"responsible disclosure program" | "vulnerability disclosure program" | "vulnerability program rewards" | "bug bounty reward program"
inurl: vulnerability disclosure inurl: responsible disclosure
amass enum -brute -active -d domain.com -o amass-output.txt
cat amass-output.txt | httpx -silent
- For getting more info related to servers:
httpx -l amass-output.txt -follow-host-redirects -ip -status-code -title -content-length -web-server -silent
- For finding some hidden gems:
cat amass-output.txt | dnsgen - | httpx -silent
- dirsearch.py:
python3 dirsearch.py -u https://www.domain.com/ -e js,html
- FUFF:
ffuf -ac -v -u https://www.domain.com/FUZZ -w /home/kush/Pentest/SecLists/Discovery/Web-Content/directory-list-1.0.txt
- Finding directories from earlier point via wayback: use this
- use arjun to find hidden parameters:
arjun -u https://www.domain.com/login -c 10