Bug bounty Tips

😄

Violation Form: https://help.instagram.com/contact/383679321740945 Bully Form: https://help.instagram.com/contact/188391886430254 Human Pfp/Imp Form: https://help.instagram.com/contact/636276399721841 Sex Offender Form: https://help.instagram.com/contact/334013860059654 Copyright Form: https://help.instagram.com/contact/552695131608132 Underage Form: https://help.instagram.com/contact/723586364339719 Indian Grevaince Officer Form: https://help.instagram.com/contact/779201836048501 Remembering Form: https://help.instagram.com/contact/1474899482730688 Trademark Form: https://help.instagram.com/contact/230197320740525

Violation Form: https://help.instagram.com/contact/383679321740945 Bully Form: https://help.instagram.com/contact/188391886430254 Human Pfp/Imp Form: https://help.instagram.com/contact/636276399721841 Sex Offender Form: https://help.instagram.com/contact/334013860059654 Copyright Form: https://help.instagram.com/contact/552695131608132 Underage Form: https://help.instagram.com/contact/723586364339719 Indian Grevaince Officer Form: https://help.instagram.com/contact/779201836048501 Remembering Form: https://help.instagram.com/contact/1474899482730688 Trademark Form: https://help.instagram.com/contact/230197320740525

😄

SQLMap from Waybackurls ⚔️ waybackurls target | grep -E '\bhttps?://\S+?=\S+' | grep -E '\.php|\.asp' | sort -u | sed 's/\(=[^&]*\)/=/g' | tee urls.txt | sort -u -o urls.txt && cat urls.txt | xargs -I{} sqlmap --technique=T --batch -u "{}" #infosec #cybersce #bugbountytips

inurl:"/wp-content/plugins/country-state-city-auto-dropdown

Hunting on IPs : One Liners you can Try (Dont Relyy on them) 1. Find Ips shodan search Ssl.cert.subject.CN:"target.com" --fields ip_str | anew ips.txt >> Find Ips 2. Censys Search censys search "target.com" --index-type hosts | jq -c '.[] | {ip: .ip}' | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' 3. Naabu PortScan naabu -l targets.txt -rate 3000 -retries 3 -warm-up-time 0 -rate 150 -c 50 -ports 1-65535 -o out.txt 4. NMAP cidr cat cidr.txt | xargs -I @ sh -c 'nmap -v -sn @ | egrep -v "host down" | grep "Nmap scan report for" | sed 's/Nmap scan report for //g' | anew nmap-ips.txt' 5. FUZZing a List cat live.txt | xargs -I@ sh -c 'ffuf -w wordlists.txt -u @/FUZZ -mc 200' 6. Jaeles with list of targets wget raw.githubusercontent.com/arkadiyt/bount… -nv ; cat domains.txt | anew | httpx -silent -threads 500 | xargs -I@ jaeles scan -s /jaeles-signatures/ -u @

shttps://tib3rius.com/sqli

🚨LazyEgg - Hunting JS Files🚨 💥Command: waybackurls target | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} bash -c 'echo -e "\ntarget : {}\n" && python lazyegg[.]py "{}" --js_urls --domains --ips' 🔗Download https://lnkd.in/gnRJ5mzw

you Can Bypass openRedirect whitelist filter by using a technique called "Unicode homograph attack" this way..just copy and open this in your browser.. freevisit.ru/redirect/?g=…ⓦⓦⓦ.ⓕⓑⓘ.ⓖⓞⓥ

🔖Misconfig Mapper

A fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!

😴Github: 🔗Link #BugBounty #BugBountyTools 🔹 Share & Support Us 🔹 ✔️ Channel : @Hide_Club

Top 25 Bug Bounty Platform 01. Bugcrowd 02. HackerOne 03. Intigriti 04. YesWeHack 05. Synack, Inc. 06. HackenProof | Web3 bug bounty platform 07. Open Bug Bounty 08. Immunefi 09. Cobalt 10. Zerocopter 11. Yogosha 12. SafeHats 13. Vulnerability Research Labs, LLC 14. AntiHACKme Pte Ltd 15. RedStorm Information Security 16. Cyber Army Indonesia 17. Hacktrophy 18. Nordic Defender 19. Capture The Bug 20. Bugbounter 21. Detectify 22. BugBase 23. Code4rena 24. huntr 25. Pentabug Tag your favourite Bug Bounty platform in the comments ❤️