es
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

Ir al canal en Telegram
7 461
Suscriptores
+424 horas
+357 días
+17030 días
Archivo de publicaciones
70+ Vital Windows Commands .pdf6.42 KB

Master Shell Scripting Zero to Interview Ready!🔥.pdf1.52 MB

From Day ZeroTo Zero Day-EA.pdf9.10 KB

???
???

Metasploit Handbook Guide For Beginners .pdf27.66 MB

Reverse Shell CheatSheet.pdf2.42 MB

Basic Network Concepts for Hacking.pdf2.33 MB

Linux Commands Cheat Sheet - Codelivly.pdf6.33 MB

🔴Replace subdomains.txt with the filename of your subdomains list.
#!/bin/bash

go install -v github.com/tomnomnom/anew@latest
subdomain_list="subdomains.txt"

for sub in $( ( cat $subdomain_list | rev | cut -d '.' -f 3,2,1 | rev | sort | uniq -c | sort -nr | grep -v '1 ' | head -n 10 && cat subdomains.txt | rev | cut -d '.' -f 4,3,2,1 | rev | sort | uniq -c | sort -nr | grep -v '1 ' | head -n 10 ) | sed -e 's/^[[:space:]]*//' | cut -d ' ' -f 2);do 
    subfinder -d $sub -silent -max-time 2 | anew -q passive_recursive.txt
    assetfinder --subs-only $sub | anew -q passive_recursive.txt
    amass enum -timeout 2 -passive -d $sub | anew -q passive_recursive.txt
    findomain --quiet -t $sub | anew -q passive_recursive.txt
done

🔖Subdomain Enumeration - Recursive 💡Note: This technique is only useful when your target has a large number of multi-level
🔖Subdomain Enumeration - Recursive 💡Note:
This technique is only useful when your target has a large number of multi-level subdomains(not effective for small & medium scope targets). Execute this technique as the final step.
🧑‍💻Workflow: 🔴Step-1
Read the list of subdomains from the file "subdomains.txt".
🔴Step-2
Process the subdomains in two steps: a) Find the Top-10 most frequent occuring Second-Level Domain names with the help of tools like cut, sort, rev, uniq, etc. b) Find the Top-10 most frequent occuring Third-Level domains.
🔴Step-3
Now run passive subdomain enumeration on these 10 Second-level domain names and 10 Third-level domain names using tools like amass, subfinder, assetfinder, findomain.
🔴Step-4
Keep appending the results to passive_recursive.txt file.
🔴Step-5
Now after finding out the a list of domain names, run puredns to DNS resolve them and find the alive subdomains. Replace subdomains.txt with the filename of your subdomains list.
👇🏻Check the Example Script on the next post.

Encoding، Encryption و Hashing
Encoding، Encryption و Hashing

💠 Command Injection: Leveraging OS Commands for Exploits 🔗 https://hacklido.com/blog/989-command-injection-leveraging-os-commands-for-exploits

■■■■□ Leaking the email of any YouTube user for $10,000. https://brutecat.com/articles/leaking-youtube-emails

► DVWA Lab16 — XSS Stored — Pentest Published: Thu, 13 Feb 2025 11:01:38 GMT Link: https://medium.com/p/e41788f32faf

► Day 8: Self-XSS + Login & Logout CSRF + OAuth Hijacking Published: Thu, 13 Feb 2025 08:47:41 GMT Link: https://medium.com/p/83c848ad9a1e

HTB - Senior Web Penetration Tester 2024.11.rar89.67 MB

Exclusive 👻🥳HTB Academy - Senior Web Penetration Tester learning path🌐☄️ 👻🥳 Download Full Course Now
Exclusive 👻🥳HTB Academy - Senior Web Penetration Tester learning path🌐☄️ 👻🥳 Download Full Course Now