#Bug_Bounty_Tips_27
🛡BugBounty_Tips
🌀Mirror a web directory structure
Use the following ‘wget’ command to recursively fetch all the files (+structure) to your machine:
How to find a directory listing on your target? A directory listing is a web server misconfiguration which we can identify using these:
1-Google Dorks
2-Shoadn Dorks
3-ffuf
4-dirsearch
Ex Shodan Dork:
Apache Directory Listings
🛡BugBounty_Tips
🌀Mirror a web directory structure
Use the following ‘wget’ command to recursively fetch all the files (+structure) to your machine:
wget -r --no-parent target.com/dirNow you can view the structure, search and grep in files.
How to find a directory listing on your target? A directory listing is a web server misconfiguration which we can identify using these:
1-Google Dorks
2-Shoadn Dorks
3-ffuf
4-dirsearch
Ex Shodan Dork:
Apache Directory Listings
http.title:"Index of /" http.html:".pem"☣️@InfoSecTube
GitHub
GitHub - ffuf/ffuf: Fast web fuzzer written in Go
Fast web fuzzer written in Go. Contribute to ffuf/ffuf development by creating an account on GitHub.
🛡Practice Platforms and sites that helpful for Bug Bounty hunters and Penetration testers
tryhackme
https://tryhackme.com
bWAPP
https://itsecgames.com
flAWS Cloud
https://flaws.cloud
Hack Yourself First
https://hackyourselffirst.troyhunt.com
2- OWASP Juice Shop
https://juice-shop.herokuapp.com
Google Gruyere
https://google-gruyere.appspot.com
Hack Me
https://hack.me
HackTheBox
https://hackthebox.eu
Root-Me
https://root-me.org
XSS Game
https://xss-game.appspot.com
Pentesterlab
https://pentesterlab.com
OverTheWire
https://overthewire.org/wargames/
Hacking Lab
https://hacking-lab.com/index.html
IO
https://io.netgarage.org
smashthestack
https://smashthestack.org
microcorruption
https://microcorruption.com/login
ExploitMe Mobile
https://securitycompass.github.io/AndroidLabs/index.html
Hax.Tor
https://hax.tor.hu/welcome/
Java Vulnerable Lab
https://github.com/CSPF-Founder/JavaVulnerableLab
Pwnos
https://pwnos.com
Ringzero
https://ringzer0team.com/challenges
Avatao
https://avatao.com
GameOver
https://sourceforge.net/projects/null-gameover/
HSCTF3
https://hsctf.com
☣️@InfoSecTube
tryhackme
https://tryhackme.com
bWAPP
https://itsecgames.com
flAWS Cloud
https://flaws.cloud
Hack Yourself First
https://hackyourselffirst.troyhunt.com
2- OWASP Juice Shop
https://juice-shop.herokuapp.com
Google Gruyere
https://google-gruyere.appspot.com
Hack Me
https://hack.me
HackTheBox
https://hackthebox.eu
Root-Me
https://root-me.org
XSS Game
https://xss-game.appspot.com
Pentesterlab
https://pentesterlab.com
OverTheWire
https://overthewire.org/wargames/
Hacking Lab
https://hacking-lab.com/index.html
IO
https://io.netgarage.org
smashthestack
https://smashthestack.org
microcorruption
https://microcorruption.com/login
ExploitMe Mobile
https://securitycompass.github.io/AndroidLabs/index.html
Hax.Tor
https://hax.tor.hu/welcome/
Java Vulnerable Lab
https://github.com/CSPF-Founder/JavaVulnerableLab
Pwnos
https://pwnos.com
Ringzero
https://ringzer0team.com/challenges
Avatao
https://avatao.com
GameOver
https://sourceforge.net/projects/null-gameover/
HSCTF3
https://hsctf.com
☣️@InfoSecTube
TryHackMe
TryHackMe | Cyber Security Training
TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!
🧭Register now for Hacker Halted!
Hacker Halted 2020 is a FREE and VIRTUAL event this year!
🛡link
📌 @Infosectube
Hacker Halted 2020 is a FREE and VIRTUAL event this year!
🛡link
📌 @Infosectube