Skip to content

Instantly share code, notes, and snippets.

View sdushantha's full-sized avatar

Siddharth Dushantha sdushantha

2.2k followers · 0 following
View GitHub Profile
@sdushantha
sdushantha / xss.svg
Created February 6, 2026 08:01
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@sdushantha
sdushantha / trending-gists.md
Created February 4, 2026 08:20
Trending Gists
@sdushantha
sdushantha / discover-gists.md
Created February 4, 2026 08:18
Discover Gists

Discover Gists

Did it work?

@sdushantha
sdushantha / term.html
Created September 22, 2025 12:42
<title>]1337;RequestAttention=fireworksTHIS IS FINE🔥!</title>
</title>
<meta name="Injection" content="
cE
]1337;ClearScrollback

cllcccccc:::::::ccll:,lOKKKKKKKKKKKKKKKKXKKKKKKKXKKKKKXKKKKKKKKKKKKKKKKK0c,cc:;:
ccccc::::::cllllllcclONMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMKc:lccc
:cccc::ccclllcccl::xNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMO;;c::
llllllllccccccccc,oNMMMWKOOKNWNWWWN0KNMMMMMWNNXKNMMMMWXKXNMWWWWWNKNMMMMMMMXc'::;
@sdushantha
sdushantha / kerberos_attacks_cheatsheet.md
Created May 26, 2025 14:16 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@sdushantha
sdushantha / cve-2018-16763.py
Created June 12, 2023 13:00
#!/usr/bin/python3
#
# POC of RCE on Fuel CMS v1.4.1 (CVE-2018-16763)
#
# Original author: Padsala Trushal
# Modified by: Siddharth Dushantha
#
# Modifications that've been made:
# - Cleaned output so that the word 'system' did not
# appear in every output
@sdushantha
sdushantha / fetch-words.sh
Last active August 19, 2025 01:45
List of all Wordle's 14,855 words fetched directly from Wordle's source code
#!/bin/bash
#
# Code used to fetch all of Wordle's words
#
# Save JavaScript code containing the list of words into wordle.js
curl https://www.nytimes.com/games-assets/v2/wordle.b53d5fe794f17d174ac9.js > wordle.js
# Get the array containing the list of words and remove array specific characters
cat wordle.js| grep -oE 'va=\[[^]]*]' | sed -e "s/va=\[//g" -e "s/\"//g" -e "s/,/\n/g" -e "s/]//g" > wordle-full-list.txt
@sdushantha
sdushantha / securitytxt.md
Created March 6, 2023 07:17

|Url |Contact |Expires |Encryption |Acknowledgments |Languages |Policy |Hiring | |------------------------------------------------------------|-----------------------------------------------|-------------------------------|-----------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------

@sdushantha
sdushantha / ms-objectid.py
Created February 27, 2023 11:46
import requests
import jwt
import argparse
import sys
def get_exernal_object_id(target, token):
headers = {
'Host': 'teams.microsoft.com',
'Authorization': f"Bearer {token}",
@sdushantha
sdushantha / test
Last active February 23, 2023 22:31
hello