Robofinder
I've developed a Python script that allows you to search for and retrieve historical
1. Clone the repository and install the required dependencies:
2. Run the program by providing a URL with the
Github: Link
#Recon #infosec #Archive #BugBountytips
I've developed a Python script that allows you to search for and retrieve historical
robots.txt files for any given website using Archive.org. This tool is particularly useful for security researchers and web archivists to discover previously accessible paths or directories that were once listed in a site's robots.txt.1. Clone the repository and install the required dependencies:
git clone https://github.com/Spix0r/robofinder.git
cd robofinder
pip install -r requirements.txt
2. Run the program by providing a URL with the
-u flag:python3 robofinder.py -u https://example.com
Github: Link
#Recon #infosec #Archive #BugBountytips
GitHub
GitHub - Spix0r/robofinder: Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to uncover previously…
Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to uncover previously disallowed directories and paths for any domain—essential for deepening your #OSINT and #reco...
🔖Find sensitive files using Wayback
#Recon #BugBountytips
waybackurls 123.com | grep - -color -E "1.xls | \\.tar.gz | \\.bak | \\.xml | \\.xlsx | \\.json | \\.rar | \\.pdf | \\.sql | \\.doc | \\.docx | \\.pptx | \\.txt | \\.zip | \\.tgz | \\.7z"
#Recon #BugBountytips
https://www.esecurityplanet.com/networks/nmap-vulnerability-scanning-made-easy/
#nmap #network #pentest
#nmap #network #pentest
eSecurity Planet
How To Use Nmap for Vulnerability Scanning: Complete Tutorial
Nmap is a powerful tool for vulnerability scanning. Learn how to use Nmap to discover and assess network vulnerabilities.
Forwarded from GDG on Campus AUT
🔒 Cybersecurity Meetup: Unlock the Future of Digital Security 🔒
Join us on 16th November 2024 for an insightful Cybersecurity Meetup focused on the future of digital security! This event will bring together experts, students, and enthusiasts from the field of cybersecurity to discuss and explore new challenges, tools, and solutions in the rapidly evolving digital landscape.
Agenda of the Event:
1) How to learn Cybersecurity, Akmal Sodiqov
2) Securing Your Digital Identity with Google Password Manager
3) How to land a job in Cybersecurity, Darya Rodina
4) Anti-Fraud, Aziz Abbosov
📅 Date: 16th November 2024
🕙 Time: 10:00 am - 3:00 pm
📍 Venue: AJOU University In Tashkent
Register to secure your spot: Link
🍕 Sponsored by Dodo Pizza
Don't miss out on this opportunity to expand your knowledge and secure your digital future! Click the link below to Register Now and secure your spot.
#CybersecurityMeetup #DigitalSecurity #UnlockTheFuture #Networking #DodoPizza
https://t.iss.one/gdgc_ajou
Join us on 16th November 2024 for an insightful Cybersecurity Meetup focused on the future of digital security! This event will bring together experts, students, and enthusiasts from the field of cybersecurity to discuss and explore new challenges, tools, and solutions in the rapidly evolving digital landscape.
Agenda of the Event:
1) How to learn Cybersecurity, Akmal Sodiqov
2) Securing Your Digital Identity with Google Password Manager
3) How to land a job in Cybersecurity, Darya Rodina
4) Anti-Fraud, Aziz Abbosov
📅 Date: 16th November 2024
🕙 Time: 10:00 am - 3:00 pm
📍 Venue: AJOU University In Tashkent
Register to secure your spot: Link
🍕 Sponsored by Dodo Pizza
Don't miss out on this opportunity to expand your knowledge and secure your digital future! Click the link below to Register Now and secure your spot.
#CybersecurityMeetup #DigitalSecurity #UnlockTheFuture #Networking #DodoPizza
https://t.iss.one/gdgc_ajou
Ghauri v1.3.8
Продвинутый кроссплатформенный инструмент, автоматизирующий процесс обнаружения и эксплуатации SQL-инъекций.
Поддерживаемые техники:
Поддерживаемые СУБД:
Поддерживаемые типы:
Добавлена поддержка:
Установка и запуск:
Продвинутый кроссплатформенный инструмент, автоматизирующий процесс обнаружения и эксплуатации SQL-инъекций.
Поддерживаемые техники:
Boolean based
Error Based
Time Based
Stacked Queries
Поддерживаемые СУБД:
MySQL
Microsoft SQL Server
Postgres
Oracle
Поддерживаемые типы:
GET/POST
Headers
Cookies
Mulitipart Form data
JSON
SOAP/XML
Добавлена поддержка:
--sql-shell --proxyУстановка и запуск:
git clone https://github.com/r0oth3x49/ghauri.git
python3 -m pip install --upgrade -r requirements.txt
python3 setup.py install
ghauri -u 'https://62.173.140.174:16015/user.php?login=asd&password=asd' --batch -v 2 --dbs
👍1
Сканер для проверки сайта Bitrix на наличие уязвимостей - Bitrix Scanner.
Этот скрипт сканирует распространенные уязвимости в Bitrix:
- открытые страницы входа в систему;
- открытые страницы регистрации;
- страницы, содержащие ошибки;
- панели администратора;
- content spoofing;
- open redirect;
- отраженный XSS;
- сохраненный XSS с помощью загрузки файла (работает только с Apache);
- SSRF.
https://github.com/k1rurk/check_bitrix
#tools #BitrixScanner #check #vulnerabilities
Этот скрипт сканирует распространенные уязвимости в Bitrix:
- открытые страницы входа в систему;
- открытые страницы регистрации;
- страницы, содержащие ошибки;
- панели администратора;
- content spoofing;
- open redirect;
- отраженный XSS;
- сохраненный XSS с помощью загрузки файла (работает только с Apache);
- SSRF.
https://github.com/k1rurk/check_bitrix
#tools #BitrixScanner #check #vulnerabilities
GitHub
GitHub - k1rurk/check_bitrix: Check bitrix vulnerabilities
Check bitrix vulnerabilities. Contribute to k1rurk/check_bitrix development by creating an account on GitHub.
🔖php-jpeg-injector - Injects php payloads into jpeg images. Related to this repo: 📱 GitHub
❓Use Case⤵️
You have a web application that runs a jpeg image through PHP's GD graphics library.
👀 Discover additional commands and options on GitHub page 👇
📱Github: Link
#BugBounty #BugBountyTools #pentest
This script injects PHP code into a specified jpeg image. The web application will execute the payload if it interprets the image. Make sure your input jpeg is uncompressed!
❓Use Case⤵️
You have a web application that runs a jpeg image through PHP's GD graphics library.
👀 Discover additional commands and options on GitHub page 👇
📱Github: Link
#BugBounty #BugBountyTools #pentest
🔥3
ffiec_it_handbook_information_security_booklet.pdf
572.5 KB
afrog - A Security Tool for Bug Bounty, Pentest and Red Teaming.
Installation
Github: Link
#BugBounty #Tools
afrog is a high-performance vulnerability scanner that is fast and stable. It supports user-defined PoC and comes with several built-in types, such as CVE, CNVD, default passwords, information disclosure, fingerprint identification, unauthorized access, arbitrary file reading, and command execution. With afrog, network security professionals can quickly validate and remediate vulnerabilities, which helps to enhance their security defense capabilities.
Installation
go install -v github.com/zan8in/afrog/v3/cmd/afrog@latest
Github: Link
#BugBounty #Tools
❤1