🔖Extract domains from a list of subdomains or URLs. :
If you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
cat subdomainslist.txt | while read line; do python -c "import tldextract;domain = tldextract.extract('$line');extracted=str(domain.domain)+'.'+str(domain.suffix);print(extracted) if domain.domain != '' and extracted[-1] != '.' else False"; doneIf you know a better way to extract domains from a list of subdomains, please comment below👇🏻
#BugBounty #BugBountyTools
— Share & Support Us —
@Engineer_Computer
🔖The jsluice++ extension was published yesterday, which is a Burp Suite extension designed to passively and actively scan javascript traffic using the jsluice CLI.
The extension utilizes jsluice's ability to extract URLs, paths and secrets from static JavaScript files and integrates it with Burp Suite, allowing you to easily scan javascript traffic from Burp Suite's Sitemap or Proxy, while offering a user-friendly interface for data validation and many additional useful features.
github: https://github.com/0x999-x/jsluicepp
#BugBounty #BugBountyTools
@Engineer_Computer
The extension utilizes jsluice's ability to extract URLs, paths and secrets from static JavaScript files and integrates it with Burp Suite, allowing you to easily scan javascript traffic from Burp Suite's Sitemap or Proxy, while offering a user-friendly interface for data validation and many additional useful features.
github: https://github.com/0x999-x/jsluicepp
#BugBounty #BugBountyTools
@Engineer_Computer
🔖Who, What, Where, When, Wordlist
A detailed guide on how to create wordlists for different #cybersecurity tasks in 30 slides from twitter.com/TomNomNom.
📚PDF : https://tomnomnom.com/talks/wwwww.pdf
Do you want to create target specific wordlist for fuzzing backup files? you can use fback
#BugBounty #BugBountyTools
@Engineer_Computer
A detailed guide on how to create wordlists for different #cybersecurity tasks in 30 slides from twitter.com/TomNomNom.
📚PDF : https://tomnomnom.com/talks/wwwww.pdf
Do you want to create target specific wordlist for fuzzing backup files? you can use fback
#BugBounty #BugBountyTools
@Engineer_Computer
Top 25 Recon tools and their purpose
01. Amass (Attack Surface)
02. Subfinder (Subdomains Enumeration)
03. Assetfinder (Subdomains Enumeration)
04. Dnsx (DNS Resolution)
05. Puredns (DNS resolution)
06. Dnsvalidator (Active DNS Servers)
07. Naabu (Port Scanner)
08. Nmap (Port Scanner)
09. Masscan (Port Scanner at scale)
10. Httpx (Web server detection)
11. Aquatone (Screenshot)
12. Gowitness (Screenshot)
13. Waybackurls (Urls)
14. Gau (Urls)
15. Waymore (Urls)
16. Gospider (Web Crawler)
17. Ffuf (File&Dir Enumeration)
18. Dirsearch (File&Dir Enumeration)
19. Gobuster (File&Dir Enumeration)
20. Feroxbuster (File&Dir Enumeration)
21. Whatweb (Technology Detection)
22. Trufflehog (Credentials)
23. Gotator (Subdomain Permutation)
24. Altdns (Subdomain Permutation)
25. Nuclei (Vulnerability Detection)
#BugBountyTools
@Engineer_Computer
01. Amass (Attack Surface)
02. Subfinder (Subdomains Enumeration)
03. Assetfinder (Subdomains Enumeration)
04. Dnsx (DNS Resolution)
05. Puredns (DNS resolution)
06. Dnsvalidator (Active DNS Servers)
07. Naabu (Port Scanner)
08. Nmap (Port Scanner)
09. Masscan (Port Scanner at scale)
10. Httpx (Web server detection)
11. Aquatone (Screenshot)
12. Gowitness (Screenshot)
13. Waybackurls (Urls)
14. Gau (Urls)
15. Waymore (Urls)
16. Gospider (Web Crawler)
17. Ffuf (File&Dir Enumeration)
18. Dirsearch (File&Dir Enumeration)
19. Gobuster (File&Dir Enumeration)
20. Feroxbuster (File&Dir Enumeration)
21. Whatweb (Technology Detection)
22. Trufflehog (Credentials)
23. Gotator (Subdomain Permutation)
24. Altdns (Subdomain Permutation)
25. Nuclei (Vulnerability Detection)
#BugBountyTools
@Engineer_Computer
JShunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for developers and security researchers.
#infosec #cybersecurity #bugbounty #pentest #bugbountyTips #bugbountyTools
Please open Telegram to view this post
VIEW IN TELEGRAM