port-object service-object ospf transform-set security-association encryption hash group lifetime dns-server vpn-tunnel-protocol split-tunnel-network-list default-domain url-list address-pool default-group-policy match ips version server source set peer 29 | inspect netmask tcp-udp tcp udp eq aes-256 3des sha md5 30 | outside any 0.0.0.0 any4 any6 pre-shared-key telnet ldap pptp tftp-server ftp ip 31 | host subnet range object network 32 | permit 255.255.255.255 management-only inside 33 | deny no shutdown inactive 34 | dmz DMZ 35 | 00description 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/txt.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00// 00$ 00# 01 02 03/* 04*/ 9 | 10 | 0x 11 | 12 | 13 | 14 | 15 | 16 | : + = 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | = == === X- Subject: To: 28 | todo Todo ToDo TODO ---- 29 | GET POST 30 | /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30 /31 /32 31 | FIXME 32 | 33 | 34 | 35 | 00[ 01 02] 03< 04 05> 06( 07 08) 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/nmap.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00| 00|_ 00T1 00T2 00T3 00T4 00U1 00IE 00SEQ 00OPS 00WIN 00ECN 00SCAN 00OS: 00# 00SF 00Increasing 00Read 00============== 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | /tcp 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | open up 28 | filtered down [host down] 29 | ssl ssh 30 | ftp telnet 31 | closed 32 | PORT STATE SERVICE VERSION 33 | 34 | 35 | 00( 01 02) 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/fortigate.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00# 01 02 03" 04" 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | # 28 | config edit router bgp accprofile rip isis static multicast ospf6 ospf ripng system global interface physical-switch custom-language admin dashboard ha storage dns replacemsg-image sysinfo community hosts central-management device-category cluster-sync ips global dbinfo setting email-server gui console session-helper auto-install auto-install-config ntp settings ip-range reserved-address zone address multicast-address address6 multicast-address6 webfilter ftgd-local-cat sensor shaper traffic-shaper web-proxy global forticlient-ios-settings wireless-controller wids-profile wireless-controller wtp-profile memory setting disk setting null-device setting vpn ssl web host-check-software web portal settings user forticlient-winmac-settings forticlient-android-settings endpoint-control profile casi application dlp filepattern fp-sensitivity filter threat-weight icap spamfilter report layout body-item wanopt firewall vipgrp ssl-ssh-profile waf policy device-group constraint header-length content-length max-url-param param-length url-param-length line-length method version malformed max-cookie max-range-segment antivirus page header header-item footer footer-item ssl-exempt max-header-line ftgd-wf filters switch-profile secondaryip 29 | enable disable read read-write ping ftp ftps nntp dns mapi pop3s imaps https http auto-ipsec telnet ssh fgfm capwap ssh snmp physical dhcp pppoe down up smtps smtp pop3 imap low high 802.11n 802.11ac 802.11n-5G 423E 421E S423E S422E S421E S323CR S322CR S321CR S313C S311C S323C S322C S321C 321C 223C 112D 24D 21D 214B 224D 222C 25D 221C 320C 28C 223B 14C 11C 320B 112B 222B 210B AP-11N advisory latest-threat latest-virus latest-attack new-antivirus-db new-attack-db log wan-opt webproxy fortiguard-wf spam alertmail auth fw scan virus image misc accept disabled lan wan dmz splice fragmail certificate-inspection block US flow-based all management 30 | end next 31 | allowaccess 32 | 33 | 34 | 35 | 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /configs/npp/ss.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 03 04 00UDP 00 01 02 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | * ? 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | TELNET FTP SNMP SIP-PROXY PPTP 28 | HTTPS SSH SSL 29 | HTTP 30 | CLOSED TCPWRAPPED 31 | 32 | 33 | 34 | 35 | 00( 01 02) 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /webapp/burpsuite/user_options.json: -------------------------------------------------------------------------------- 1 | { 2 | "user_options":{ 3 | "bchecks":{ 4 | "imported_scripts":[] 5 | }, 6 | "connections":{ 7 | "platform_authentication":{ 8 | "credentials":[], 9 | "do_platform_authentication":true, 10 | "prompt_on_authentication_failure":false 11 | }, 12 | "socks_proxy":{ 13 | "dns_over_socks":false, 14 | "host":"127.0.0.1", 15 | "password":"", 16 | "port":9090, 17 | "use_proxy":false, 18 | "username":"" 19 | }, 20 | "upstream_proxy":{ 21 | "servers":[] 22 | } 23 | }, 24 | "display":{ 25 | "character_sets":{ 26 | "mode":"recognize_automatically" 27 | }, 28 | "html_rendering":{ 29 | "allow_http_requests":true 30 | }, 31 | "http_message_display":{ 32 | "font_name":"Courier New", 33 | "font_size":13, 34 | "font_smoothing":true, 35 | "highlight_requests":true, 36 | "highlight_responses":true, 37 | "pretty_print_by_default":false 38 | }, 39 | "table_appearance":{ 40 | "zebra_striping":true 41 | }, 42 | "user_interface":{ 43 | "font_size":13, 44 | "look_and_feel":"Light" 45 | } 46 | }, 47 | "extender":{ 48 | "extensions":[ 49 | { 50 | "bapp_serial_version":13, 51 | "bapp_uuid":"36238b534a78494db9bf2d03f112265c", 52 | "errors":"ui", 53 | "extension_file":"bapps\\36238b534a78494db9bf2d03f112265c\\retirejs-burp-plugin\\target\\burp-retire-js-3.jar", 54 | "extension_type":"java", 55 | "loaded":true, 56 | "name":"Retire.js", 57 | "output":"ui" 58 | }, 59 | { 60 | "errors":"ui", 61 | "extension_file":"C:\\Tools\\Burpsuite\\Timeinator\\timeinator.py", 62 | "extension_type":"python", 63 | "loaded":false, 64 | "name":"Timeinator", 65 | "output":"ui" 66 | }, 67 | { 68 | "bapp_serial_version":25, 69 | "bapp_uuid":"6bf7574b632847faaaa4eb5e42f1757c", 70 | "errors":"ui", 71 | "extension_file":"bapps\\6bf7574b632847faaaa4eb5e42f1757c\\build\\libs\\openapi-parser-all.jar", 72 | "extension_type":"java", 73 | "loaded":false, 74 | "name":"OpenAPI Parser", 75 | "output":"ui" 76 | }, 77 | { 78 | "bapp_serial_version":3, 79 | "bapp_uuid":"3c7fc852346548adb781b7f4f30938c0", 80 | "errors":"ui", 81 | "extension_file":"bapps\\3c7fc852346548adb781b7f4f30938c0\\timeinator.py", 82 | "extension_type":"python", 83 | "loaded":false, 84 | "name":"Timeinator, Time Based Attacker", 85 | "output":"ui" 86 | }, 87 | { 88 | "bapp_serial_version":26, 89 | "bapp_uuid":"f923cbf91698420890354c1d8958fee6", 90 | "errors":"ui", 91 | "extension_file":"bapps\\f923cbf91698420890354c1d8958fee6\\target\\JWT4B-jar-with-dependencies.jar", 92 | "extension_type":"java", 93 | "loaded":false, 94 | "name":"JSON Web Tokens", 95 | "output":"ui" 96 | }, 97 | { 98 | "bapp_serial_version":12, 99 | "bapp_uuid":"30d8ee9f40c041b0bfec67441aad158e", 100 | "errors":"ui", 101 | "extension_file":"bapps\\30d8ee9f40c041b0bfec67441aad158e\\AuthMatrix.py", 102 | "extension_type":"python", 103 | "loaded":false, 104 | "name":"AuthMatrix", 105 | "output":"ui" 106 | }, 107 | { 108 | "bapp_serial_version":9, 109 | "bapp_uuid":"0a05afd37da44adca514acef1cdde3b9", 110 | "errors":"ui", 111 | "extension_file":"bapps\\0a05afd37da44adca514acef1cdde3b9\\build\\libs\\decoder-improved-all.jar", 112 | "extension_type":"java", 113 | "loaded":false, 114 | "name":"Decoder Improved", 115 | "output":"ui" 116 | }, 117 | { 118 | "bapp_serial_version":6, 119 | "bapp_uuid":"594a49bb233748f2bc80a9eb18a2e08f", 120 | "errors":"ui", 121 | "extension_file":"bapps\\594a49bb233748f2bc80a9eb18a2e08f\\wsdler.jar", 122 | "extension_type":"java", 123 | "loaded":false, 124 | "name":"Wsdler", 125 | "output":"ui" 126 | }, 127 | { 128 | "bapp_serial_version":3, 129 | "bapp_uuid":"ba17d9fb487448b48368c22cb70048dc", 130 | "errors":"ui", 131 | "extension_file":"bapps\\ba17d9fb487448b48368c22cb70048dc\\build\\libs\\viewstate-editor-1.0.jar", 132 | "extension_type":"java", 133 | "loaded":false, 134 | "name":"ViewState Editor", 135 | "output":"ui" 136 | }, 137 | { 138 | "bapp_serial_version":5, 139 | "bapp_uuid":"11729a617d8d4d3b87c82e34b71885c3", 140 | "errors":"ui", 141 | "extension_file":"bapps\\11729a617d8d4d3b87c82e34b71885c3\\build\\libs\\request-highlighter.jar", 142 | "extension_type":"java", 143 | "loaded":true, 144 | "name":"Request Highlighter", 145 | "output":"ui" 146 | } 147 | ], 148 | "java":{ 149 | "folder_for_loading_library_jar_files":"" 150 | }, 151 | "python":{ 152 | "folder_for_loading_modules":"", 153 | "location_of_jython_standalone_jar_file":"C:\\Tools\\Burpsuite\\jython-standalone-2.7.0.jar" 154 | }, 155 | "ruby":{ 156 | "location_of_jruby_jar_file":"" 157 | }, 158 | "settings":{ 159 | "automatically_reload_extensions_on_startup":true, 160 | "automatically_update_bapps_on_startup":true 161 | } 162 | }, 163 | "intruder":{ 164 | "tab_bar_layout":"wrapped" 165 | }, 166 | "misc":{ 167 | "api":{ 168 | "address":"", 169 | "enabled":false, 170 | "insecure_mode":false, 171 | "keys":[], 172 | "listen_mode":"loopback_only", 173 | "port":1337 174 | }, 175 | "automatic_project_backup":{ 176 | "delete_on_shutdown":true, 177 | "enabled":true, 178 | "in_scope_only":false, 179 | "interval":30, 180 | "show_progress":false 181 | }, 182 | "embedded_browser":{ 183 | "allow_saving_browser_settings":true, 184 | "browser_data_directory":"" 185 | }, 186 | "enable_proxy_interception_at_startup":"always", 187 | "exceptions_log_directory":"", 188 | "hotkeys":[ 189 | { 190 | "action":"send_to_repeater", 191 | "hotkey":"Ctrl+R" 192 | }, 193 | { 194 | "action":"send_to_intruder", 195 | "hotkey":"Ctrl+I" 196 | }, 197 | { 198 | "action":"send_to_decoder", 199 | "hotkey":"Ctrl+Shift+D" 200 | }, 201 | { 202 | "action":"send_to_organizer", 203 | "hotkey":"Ctrl+O" 204 | }, 205 | { 206 | "action":"copy_url", 207 | "hotkey":"Ctrl+Shift+C" 208 | }, 209 | { 210 | "action":"forward_intercepted_proxy_message", 211 | "hotkey":"Ctrl+F" 212 | }, 213 | { 214 | "action":"drop_intercepted_proxy_message", 215 | "hotkey":"Ctrl+D" 216 | }, 217 | { 218 | "action":"toggle_proxy_interception", 219 | "hotkey":"Ctrl+T" 220 | }, 221 | { 222 | "action":"issue_repeater_request", 223 | "hotkey":"Ctrl+G" 224 | }, 225 | { 226 | "action":"switch_to_dashboard", 227 | "hotkey":"" 228 | }, 229 | { 230 | "action":"switch_to_target", 231 | "hotkey":"Ctrl+Shift+T" 232 | }, 233 | { 234 | "action":"switch_to_proxy", 235 | "hotkey":"Ctrl+Shift+P" 236 | }, 237 | { 238 | "action":"switch_to_intruder", 239 | "hotkey":"Ctrl+Shift+I" 240 | }, 241 | { 242 | "action":"switch_to_repeater", 243 | "hotkey":"Ctrl+Shift+R" 244 | }, 245 | { 246 | "action":"switch_to_logger", 247 | "hotkey":"Ctrl+Shift+L" 248 | }, 249 | { 250 | "action":"switch_to_organizer", 251 | "hotkey":"Ctrl+Shift+O" 252 | }, 253 | { 254 | "action":"go_to_previous_tab", 255 | "hotkey":"Ctrl+Minus" 256 | }, 257 | { 258 | "action":"go_to_next_tab", 259 | "hotkey":"Ctrl+Equals" 260 | }, 261 | { 262 | "action":"close_tab", 263 | "hotkey":"Ctrl+Shift+Z" 264 | }, 265 | { 266 | "action":"editor_cut", 267 | "hotkey":"Ctrl+X" 268 | }, 269 | { 270 | "action":"editor_copy", 271 | "hotkey":"Ctrl+C" 272 | }, 273 | { 274 | "action":"editor_paste", 275 | "hotkey":"Ctrl+V" 276 | }, 277 | { 278 | "action":"editor_undo", 279 | "hotkey":"Ctrl+Z" 280 | }, 281 | { 282 | "action":"editor_redo", 283 | "hotkey":"Ctrl+Y" 284 | }, 285 | { 286 | "action":"editor_select_all", 287 | "hotkey":"Ctrl+A" 288 | }, 289 | { 290 | "action":"editor_search", 291 | "hotkey":"Ctrl+S" 292 | }, 293 | { 294 | "action":"editor_go_to_previous_search_match", 295 | "hotkey":"Ctrl+Comma" 296 | }, 297 | { 298 | "action":"editor_go_to_next_search_match", 299 | "hotkey":"Ctrl+Period" 300 | }, 301 | { 302 | "action":"editor_url_decode", 303 | "hotkey":"Ctrl+Shift+U" 304 | }, 305 | { 306 | "action":"editor_url_encode_key_characters", 307 | "hotkey":"Ctrl+U" 308 | }, 309 | { 310 | "action":"editor_toggle_url_encoding_as_you_type", 311 | "hotkey":"Ctrl+Q" 312 | }, 313 | { 314 | "action":"editor_html_decode", 315 | "hotkey":"Ctrl+Shift+H" 316 | }, 317 | { 318 | "action":"editor_html_encode_key_characters", 319 | "hotkey":"Ctrl+H" 320 | }, 321 | { 322 | "action":"editor_base64_decode", 323 | "hotkey":"Ctrl+Shift+B" 324 | }, 325 | { 326 | "action":"editor_base64_encode", 327 | "hotkey":"Ctrl+B" 328 | }, 329 | { 330 | "action":"editor_backspace_word", 331 | "hotkey":"Ctrl+Backspace" 332 | }, 333 | { 334 | "action":"editor_delete_word", 335 | "hotkey":"Ctrl+Delete" 336 | }, 337 | { 338 | "action":"editor_delete_line", 339 | "hotkey":"" 340 | }, 341 | { 342 | "action":"editor_go_to_previous_word", 343 | "hotkey":"Ctrl+Left" 344 | }, 345 | { 346 | "action":"editor_go_to_previous_word_extend_selection", 347 | "hotkey":"Ctrl+Shift+Left" 348 | }, 349 | { 350 | "action":"editor_go_to_next_word", 351 | "hotkey":"Ctrl+Right" 352 | }, 353 | { 354 | "action":"editor_go_to_next_word_extend_selection", 355 | "hotkey":"Ctrl+Shift+Right" 356 | }, 357 | { 358 | "action":"editor_go_to_previous_paragraph", 359 | "hotkey":"Ctrl+Up" 360 | }, 361 | { 362 | "action":"editor_go_to_previous_paragraph_extend_selection", 363 | "hotkey":"Ctrl+Shift+Up" 364 | }, 365 | { 366 | "action":"editor_go_to_next_paragraph", 367 | "hotkey":"Ctrl+Down" 368 | }, 369 | { 370 | "action":"editor_go_to_next_paragraph_extend_selection", 371 | "hotkey":"Ctrl+Shift+Down" 372 | }, 373 | { 374 | "action":"editor_go_to_start_of_document", 375 | "hotkey":"Ctrl+Home" 376 | }, 377 | { 378 | "action":"editor_go_to_start_of_document_extend_selection", 379 | "hotkey":"Ctrl+Shift+Home" 380 | }, 381 | { 382 | "action":"editor_go_to_end_of_document", 383 | "hotkey":"Ctrl+End" 384 | }, 385 | { 386 | "action":"editor_go_to_end_of_document_extend_selection", 387 | "hotkey":"Ctrl+Shift+End" 388 | } 389 | ], 390 | "http_message_search":{ 391 | "autoscroll_to_match_by_default":true, 392 | "case_sensitive_by_default":false, 393 | "regex_by_default":false 394 | }, 395 | "inspector_display_mode":"collapsed", 396 | "inspector_position":"right", 397 | "inspector_widget_configurations":[ 398 | { 399 | "open_by_default":false, 400 | "show":true, 401 | "type":"request_attributes", 402 | "wrap_text":false 403 | }, 404 | { 405 | "open_by_default":false, 406 | "show":true, 407 | "type":"request_query_parameters", 408 | "wrap_text":false 409 | }, 410 | { 411 | "open_by_default":false, 412 | "show":true, 413 | "type":"request_body_parameters", 414 | "wrap_text":false 415 | }, 416 | { 417 | "open_by_default":false, 418 | "show":true, 419 | "type":"request_cookies", 420 | "wrap_text":false 421 | }, 422 | { 423 | "open_by_default":false, 424 | "show":true, 425 | "type":"request_headers", 426 | "wrap_text":false 427 | }, 428 | { 429 | "open_by_default":false, 430 | "show":true, 431 | "type":"response_headers", 432 | "wrap_text":false 433 | } 434 | ], 435 | "log_exceptions_to_local_directory":false, 436 | "message_editor_request_configurations":[ 437 | { 438 | "show":true, 439 | "type":"pretty" 440 | }, 441 | { 442 | "show":true, 443 | "type":"raw" 444 | }, 445 | { 446 | "show":true, 447 | "type":"hex" 448 | }, 449 | { 450 | "show":false, 451 | "type":"headers", 452 | "wrap_text":false 453 | }, 454 | { 455 | "show":false, 456 | "type":"query_parameters", 457 | "wrap_text":false 458 | }, 459 | { 460 | "show":false, 461 | "type":"body_parameters", 462 | "wrap_text":false 463 | }, 464 | { 465 | "show":false, 466 | "type":"cookies", 467 | "wrap_text":false 468 | }, 469 | { 470 | "show":false, 471 | "type":"attributes", 472 | "wrap_text":false 473 | } 474 | ], 475 | "message_editor_response_configurations":[ 476 | { 477 | "show":true, 478 | "type":"pretty" 479 | }, 480 | { 481 | "show":true, 482 | "type":"raw" 483 | }, 484 | { 485 | "show":true, 486 | "type":"hex" 487 | }, 488 | { 489 | "show":true, 490 | "type":"render" 491 | }, 492 | { 493 | "show":false, 494 | "type":"headers", 495 | "wrap_text":false 496 | } 497 | ], 498 | "out_of_scope_history_logging_action":"do_nothing", 499 | "pause_tasks_at_startup_default":false, 500 | "show_learn_tab":false, 501 | "submit_feedback":false, 502 | "suppress_confirm_on_close":false, 503 | "temporary_files_location":"" 504 | }, 505 | "repeater":{ 506 | "tab_bar_layout":"wrapped" 507 | }, 508 | "ssl":{ 509 | "client_certificates":{ 510 | "certificates":[] 511 | }, 512 | "negotiation":{ 513 | "disable_sni_extension":false, 514 | "enable_blocked_algorithms":true 515 | } 516 | }, 517 | "target":{ 518 | "view":"tabs" 519 | } 520 | } 521 | } -------------------------------------------------------------------------------- /configs/npp/junos.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00## 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | - 16 | ; 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | accept-remote-nexthop access-list access-point access-point-options access-point-queues access-profile ack-number action action-profile actions active-policy adaptive-shaper adaptive-shapers address address-assignment address-blacklist address-book address-mapping address-persistent address-pool address-pooling address-set address-shared address-whitelist admin-email admin-search administrator administrator-email advertise-external advertise-peer-as agent-address aging alarm-threshold alarm-without-drop alarms alert alg algorithm all-tcp allow-dns-reply allow-duplicates allow-email allow-icmp-without-flow allow-transients always-send annex anomaly anti-spam anti-virus apn appfw-profile appfw-rule appfw-rule-set application applications application-ddos application-firewall application-group application-identification application-protocol application-proxy application-screen application-services application-set application-system-cache application-system-cache-timeout application-tracking application-traffic-control apply-groups apply-macro arbitration-inter-frame-space archive archive-sites arguments arp-resp assemble association-timeout attach attack-threshold attack-type attacks attributes-match audible auth-entry authentication authentication-algorithm authentication-key-chain authentication-method authentication-order authentication-source authorization auto-re-enrollment autoinstallation automatic autoupdate background-queue bandwidth banner base-distinguished-name beacon-interval best-effort-queue bfd-liveness-detection bgp-orf-cisco-mode bind-interface block-command block-content-type block-extension block-message block-mime bootp bridge bridge-domains bridge-options broadcast-multicast-rate-limit bundle c-timeout ca-identity ca-profile ca-profile-name cache cache-prune-chunk-size cache-size call-flood captive-portal capture-file categories category cbr rate cellular-options certificate certificate-verification chain challenge-password change-configuration channel checksum ciphers class classifiers client-group client-ia-type client-identifier client-idle-timeout client-list client-list-name client-name-filter client-session-timeout client-type clients cluster co-location code code-points command commands commit commit-delay commit-interval commit-options community compression-device condition config-check configuration-file configuration-servers connection-flood connection-rate-threshold connections-limit console contact container content-decompression-max-memory-kb content-decompression-max-ratio content-filtering content-size content-size-limit context control-link-recovery control-ports corrupt-file count country cpu create-req credit crl cryptographic-self-test custom-attack custom-attack-group custom-attack-groups custom-attacks custom-block-message custom-ciphers custom-message custom-message-subject custom-objects custom-tag-string custom-url-category damping data-length data-rate datapath-debug days-to-keep-error-logs dead-peer-detection decompress-layer decompress-layer-limit decryption-failures default default-policy default-profile default-rule delete-req demand-circuit deny description destination destination-address destination-address-excluded destination-address-name destination-except destination-interface destination-ip destination-ip-based destination-nat destination-port destination-threshold destinations detect-shellcode detection-time detector df-bit dh-group dhcp dhcp-attributes dhcp-client dhcp-local-server dhcpv6 dhcpv6-client direct-access direction disable disable-dot11d disable-low-memory-handling display-host distinguished-name div dns dns-proxy domain-name domain-type dot1x dot1x-supplicant download-profile download-timeout drop dscp-rewrite dslite-softwire-initiator dtim-period duration dynamic dynamic-application dynamic-application-group dynamic-attack-group dynamic-attack-groups dynamic-dns dynamic-vpn early-ageout echo-req email-notify enable enable-all-qmodules enable-flow-tracing enable-heuristics enable-packet-pool enable-session-cache encapsulation encryption encryption-algorithm encryption-failures end-user-address-validation endpoint-registration-timeout engine-not-ready enrollment enterprise-oid equals establish-tunnels ethernet event-options event-rate event-script events exception exclude exclude-context-values execute-commands export expression external external-interface fabric-options facility fail fallback-block fallback-non-block fallback-options fallback-settings false-positives family family bridge family inet family inet6 feature-profile fifo-max-size file filename-extension files filter-duplicates filter-interfaces filters fin-invalidate-session fin-no-ack firewall-authentication firewall-authentication-service firewall-user first-update first-update-interval fixed-multicast-rate flag flexible-vlan-tagging flood flow flow-control flow-gate flow-monitoring flow-server flow-session force-ip-reassembly force-upgrade format forward forwarding-classes forwarding-options forwarding-process fragment fragmentation-threshold frame-relay-de framing from from-zone fru-poweron-sequence full-name functional-zone gatekeeper gateway general-ikeid generate-event global global-config global-mac-limit global-mac-table-aging-time global-no-mac-learning global-threshold global-weight gprs gprs-gtp-profile gprs-sctp-profile graceful-restart gratuitous-arp-count gre-in gre-out group group-members group-profile group-vpn gsm-options gtp gtp-in-gtp-denied guard-band h323 handshake-timeout hardware-timestamp hash-based hash-key hash-table-size header-length heartbeat-interval heartbeat-threshold helpers high-availability high-watermark hit-rate-threshold hold-down-interval hold-time host host-address-base host-inbound-traffic hostkey-algorithm host-name hostname http http-profile http-redirect icmp icmp-code icmp-type icmpv6 identification idle-after-switch-over idle-time idp idp-policy ids-option ignore ignore-memory-overflow ignore-reassembly-memory-overflow no-ignore-reassembly-memory-overflow ignore-reassembly-overflow ignore-regular-expression ike ike-esp-nat ike-phase1-failures ike-phase2-failures ike-policy ike-user-type imap-profile import imsi-prefix inactive-media-timeout inactivity-timeout include-destination-address include-mp-next-hop inet inet6 infranet-controller inline-jflow inline-tap install install-interval intelligent-prescreening interactive-commands interface interface-monitor interface-traceoptions interfaces internal internet-options interval ip ip-action ip-address ip-block ip-close ip-connection-rate-limit ip-flags ip-monitoring ip-notify ip-sweep ipc ips ipsec ipsec-group-vpn ipsec-policy ipsec-sa ipsec-vpn ipv4 ipv4-template ipv6 ipv6-template iso juniper-enhanced juniper-express-engine juniper-local kaspersky-lab-engine keep kernel-replication key-chain key-exchange key-generation-self-test key-protection l2-learning lacp land large latency ldap-options ldap-server lease-time level license lifetime-kilobytes lifetime-seconds limit limit-session line-rate link link-protection link-speed list load-balance load-distribution local local-address local-as local-authentication-table local-certificate local-identity local-preference local-switching location lockout-period log log-attacks log-create log-errors log-supercede-min log-updown logging-options logical-system logical-system-trap-filler logical-systems login loopback loose-check loss-priority loss-priority-maps low-latency low-watermark mac-authentication-type macs management management-vlan manual mapped-port match matches max-checked-bytes max-configurations-on-flash max-configuration-rollbacks max-context-values max-flow-mem max-logs-operate max-message-length max-packet-mem max-packet-memory max-retrans-time max-session-number max-sessions max-tcp-session-packet-memory max-time-report max-timers-poll-ticks max-udp-session-packet-memory maximize-idp-sessions maximum-aggregate-pool maximum-burst maximum-cache-size maximum-call-duration maximum-capture-size maximum-contention-window maximum-entries maximum-message-length maximum-power maximum-stations media-source-port-any media-type member member-interfaces mesh-group message-flood message-size message-type metric-out mgcp mime-pattern mime-whitelist min-message-length minimum-contention-window minimum-interval minimum-links minimum-receive-interval mode mpls msrpc mss mtu-discovery multicast-scope multihop multiplier name name-server nat nat-cone-binding nat-destination-pool nat-destination-rule nat-interface-port-ol nat-keepalive nat-nopat-address nat-pat-address nat-pat-portnum nat-port-ol-ipnumber nat-rule-refrenced-prefix nat-source-pool nat-source-rule nat-static-rule native-vlan-id negate neighbor-discovery neighbor-discovery-router-advertisement nested-application nested-application-settings netconf network network-management next-hop-tunnel no advertise-peer-as no-acknowledgement no-adaptation no-aggregator-id no-allow-url no-anti-replay no-application-identification no-application-system-cache no-auto-power-save no-autoupdate no-broadcast-ssid no-client-reflect no-intelligent-prescreening no-nat-traversal no-nexthop-change no-notify-mail-recipent no-notify-mail-sender no-policy-cold-synchronization no-recommended no-remote-trace no-sbl-default-server no-short-guard-interval-supported no-syn-check no-syn-check-in-tunnel no-tcp-reset no-uri-check no-wifi-multimedia node node-terminate-count node-terminate-interval non-cryptographic-self-test nonviolate not notification notification-options notify-mail-recipient notify-mail-sender ntp ntp-server number oid onlink-subnet-only op optimized option option-refresh-rate optional order other out-delay out-of-resources output-filename output-format over-limit overflow-pool overrides packet-action packet-capture packet-filter packet-log packet-ordering-mode pair-policy pass-through password-file path-rate-limit path-selection pattern pattern-update peer-as peer-certificate-type peer-selection-service pending-sess-queue-length perfect-forward-secrecy performance periodic permit-command persistent-nat pgcp-service pic-mode pic-services-logging ping-death pki pki-local-certificate policer policies policy policy-lookup-cache policy-match policy-rematch policy-with-count pool pool-default-port-range pool-utilization-alarm pop3-profile port port-overloading port-overloading-factor port-randomization port-scan post-attack post-attack-timeout potential-violation ppp-over-ether pppoe pre-attack pre-filter-shellcode pre-shared-key predefined-attack-groups predefined-attacks preempt preference preferred-ciphers prefix prefix-name primary-server priority priority-override probe probe-interval probe-limit probe-server probe-type process-ignore-s2c process-override process-port products profile profilerd promiscuous-mode propagate-settings proposal proposal-set proposals protect protection protocol protocol-binding protocol-command protocol-name protocol-version protocols proxy proxy-arp proxy-identify proxy-ndp quality quality-of-service quarantine-message r2cp radio radio-interface radio-off radio-options radio-router radius-options radius-server raise-threshold raise-trap range range-address rapid-commit rate-limit rate-limiters re-assembler re-enroll-trigger-time-percentage re-generate-keypair real reauthentication recommended recommended-action reconfigure redirect-traffic redirect-url redirect-wx redundancy-group redundancy-interface-process redundant-ether-options redundant-parent refresh refresh-from refresh-timeout regexp reject reject-timeout remote remote-exceptions remote-execution remote-identity remote-protected-resources remove-ie renegotiation replay-attacks req-option reset reset-on-policy resource resource-manager respond-bad-spi restart restart-path restart-time retain-hold-resource reth-count retransmission-attempt retransmission-interval retry retry-count retry-interval reverse revert-interval revocation-check rewrite-rules root-authentication root-ca root-logical-system route-active-on route-change-timeout routing-engine routing-instance routing-instance-access routing-interface routing-options rpc rpc-program-number rpm rsh rst-invalidate-session rst-sequence-check rts-threshold rule rule-session-count-alarm rule-set rule-sets rulebase-ddos rulebase-exempt rulebase-ips sampling sbl sbl-default-server scan-extension scan-mode scan-options sccp scheduler scheduler-map scheduler-name schedulers scope screen scripts sctp search search-filter secondary-server secure-domains secure-neighbor-discovery securid-server security security-log security-log-percent-full security-profile security-profile-resources security-zone select-profile sensor-configuration separator seq-number-validated sequence-check-required sequence-number server server-address server-certificate server-certificate-subject server-connectivity server-member-communication server-port service services services-offload session-affinity session-close session-distribution-mode session-id-cache-timeout session-init session-mode session-options session-terminate-count session-terminate-interval session-update-interval sessions sessions-per-client severity shaping-rate shellcode signature simple-filter simple-mail-client-service sip sip-user-id site-reputation-action size smtp-profile snmp sockets softwires sophos-engine source source-address source-address-excluded source-address-filter source-address-name source-except source-filtering source-identity source-interface source-ip source-ip-based source-nat source-port source-threshold space-time-block-coding spam-action speed spi sql ssh ssh-known-hosts ssid ssl ssl-encryption ssl-inspection ssl-proxy ssl-termination-profile stale-routes-time start-date start-log start-time starts-with static static-mac static-nat static-subscribers static-wep station-isolation station-mac-filter station-queues statistics statistics-service stop-date stop-time stream strict-syn-check subscriber-management subscriber-management-helper success sunrpc support-lib suppression surf-control-integrated sxl-retry sxl-timeout syn-ack-ack-proxy syn-check-required syn-fin syn-flood syn-flood-protection-mode syn-frag syslog syslog-options system system-generated-certificate system-services t1-interval t4-interval tacplus-server talk target targets tcp tcp-flags tcp-initial-timeout tcp-mss tcp-no-flag tcp-options tcp-rst tcp-session tcp-sweep telemetries template template-refresh-rate term terminal termination test test-only-mode then threshold thresholds time-binding time-binding-count time-binding-period statement time-interval time-of-day time-wait-state time-zone timeout timeout-action to to-zone too-many-requests tos total-length total-memory traceoptions tracing traffic-options transaction-timeout transfer-delay transmit-interval transmit-opportunity-limit transmit-power transmit-rate-sets trap-group trap-options traps trickling trigger trusted-ca ttl tunable-name tunable-value tunnel tunnel-queuing type u-tunnel-validated uac-policy uac-service udp udp-anticipated-timeout udp-sweep uid unframed no-unframed unified-access-control unit unknown-message untagged-vlan update-router-advertisement update-server upload upload-profile urgent-pointer uri-check url url-blacklist url-pattern url-whitelist usb usb-control use-interface user user-at-hostname user-firewall user-groups user-id user-identification user-name username utm utm-policy uuid value-hit-rate-threshold vbr rate vdsl-profile vendor-id version version9 video-queue view virtual-access-point virtual-channel-group virtual-channel-groups virtual-channels virus-detection vlan vlan-id vlan-id-list vlan-tagging voice-queue vpn vpn-monitor vpn-monitor-options vrrp watchdog web-authentication web-filtering web-management web-redirect web-redirect-to-https websense-redirect weight white-list whitelist wildcard window-scale window-size winnuke wins-server wireless-lan-service wireless-wan wireless-wan-service within wpa-enterprise wpa-personal xauth xauth-attributes zone zones privilege auth-server nsrp 28 | outside any 0.0.0.0 any4 any6 pre-shared-key telnet ldap pptp tftp-server ftp ip 29 | permit management-only inside 30 | exit set id add 255.255.255.255 31 | md5-authentication md5 secret encrypted-password password sip-password preshare 32 | unset 33 | 34 | 35 | 00[ 01 02] 03" 04 05" 06' 07 08' 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /webapp/burpsuite/project_options.json: -------------------------------------------------------------------------------- 1 | { 2 | "bambda":{ 3 | "http_history_display_filter":{ 4 | "bambda":"return true;" 5 | }, 6 | "logger_display_filter":{ 7 | "bambda":"return true;" 8 | }, 9 | "web_sockets_history_display_filter":{ 10 | "bambda":"return true;" 11 | } 12 | }, 13 | "logger":{ 14 | "capture_filter":{ 15 | "by_mime_type":{ 16 | "capture_css":true, 17 | "capture_flash":true, 18 | "capture_html":true, 19 | "capture_images":true, 20 | "capture_other_binary":true, 21 | "capture_other_text":true, 22 | "capture_script":true, 23 | "capture_xml":true 24 | }, 25 | "by_request_type":{ 26 | "capture_only_in_scope_items":false, 27 | "capture_only_parameterized_requests":false, 28 | "discard_items_without_responses":false 29 | }, 30 | "by_search":{ 31 | "case_sensitive":false, 32 | "negative_search":false, 33 | "regex":false, 34 | "term":"" 35 | }, 36 | "by_status_code":{ 37 | "capture_2xx":true, 38 | "capture_3xx":true, 39 | "capture_4xx":true, 40 | "capture_5xx":true 41 | }, 42 | "by_tool":{ 43 | "capture_extender":true, 44 | "capture_intruder":true, 45 | "capture_proxy":true, 46 | "capture_repeater":true, 47 | "capture_scanner":true, 48 | "capture_sequencer":true, 49 | "capture_target":true 50 | }, 51 | "capture_enabled":true, 52 | "capture_memory_limit_mb":100, 53 | "limit_request_response_size":{ 54 | "capture_requests_up_to":"1MB", 55 | "capture_responses_up_to":"1MB" 56 | }, 57 | "session_handling":{ 58 | "ignore_session_handling_requests":false 59 | }, 60 | "task_capture_memory_limit_mb":20 61 | }, 62 | "display_filter":{ 63 | "by_annotation":{ 64 | "show_only_commented_items":false, 65 | "show_only_highlighted_items":false 66 | }, 67 | "by_file_extension":{ 68 | "hide_items":[ 69 | "js", 70 | "gif", 71 | "jpg", 72 | "png", 73 | "css" 74 | ], 75 | "hide_specific":false, 76 | "show_items":[ 77 | "asp", 78 | "aspx", 79 | "jsp", 80 | "php" 81 | ], 82 | "show_only_specific":false 83 | }, 84 | "by_mime_type":{ 85 | "show_css":true, 86 | "show_flash":true, 87 | "show_html":true, 88 | "show_images":true, 89 | "show_other_binary":true, 90 | "show_other_text":true, 91 | "show_script":true, 92 | "show_xml":true 93 | }, 94 | "by_request_type":{ 95 | "hide_items_without_responses":false, 96 | "show_only_in_scope_items":false, 97 | "show_only_parameterized_requests":false 98 | }, 99 | "by_search":{ 100 | "case_sensitive":false, 101 | "negative_search":false, 102 | "regex":false, 103 | "term":"" 104 | }, 105 | "by_status_code":{ 106 | "show_2xx":true, 107 | "show_3xx":true, 108 | "show_4xx":true, 109 | "show_5xx":true 110 | }, 111 | "by_tool":{ 112 | "show_extender":true, 113 | "show_intruder":true, 114 | "show_proxy":true, 115 | "show_repeater":true, 116 | "show_scanner":true, 117 | "show_sequencer":true, 118 | "show_target":true 119 | }, 120 | "filter_mode":"SETTINGS" 121 | } 122 | }, 123 | "organiser":{ 124 | "display_filter":{ 125 | "by_annotation":{ 126 | "show_only_highlighted_items":false, 127 | "show_only_notes_items":false 128 | }, 129 | "by_file_extension":{ 130 | "hide_items":[ 131 | "js", 132 | "gif", 133 | "jpg", 134 | "png", 135 | "css" 136 | ], 137 | "hide_specific":false, 138 | "show_items":[ 139 | "asp", 140 | "aspx", 141 | "jsp", 142 | "php" 143 | ], 144 | "show_only_specific":false 145 | }, 146 | "by_mime_type":{ 147 | "show_css":true, 148 | "show_flash":true, 149 | "show_html":true, 150 | "show_images":true, 151 | "show_other_binary":true, 152 | "show_other_text":true, 153 | "show_script":true, 154 | "show_xml":true 155 | }, 156 | "by_request_type":{ 157 | "hide_items_without_responses":false, 158 | "show_only_in_scope_items":false, 159 | "show_only_parameterized_requests":false 160 | }, 161 | "by_search":{ 162 | "case_sensitive":false, 163 | "negative_search":false, 164 | "regex":false, 165 | "term":"" 166 | }, 167 | "by_status_code":{ 168 | "show_2xx":true, 169 | "show_3xx":true, 170 | "show_4xx":true, 171 | "show_5xx":true 172 | }, 173 | "by_tool":{ 174 | "extensions":true, 175 | "intruder":true, 176 | "proxy":true, 177 | "repeater":true, 178 | "scanner":true, 179 | "sequencer":true, 180 | "target":true 181 | }, 182 | "status":{ 183 | "done":true, 184 | "ignored":true, 185 | "in_progress":true, 186 | "new":true, 187 | "postponed":true 188 | } 189 | } 190 | }, 191 | "project_options":{ 192 | "connections":{ 193 | "hostname_resolution":[], 194 | "out_of_scope_requests":{ 195 | "advanced_mode":false, 196 | "drop_all_out_of_scope":false, 197 | "exclude":[], 198 | "include":[], 199 | "scope_option":"suite" 200 | }, 201 | "platform_authentication":{ 202 | "credentials":[], 203 | "do_platform_authentication":true, 204 | "prompt_on_authentication_failure":false, 205 | "use_user_options":true 206 | }, 207 | "socks_proxy":{ 208 | "dns_over_socks":false, 209 | "host":"127.0.0.1", 210 | "password":"", 211 | "port":9090, 212 | "use_proxy":false, 213 | "use_user_options":true, 214 | "username":"" 215 | }, 216 | "timeouts":{ 217 | "connect_timeout":120000, 218 | "domain_name_resolution_timeout":300000, 219 | "failed_domain_name_resolution_timeout":60000, 220 | "normal_timeout":120000, 221 | "open_ended_response_timeout":10000 222 | }, 223 | "upstream_proxy":{ 224 | "servers":[], 225 | "use_user_options":true 226 | } 227 | }, 228 | "http":{ 229 | "http1":{ 230 | "enable_keep_alive":false 231 | }, 232 | "http2":{ 233 | "enable_http2":true 234 | }, 235 | "redirections":{ 236 | "understand_3xx_status_code":true, 237 | "understand_any_status_code_with_location_header":false, 238 | "understand_javascript_driven":false, 239 | "understand_meta_refresh_tag":true, 240 | "understand_refresh_header":true 241 | }, 242 | "status_100_responses":{ 243 | "remove_100_continue_responses":false, 244 | "understand_100_continue_responses":true 245 | }, 246 | "streaming_responses":{ 247 | "scope_advanced_mode":false, 248 | "store":true, 249 | "strip_chunked_encoding_metadata":true, 250 | "urls":[] 251 | } 252 | }, 253 | "misc":{ 254 | "collaborator_server":{ 255 | "location":"", 256 | "poll_over_unencrypted_http":false, 257 | "polling_location":"", 258 | "type":"default" 259 | }, 260 | "embedded_browser":{ 261 | "allow_running_without_sandbox":false, 262 | "disable_gpu":false 263 | }, 264 | "logging":{ 265 | "requests":{ 266 | "all_tools":"", 267 | "extender":"", 268 | "intruder":"", 269 | "proxy":"", 270 | "repeater":"", 271 | "scanner":"", 272 | "sequencer":"" 273 | }, 274 | "responses":{ 275 | "all_tools":"", 276 | "extender":"", 277 | "intruder":"", 278 | "proxy":"", 279 | "repeater":"", 280 | "scanner":"", 281 | "sequencer":"" 282 | } 283 | }, 284 | "scheduled_tasks":{ 285 | "tasks":[] 286 | } 287 | }, 288 | "sessions":{ 289 | "cookie_jar":{ 290 | "monitor_extender":false, 291 | "monitor_intruder":false, 292 | "monitor_proxy":true, 293 | "monitor_repeater":false, 294 | "monitor_scanner":false, 295 | "monitor_sequencer":false 296 | }, 297 | "macros":{ 298 | "macros":[] 299 | }, 300 | "session_handling_rules":{ 301 | "rules":[ 302 | { 303 | "actions":[ 304 | { 305 | "enabled":true, 306 | "match_cookies":"all_except", 307 | "type":"use_cookies" 308 | } 309 | ], 310 | "description":"Use cookies from Burp's cookie jar", 311 | "enabled":true, 312 | "exclude_from_scope":[], 313 | "include_in_scope":[], 314 | "named_params":[], 315 | "restrict_scope_to_named_params":false, 316 | "tools_scope":[ 317 | "Scanner" 318 | ], 319 | "url_scope":"all", 320 | "url_scope_advanced_mode":false 321 | } 322 | ] 323 | } 324 | }, 325 | "ssl":{ 326 | "client_certificates":{ 327 | "certificates":[], 328 | "use_user_options":true 329 | }, 330 | "negotiation":{ 331 | "allow_unsafe_renegotiation":false, 332 | "disable_ssl_session_resume":false, 333 | "enabled_ciphers":[], 334 | "enabled_protocols":[], 335 | "enforce_upstream_trust":false, 336 | "tls_negotiation_behavior":"use_platform_defaults" 337 | } 338 | } 339 | }, 340 | "proxy":{ 341 | "http_history_display_filter":{ 342 | "by_annotation":{ 343 | "show_only_commented_items":false, 344 | "show_only_highlighted_items":false 345 | }, 346 | "by_file_extension":{ 347 | "hide_items":[ 348 | "gif", 349 | "jpg", 350 | "png", 351 | "css", 352 | "woff", 353 | "woff2", 354 | "ttf", 355 | "svg", 356 | "ico" 357 | ], 358 | "hide_specific":true, 359 | "show_items":[ 360 | "asp", 361 | "aspx", 362 | "jsp", 363 | "php" 364 | ], 365 | "show_only_specific":false 366 | }, 367 | "by_listener":{ 368 | "port":"" 369 | }, 370 | "by_mime_type":{ 371 | "show_css":false, 372 | "show_flash":true, 373 | "show_html":true, 374 | "show_images":false, 375 | "show_other_binary":false, 376 | "show_other_text":true, 377 | "show_script":true, 378 | "show_xml":true 379 | }, 380 | "by_request_type":{ 381 | "hide_items_without_responses":false, 382 | "show_only_in_scope_items":true, 383 | "show_only_parameterized_requests":false 384 | }, 385 | "by_search":{ 386 | "case_sensitive":false, 387 | "negative_search":false, 388 | "regex":false, 389 | "term":"" 390 | }, 391 | "by_status_code":{ 392 | "show_2xx":true, 393 | "show_3xx":true, 394 | "show_4xx":true, 395 | "show_5xx":true 396 | }, 397 | "filter_mode":"SETTINGS" 398 | }, 399 | "intercept_client_requests":{ 400 | "automatically_fix_missing_or_superfluous_new_lines_at_end_of_request":false, 401 | "automatically_update_content_length_header_when_the_request_is_edited":true, 402 | "do_intercept":true, 403 | "rules":[ 404 | { 405 | "boolean_operator":"and", 406 | "enabled":true, 407 | "match_condition":"(^gif$|^jpg$|^png$|^css$|^js$|^ico$|^svg$|^ico$)", 408 | "match_relationship":"does_not_match", 409 | "match_type":"file_extension" 410 | } 411 | ] 412 | }, 413 | "intercept_server_responses":{ 414 | "automatically_update_content_length_header_when_the_response_is_edited":true, 415 | "do_intercept":true, 416 | "rules":[ 417 | { 418 | "boolean_operator":"or", 419 | "enabled":true, 420 | "match_condition":"text", 421 | "match_relationship":"matches", 422 | "match_type":"content_type_header" 423 | }, 424 | { 425 | "boolean_operator":"or", 426 | "enabled":true, 427 | "match_condition":"application/", 428 | "match_relationship":"matches", 429 | "match_type":"content_type_header" 430 | } 431 | ] 432 | }, 433 | "intercept_web_sockets_messages":{ 434 | "client_to_server_messages":true, 435 | "intercept_in_scope_only":false, 436 | "server_to_client_messages":true 437 | }, 438 | "match_replace_disable_out_of_scope":false, 439 | "match_replace_rules":[ 440 | { 441 | "comment":"Emulate IE", 442 | "enabled":false, 443 | "is_simple_match":false, 444 | "rule_type":"request_header", 445 | "string_match":"^User-Agent.*$", 446 | "string_replace":"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 447 | }, 448 | { 449 | "comment":"Emulate iOS", 450 | "enabled":false, 451 | "is_simple_match":false, 452 | "rule_type":"request_header", 453 | "string_match":"^User-Agent.*$", 454 | "string_replace":"User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B176 Safari/7534.48.3" 455 | }, 456 | { 457 | "comment":"Emulate Android", 458 | "enabled":false, 459 | "is_simple_match":false, 460 | "rule_type":"request_header", 461 | "string_match":"^User-Agent.*$", 462 | "string_replace":"User-Agent: Mozilla/5.0 (Linux; U; Android 2.2; en-us; Droid Build/FRG22D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" 463 | }, 464 | { 465 | "comment":"Require non-cached response", 466 | "enabled":false, 467 | "is_simple_match":false, 468 | "rule_type":"request_header", 469 | "string_match":"^If-Modified-Since.*$" 470 | }, 471 | { 472 | "comment":"Require non-cached response", 473 | "enabled":false, 474 | "is_simple_match":false, 475 | "rule_type":"request_header", 476 | "string_match":"^If-None-Match.*$" 477 | }, 478 | { 479 | "comment":"Hide Referer header", 480 | "enabled":false, 481 | "is_simple_match":false, 482 | "rule_type":"request_header", 483 | "string_match":"^Referer.*$" 484 | }, 485 | { 486 | "comment":"Require non-compressed responses", 487 | "enabled":false, 488 | "is_simple_match":false, 489 | "rule_type":"request_header", 490 | "string_match":"^Accept-Encoding.*$" 491 | }, 492 | { 493 | "comment":"Ignore cookies", 494 | "enabled":false, 495 | "is_simple_match":false, 496 | "rule_type":"response_header", 497 | "string_match":"^Set-Cookie.*$" 498 | }, 499 | { 500 | "comment":"Rewrite Host header", 501 | "enabled":false, 502 | "is_simple_match":false, 503 | "rule_type":"request_header", 504 | "string_match":"^Host: foo.example.org$", 505 | "string_replace":"Host: bar.example.org" 506 | }, 507 | { 508 | "comment":"Add spoofed CORS origin", 509 | "enabled":false, 510 | "is_simple_match":true, 511 | "rule_type":"request_header", 512 | "string_replace":"Origin: foo.example.org" 513 | }, 514 | { 515 | "comment":"Remove HSTS headers", 516 | "enabled":false, 517 | "is_simple_match":false, 518 | "rule_type":"response_header", 519 | "string_match":"^Strict\\-Transport\\-Security.*$" 520 | }, 521 | { 522 | "comment":"Disable browser XSS protection", 523 | "enabled":false, 524 | "is_simple_match":true, 525 | "rule_type":"response_header", 526 | "string_replace":"X-XSS-Protection: 0" 527 | } 528 | ], 529 | "miscellaneous":{ 530 | "disable_logging_to_history_and_site_map":false, 531 | "disable_out_of_scope_logging_to_history_and_site_map":false, 532 | "disable_web_interface":false, 533 | "remove_unsupported_encodings_from_accept_encoding_headers_in_incoming_requests":true, 534 | "set_connection_close_header_on_responses":false, 535 | "set_connection_header_on_requests":true, 536 | "strip_proxy_headers_in_incoming_requests":true, 537 | "strip_sec_websocket_extensions_headers_in_incoming_requests":true, 538 | "suppress_burp_error_messages_in_browser":false, 539 | "unpack_gzip_deflate_in_requests":false, 540 | "unpack_gzip_deflate_in_responses":true, 541 | "use_http_10_in_requests_to_server":false, 542 | "use_http_10_in_responses_to_client":false 543 | }, 544 | "request_listeners":[ 545 | { 546 | "certificate_mode":"per_host", 547 | "custom_tls_protocols":[], 548 | "enable_http2":true, 549 | "listen_mode":"loopback_only", 550 | "listener_port":8080, 551 | "running":true, 552 | "use_custom_tls_protocols":false 553 | } 554 | ], 555 | "response_modification":{ 556 | "convert_https_links_to_http":false, 557 | "enable_disabled_form_fields":false, 558 | "highlight_unhidden_fields":false, 559 | "remove_all_javascript":false, 560 | "remove_input_field_length_limits":false, 561 | "remove_javascript_form_validation":false, 562 | "remove_object_tags":false, 563 | "remove_secure_flag_from_cookies":false, 564 | "unhide_hidden_form_fields":false 565 | }, 566 | "ssl_pass_through":{ 567 | "apply_to_out_of_scope_items":true, 568 | "automatically_add_entries_on_client_ssl_negotiation_failure":false, 569 | "rules":[] 570 | }, 571 | "web_sockets_history_display_filter":{ 572 | "by_annotation":{ 573 | "show_only_commented_items":false, 574 | "show_only_highlighted_items":false 575 | }, 576 | "by_listener":{ 577 | "listener_port":"" 578 | }, 579 | "by_request_type":{ 580 | "hide_incoming_messages":false, 581 | "hide_outgoing_messages":false, 582 | "show_only_in_scope_items":false 583 | }, 584 | "by_search":{ 585 | "case_sensitive":false, 586 | "negative_search":false, 587 | "regex":false, 588 | "term":"" 589 | }, 590 | "filter_mode":"SETTINGS" 591 | } 592 | }, 593 | "repeater":{ 594 | "allow_http2_alpn_override":false, 595 | "enable_http1_keep_alive":false, 596 | "enable_http2_connection_reuse":true, 597 | "enforce_protocol_in_redirections":false, 598 | "follow_redirections":"never", 599 | "normalize_line_endings":true, 600 | "process_cookies_in_redirections":false, 601 | "strip_connection_header_over_http2":true, 602 | "unpack_gzip_deflate":true, 603 | "update_content_length":true 604 | }, 605 | "sequencer":{ 606 | "live_capture":{ 607 | "ignore_abnormal_length_tokens":true, 608 | "max_length_deviation":5, 609 | "num_threads":5, 610 | "throttle":0 611 | }, 612 | "token_analysis":{ 613 | "compression":true, 614 | "correlation":true, 615 | "count":true, 616 | "fips_long_run":true, 617 | "fips_monobit":true, 618 | "fips_poker":true, 619 | "fips_runs":true, 620 | "spectral":true, 621 | "transitions":true 622 | }, 623 | "token_handling":{ 624 | "base_64_decode_before_analyzing":false, 625 | "pad_short_tokens_at":"start", 626 | "pad_with":"0" 627 | } 628 | }, 629 | "target":{ 630 | "filter":{ 631 | "by_annotation":{ 632 | "show_only_commented_items":false, 633 | "show_only_highlighted_items":false 634 | }, 635 | "by_file_extension":{ 636 | "hide_items":[ 637 | "gif", 638 | "jpg", 639 | "png", 640 | "css", 641 | "woff", 642 | "woff2", 643 | "ttf", 644 | "svg", 645 | "ico" 646 | ], 647 | "hide_specific":true, 648 | "show_items":[ 649 | "asp", 650 | "aspx", 651 | "jsp", 652 | "php" 653 | ], 654 | "show_only_specific":false 655 | }, 656 | "by_folders":{ 657 | "hide_empty_folders":true 658 | }, 659 | "by_mime_type":{ 660 | "show_css":false, 661 | "show_flash":true, 662 | "show_html":true, 663 | "show_images":false, 664 | "show_other_binary":false, 665 | "show_other_text":true, 666 | "show_script":true, 667 | "show_xml":true 668 | }, 669 | "by_request_type":{ 670 | "hide_not_found_items":true, 671 | "show_only_in_scope_items":true, 672 | "show_only_parameterized_requests":false, 673 | "show_only_requested_items":false 674 | }, 675 | "by_search":{ 676 | "case_sensitive":false, 677 | "negative_search":false, 678 | "regex":false, 679 | "term":"" 680 | }, 681 | "by_status_code":{ 682 | "show_2xx":true, 683 | "show_3xx":true, 684 | "show_4xx":false, 685 | "show_5xx":true 686 | } 687 | }, 688 | "scope":{ 689 | "advanced_mode":true, 690 | "exclude":[], 691 | "include":[] 692 | } 693 | } 694 | } -------------------------------------------------------------------------------- /webapp/lists/union-column-counter.txt: -------------------------------------------------------------------------------- 1 | 13371 2 | 13371,13372 3 | 13371,13372,13373 4 | 13371,13372,13373,13374 5 | 13371,13372,13373,13374,13375 6 | 13371,13372,13373,13374,13375,13376 7 | 13371,13372,13373,13374,13375,13376,13377 8 | 13371,13372,13373,13374,13375,13376,13377,13378 9 | 13371,13372,13373,13374,13375,13376,13377,13378,13379 10 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710 11 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711 12 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712 13 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713 14 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714 15 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715 16 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716 17 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717 18 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718 19 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719 20 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720 21 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721 22 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722 23 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723 24 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724 25 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725 26 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726 27 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727 28 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728 29 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729 30 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730 31 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731 32 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732 33 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733 34 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734 35 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735 36 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736 37 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737 38 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738 39 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739 40 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740 41 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741 42 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742 43 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743 44 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744 45 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745 46 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746 47 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747 48 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748 49 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749 50 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750 51 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751 52 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752 53 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753 54 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754 55 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755 56 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756 57 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757 58 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758 59 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759 60 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760 61 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761 62 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762 63 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763 64 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764 65 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765 66 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766 67 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767 68 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768 69 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769 70 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770 71 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771 72 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772 73 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773 74 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774 75 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775 76 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776 77 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777 78 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778 79 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779 80 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780 81 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781 82 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782 83 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783 84 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784 85 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785 86 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786 87 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787 88 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788 89 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789 90 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790 91 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791 92 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792 93 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793 94 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794 95 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795 96 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795,133796 97 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795,133796,133797 98 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795,133796,133797,133798 99 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795,133796,133797,133798,133799 100 | 13371,13372,13373,13374,13375,13376,13377,13378,13379,133710,133711,133712,133713,133714,133715,133716,133717,133718,133719,133720,133721,133722,133723,133724,133725,133726,133727,133728,133729,133730,133731,133732,133733,133734,133735,133736,133737,133738,133739,133740,133741,133742,133743,133744,133745,133746,133747,133748,133749,133750,133751,133752,133753,133754,133755,133756,133757,133758,133759,133760,133761,133762,133763,133764,133765,133766,133767,133768,133769,133770,133771,133772,133773,133774,133775,133776,133777,133778,133779,133780,133781,133782,133783,133784,133785,133786,133787,133788,133789,133790,133791,133792,133793,133794,133795,133796,133797,133798,133799,1337100 101 | -------------------------------------------------------------------------------- /configs/npp/userDefineLang.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 00| 00|_ 00T1 00T2 00T3 00T4 00U1 00IE 00SEQ 00OPS 00WIN 00ECN 00SCAN 00OS: 00# 00SF 00Increasing 00Read 00============== 01 02 03 04 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | /tcp 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | open up 28 | filtered down [host down] 29 | ssl ssh 30 | ftp telnet 31 | closed 32 | PORT STATE SERVICE VERSION 33 | 34 | 35 | 00( 01 02) 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 00// 00$ 00# 01 02 03/* 04*/ 71 | 72 | 0x 73 | 74 | 75 | 76 | 77 | 78 | : + = 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | = == === X- Subject: To: 90 | todo Todo ToDo TODO ---- 91 | GET POST 92 | /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30 /31 /32 93 | 94 | 95 | 96 | 97 | 00[ 01 02] 03< 04 05> 06( 07 08) 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 03 04 00UDP 00 01 02 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | * ? 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | TELNET FTP SNMP SIP-PROXY PPTP 152 | HTTPS SSH SSL 153 | HTTP 154 | CLOSED TCPWRAPPED 155 | 156 | 157 | 158 | 159 | 00( 01 02) 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 00 01 02 03 04 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | : ? & 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | GET GET, HEAD HEAD, POST POST, OPTIONS OPTIONS, 214 | OSVDB- 215 | Nikto v2.1.4/2.1.5 216 | Hostname Target Host Port 217 | TRACE TRACE, alert 218 | / 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 232 | 233 | 234 | 235 | 236 | 237 | 238 | 239 | 240 | 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 249 | 250 | 251 | 252 | 253 | 254 | 255 | 256 | 00# 01 02 03 04 257 | 258 | 259 | 260 | 261 | 262 | 263 | 264 | : - / 265 | 266 | 267 | 268 | 269 | 270 | 271 | 272 | 273 | 274 | 275 | GET get 276 | POST put 277 | Mozilla 278 | Notice 279 | Warning delete 404 280 | Fatal Parse error FAILED denied DENIED 281 | PHP on line in 282 | 200 283 | 00[ 01 02] 03( 04 05) 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 284 | 285 | 286 | 287 | 288 | 289 | 290 | 291 | 292 | 293 | 294 | 295 | 296 | 297 | 298 | 299 | 300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | 309 | 310 | 311 | 312 | 313 | --------------------------------------------------------------------------------