CF-Hero is a simple tool that helps you discover the origin IP of Cloudflare-protected servers using multiple sources! ๐
๐ github.com/musana/CF-Hero
๐ github.com/musana/CF-Hero
GitHub
GitHub - musana/CF-Hero: CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses ofโฆ
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications - musana/CF-Hero
๐ฅ10โค4๐ฟ1
๐ฎ๐ณ Operation CyberShakti
Independence Day Special Batch
Only for Beginners
๐ป Ethical Hacking & Web Pentesting
๐ Duration: 2 Months (Live Classes)
๐ฅ 10 Students Per Batch
๐ฐ โน3999
๐ https://brutsec.com/CyberShakti.pdf
๐ฉ Join / Ask Queries
Telegram: @wtf_brut
WhatsApp: wa.link/brutsecurity
https://wa.me/+918945971332
No experience? No problem.
Learn from scratch. Build real skills.
Only at Brut Security.
#OperationCyberShakti #BrutSecurity #EthicalHacking #BugBounty #Cybersecurity #BeginnersOnly
Independence Day Special Batch
Only for Beginners
๐ป Ethical Hacking & Web Pentesting
๐ Duration: 2 Months (Live Classes)
๐ฅ 10 Students Per Batch
๐ฐ โน3999
๐ https://brutsec.com/CyberShakti.pdf
๐ฉ Join / Ask Queries
Telegram: @wtf_brut
WhatsApp: wa.link/brutsecurity
https://wa.me/+918945971332
No experience? No problem.
Learn from scratch. Build real skills.
Only at Brut Security.
#OperationCyberShakti #BrutSecurity #EthicalHacking #BugBounty #Cybersecurity #BeginnersOnly
1โค12๐ฅ2๐ค1
This media is not supported in your browser
VIEW IN TELEGRAM
๐ต๏ธโโ๏ธ Bug Bounty Tip - Extract JavaScript File URLs from Any Page!
Forget opening DevTools - use this bookmarklet to instantly extract all .js file URLs and download them in a .txt file.
๐ Why this matters:
Quickly collect all linked JavaScript files
Use them for static analysis (LinkFinder, SecretFinder, etc.)
Great for recon, endpoint discovery & auth bypasses
๐ Bookmarklet Code:
๐ก How to use:
Create a new bookmark in your browser.
Paste the above code into the URL field.
Visit a target site and click the bookmark.
A javascript_urls.txt file will be downloaded with all .js links.
๐ฅ Now you can feed that into:
LinkFinder
SecretFinder
JSParser
Or manual analysis!
Forget opening DevTools - use this bookmarklet to instantly extract all .js file URLs and download them in a .txt file.
๐ Why this matters:
Quickly collect all linked JavaScript files
Use them for static analysis (LinkFinder, SecretFinder, etc.)
Great for recon, endpoint discovery & auth bypasses
๐ Bookmarklet Code:
javascript:(function(){let urls=[];document.querySelectorAll('*').forEach(e=>{urls.push(e.src,e.href,e.url)});urls=[...new Set(urls)].filter(u=>u&&u.endsWith('.js')).join('\n');let blob=new Blob([urls],{type:'text/plain'});let a=document.createElement('a');a.href=URL.createObjectURL(blob);a.download='javascript_urls.txt';a.click();})();๐ก How to use:
Create a new bookmark in your browser.
Paste the above code into the URL field.
Visit a target site and click the bookmark.
A javascript_urls.txt file will be downloaded with all .js links.
๐ฅ Now you can feed that into:
LinkFinder
SecretFinder
JSParser
Or manual analysis!
๐ฅ30โค21๐2๐2๐ณ1๐ค1
โกDependency Confusion via JS Miner
@GodfatherOrwa just landed a clean P1 by leveraging JS Miner in Burp Suite ๐ฅ
Hereโs how it went down ๐
๐งฉ After crawling all endpoints, he went to:
Target โ Extensions โ JS Miner โ Run All Passive Scans
๐ฅ Thatโs when he spotted: [JS Miner] Dependency Confusion
The vulnerable package was unclaimed on NPM ๐
๐ฆ Next steps he followed:
After claiming the package, he injected an RCE payload via
๐งช Full POC: github.com/orwagodfather/NPM-RCE
๐ฃ Result? A solid P1 vulnerability and a perfect example of how effective Dependency Confusion still is.
Props to @GodfatherOrwa for consistently dropping fire techniques ๐ฅ
@GodfatherOrwa just landed a clean P1 by leveraging JS Miner in Burp Suite ๐ฅ
Hereโs how it went down ๐
๐งฉ After crawling all endpoints, he went to:
Target โ Extensions โ JS Miner โ Run All Passive Scans
๐ฅ Thatโs when he spotted: [JS Miner] Dependency Confusion
The vulnerable package was unclaimed on NPM ๐
๐ฆ Next steps he followed:
npm login
mkdir <package-name> && cd <package-name>
npm init -y
npm publish --access public
After claiming the package, he injected an RCE payload via
package.json๐งช Full POC: github.com/orwagodfather/NPM-RCE
๐ฃ Result? A solid P1 vulnerability and a perfect example of how effective Dependency Confusion still is.
Props to @GodfatherOrwa for consistently dropping fire techniques ๐ฅ
GitHub
GitHub - orwagodfather/NPM-RCE: the POC of package.json RCE
the POC of package.json RCE. Contribute to orwagodfather/NPM-RCE development by creating an account on GitHub.
๐ฅ16โค8๐ฟ4๐1
๐ Bug Bounty Web Checklist
โ Track your web pentesting progress by checking each subcategory.
๐https://nemocyberworld.github.io/BugBountyCheckList/
โ Track your web pentesting progress by checking each subcategory.
๐https://nemocyberworld.github.io/BugBountyCheckList/
โค24๐9
BBRecon Masterflow - 2025.pdf
30.4 KB
๐ Bug Bounty Recon Masterflow โ 2025 Edition ๐
๐9โค6๐4๐จโ๐ป3
Grab all the GF Patterns from different Repositories at one shot !! ๐ฅ
*Link* : https://github.com/thecybertix/GF-Patterns
*Link* : https://github.com/thecybertix/GF-Patterns
GitHub
GitHub - thecybertix/GF-Patterns: This repository contains all the GF-Patterns Repositories. All we have to do is just to run theโฆ
This repository contains all the GF-Patterns Repositories. All we have to do is just to run the given Shell File and it's Done !! - thecybertix/GF-Patterns
๐7๐ฅ2โค1
โ๏ธ Nuclei forge: free tool that helps you visually create Nuclei YAML templates !๐ฅ
created by @payloadartist ! ๐
https://forge.bugbountyhunting.com
created by @payloadartist ! ๐
https://forge.bugbountyhunting.com
๐16โค7
๐ Wayback Subdomain Enumeration via Bash
Want to uncover hidden subdomains archived over time? This handy Bash function pulls subdomains from the Wayback Machine and helps with deep reconnaissance.
โ Add this to your ~/.bashrc:
๐งช Usage:
It filters subdomains from archived URLs and sorts them uniquely.
Want to uncover hidden subdomains archived over time? This handy Bash function pulls subdomains from the Wayback Machine and helps with deep reconnaissance.
โ Add this to your ~/.bashrc:
function wayback() {
curl -sk "https://web.archive.org/cdx/search/cdx?url=*.$1&output=txt&fl=original&collapse=urlkey&page=" | awk -F/ '{gsub(/:.*/, "", $3); print $3}' | sort -u
}๐งช Usage:
wayback target.comIt filters subdomains from archived URLs and sorts them uniquely.
๐ฅ18โค11๐8
โ
shosubgo - Small tool to Grab subdomains using Shodan API
โกhttps://github.com/incogbyte/shosubgo
โกhttps://github.com/incogbyte/shosubgo
โค12๐ฟ5๐1
โ
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
โกhttps://github.com/midoxnet/mapperplus
โกhttps://github.com/midoxnet/mapperplus
โค15๐2๐ฅ1
๐จ New Batch Starting โ August 2025 ๐จ
Brut Practical Web Penetration Testing (bPWP)
Weโre back with a fresh batch of our most in-demand training โ Brut Practical Web Penetration Testing โ starting this August!
๐ Learn the art of Web Hacking with:
โ 100% Practical Sessions
โ Bug Bounty Approach
โ Real-World Lab Scenarios
โ Lifetime Community Access
โ Beginner-Friendly with Advanced Techniques
๐ป Ideal for aspiring bug bounty hunters, cybersecurity students, and VAPT professionals.
๐ Limited Seats โ Enroll Now
๐ https://brutsec.com/bPWP
๐ฉ For Queries:
Telegram: @wtf_brut
WhatsApp: https://wa.link/brutsecurity |
Email: [email protected]
Brut Practical Web Penetration Testing (bPWP)
Weโre back with a fresh batch of our most in-demand training โ Brut Practical Web Penetration Testing โ starting this August!
๐ Learn the art of Web Hacking with:
โ 100% Practical Sessions
โ Bug Bounty Approach
โ Real-World Lab Scenarios
โ Lifetime Community Access
โ Beginner-Friendly with Advanced Techniques
๐ป Ideal for aspiring bug bounty hunters, cybersecurity students, and VAPT professionals.
๐ Limited Seats โ Enroll Now
๐ https://brutsec.com/bPWP
๐ฉ For Queries:
Telegram: @wtf_brut
WhatsApp: https://wa.link/brutsecurity |
+918945971332Email: [email protected]
โค11๐ค2
APKDeepLens is a Python based tool designed to scan Android applications (APK files) for security vulnerabilities.
โ https://github.com/d78ui98/APKDeepLens/
โ https://github.com/d78ui98/APKDeepLens/
โค12๐2