اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
Bug bounty Tips
رفتن به کانال در Telegram
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
نمایش بیشتر5 839
مشترکین
+1624 ساعت
+677 روز
+37530 روز
آرشیو پست ها
5 840
SQLMap from Waybackurls ⚔️
waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}"
#infosec #cybersce #bugbountytips
5 840
Hunting on IPs : One Liners you can Try
(Dont Relyy on them)
1. Find Ips
shodan search Ssl.cert.subject.CN:"target.com" --fields ip_str | anew ips.txt >> Find Ips
2. Censys Search
censys search "target.com" --index-type hosts | jq -c '.[] | {ip: .ip}' | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'
3. Naabu PortScan
naabu -l targets.txt -rate 3000 -retries 3 -warm-up-time 0 -rate 150 -c 50 -ports 1-65535 -o out.txt
4. NMAP cidr
cat cidr.txt | xargs -I @ sh -c 'nmap -v -sn @ | egrep -v "host down" | grep "Nmap scan report for" | sed 's/Nmap scan report for //g' | anew nmap-ips.txt'
5. FUZZing a List
cat live.txt | xargs -I@ sh -c 'ffuf -w wordlists.txt -u @/FUZZ -mc 200'
6. Jaeles with list of targets
wget raw.githubusercontent.com/arkadiyt/bount… -nv ; cat domains.txt | anew | httpx -silent -threads 500 | xargs -I@ jaeles scan -s /jaeles-signatures/ -u @
5 840
🚨LazyEgg - Hunting JS Files🚨
💥Command:
waybackurls target | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} bash -c 'echo -e "\ntarget : {}\n" && python lazyegg[.]py "{}" --js_urls --domains --ips'
🔗Download https://lnkd.in/gnRJ5mzw5 840
you Can Bypass openRedirect whitelist filter by using a technique called "Unicode homograph attack" this way..just copy and open this in your browser..
freevisit.ru/redirect/?g=…ⓦⓦⓦ.ⓕⓑⓘ.ⓖⓞⓥ
5 840
🔖Jason Haddix - The Bug Hunter's Methodology Live Course 2024
🔑Password:
GREENARMOR
#course
🔹 Share & Support Us 🔹
✔️ Channel : @Hide_Club5 840
🔖Misconfig Mapper
A fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!😴Github: 🔗Link #BugBounty #BugBountyTools 🔹 Share & Support Us 🔹 ✔️ Channel : @Hide_Club
5 840
Top 25 Bug Bounty Platform
01. Bugcrowd
02. HackerOne
03. Intigriti
04. YesWeHack
05. Synack, Inc.
06. HackenProof | Web3 bug bounty platform
07. Open Bug Bounty
08. Immunefi
09. Cobalt
10. Zerocopter
11. Yogosha
12. SafeHats
13. Vulnerability Research Labs, LLC
14. AntiHACKme Pte Ltd
15. RedStorm Information Security
16. Cyber Army Indonesia
17. Hacktrophy
18. Nordic Defender
19. Capture The Bug
20. Bugbounter
21. Detectify
22. BugBase
23. Code4rena
24. huntr
25. Pentabug
Tag your favourite Bug Bounty platform in the comments ❤️
5 840
Burp Suite Professional v2024.3.1.2 + BurpBounty_Pro 2.8.0 + JDK 22
pass: 311138
README (en+ru) inside, plz read it before run BS.
Happy Hacking! 🥳
Run with Java SE JDK 22
5 840
A brief peak onto one of the world's most high profile cases involving nation state actors, millions of dollars and thousands of hours of work involving 5 countries across 3 continents over at least half a decade.
5 840
One command to search for an open redirect vulnerability 🔥
echo "tesla.com" | waybackurls | httpx -silent -timeout 2 -threads 100 | gf redirect | anew