echo rxerium.com | subfinder | httpx -nf | nuclei -tags tech,exposures,panel
Rishi rxerium
💥
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2025-61884 | |
| info: | |
| name: Detection for CVE-2025-61884 | |
| author: rxerium | |
| severity: high | |
| description: | | |
| This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may allow access to sensitive resources. | |
| metadata: | |
| shodan-query: html:"OA_HTML" |
rxerium
/ CVE-2025-32463-Checker.sh
Created
October 8, 2025 05:39
Vulnerability checker for CVE-2025-32463
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo --version | head -n1 | awk '{print $3}' | awk -F'p' '{printf "%s.%s", $1, ($2=="")?0:$2}' | awk '{if ($1 < 1.9 || ($1 == 1.9 && $2 < 17.1)) print "VULNERABLE"; else print "NOT-VULNERABLE"}' |
rxerium
/ whoisfreaks-reverse-whois.py
Created
February 17, 2025 11:10
This script performs bulk reverse WHOIS lookups using the WhoisFreaks API to retrieve domain registration details for a list of companies, saving the results in a JSON file while implementing rate limiting to avoid API restrictions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import time | |
| # Configuration | |
| API_KEY = "API_KEY" # Replace with your actual API key | |
| INPUT_FILE = "companies.txt" # File containing company names (one per line) | |
| OUTPUT_FILE = "output2.json" # JSON output file | |
| RATE_LIMIT_SECONDS = 60 # Wait time between requests to avoid rate limiting |
rxerium
/ whoxy-reverse-whois.py
Created
February 17, 2025 11:09
This script performs bulk reverse WHOIS lookups using the Whoxy API to retrieve domain registration details for a list of organizations, saving the results to a JSONL file while respecting API rate limits.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| def read_org_names(file_path): | |
| """Read organization names from a file (one per line).""" | |
| with open(file_path, 'r', encoding='utf-8') as file: | |
| return [line.strip() for line in file if line.strip()] | |
| def query_whoxy(api_key, org_name): | |
| """Query the Whoxy API for reverse WHOIS lookup based on organization name.""" |
rxerium
/ whoisxml-reverse-whois.py
Created
February 17, 2025 11:07
This script performs bulk reverse WHOIS lookups for company names from an input file, queries the WhoisXML API to retrieve associated domain names, and saves the results in a structured JSON format.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| # API Key | |
| api_key = "<ENTER_API_KEY>" | |
| url = "https://reverse-whois.whoisxmlapi.com/api/v2" | |
| # Read input list (one company per line) | |
| with open("input.txt", "r", encoding="utf-8") as file: | |
| company_names = [line.strip() for line in file if line.strip()] |
rxerium
/ CVE-2024-50623.yaml
Created
December 10, 2024 13:09
Nuclei template to detect vulnerable instances for CVE-2024-50623
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2024-50623 | |
| info: | |
| name: CVE-2024-50623 | |
| author: rxerium | |
| severity: high | |
| description: | | |
| Unrestricted file upload and download vulnerability in Cleo Harmony, VLTrader, and LexiCom before version 5.8.0.21, leading to remote code execution | |
| reference: | |
| - https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory |
rxerium
/ shodan-web-prodcut-export.sh
Created
June 8, 2024 17:30
Shodan Script to export all products that are run on common web ports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import shodan | |
| # Your Shodan API key | |
| api_key = 'YOUR_SHODAN_API_KEY' | |
| # Initialize the Shodan API | |
| api = shodan.Shodan(api_key) | |
| # Search queries for common web ports | |
| queries = [ |
rxerium
/ yt-video-summariser.py
Created
May 19, 2024 08:04
A python script that integrates with any given AI model to summarise Youtube videos
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from youtube_transcript_api import YouTubeTranscriptApi | |
| tc = YouTubeTranscriptApi.get_transcript("") | |
| file = open("transcript.txt", "w", encoding="utf-8") | |
| for i in tc: | |
| file.write(i['text'] + "\n") | |
rxerium
/ command.md
Created
March 9, 2024 08:57
Enumerate subdomains then detect services that are running on hosts provided by subfinder
rxerium
/ email-extractor.md
Last active
March 2, 2024 17:40
Extract email addresses from a given website
NewerOlder