Skip to content

Instantly share code, notes, and snippets.

curl -s "https://rapiddns.io/subdomain/$1?full=1#result" | grep "<td><a" | cut -d '"' -f 2 | grep http | cut -d '/' -f3 | sed 's/#results//g' | sort -u
@abdulsec
abdulsec / .bash_profile
Created May 28, 2020 04:52 — forked from dwisiswant0/.bash_profile
SQLi & XSS Vulnerability Scanner
###
# ▶ go get -u github.com/lc/gau
# ▶ go get -u github.com/tomnomnom/qsreplace
# ▶ go get -u github.com/tomnomnom/hacks/kxss
# ▶ go get -u github.com/hahwul/dalfox
# ▶ git clone https://github.com/dwisiswant0/DSSS
###
gauq() {
if [[ "$(dig @1.1.1.1 A,CNAME {test321123,testingforwildcard,plsdontgimmearesult}.$domain +short | wc -l)" -gt "1" ]]; then
echo "[!] Possible wildcard detected."
fi
@abdulsec
abdulsec / gist:0bbfa85bba4a53bcd7efc06f42cda71c
Created June 19, 2020 22:15 — forked from yassineaboukir/gist:726992bd1f0a4eb637d150b7b5c66079
List of reserved names to blacklist from registration/username claim for security reasons and RFC compliance
abuse
admin
administrator
ftp
hostmaster
info
is
it
list
list-request
@abdulsec
abdulsec / WAHH_Task_Checklist.md
Created June 20, 2020 03:33 — forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
@abdulsec
abdulsec / WAHH_Task_Checklist.md
Created August 30, 2020 01:34 — forked from amotmot/WAHH_Task_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
@abdulsec
abdulsec / simple_dir_bruteforce.py
Created November 23, 2020 04:45 — forked from p5yph3r/simple_dir_bruteforce.py
This is a simple script that bruteforces the web directory with a dictionary or wordlist, it is very simple and fast and does it works properly. You are free to modify the code according to your need.
'''
usage :-
python <url> <wordlist> <extension>
for example :
python http://www.google.com/ common.txt .php
it supports all extensions & wordlists.
if you just want subdirectories write "/" in place of extension it will find it for you.
'''
import requests
@abdulsec
abdulsec / paying.md
Created January 5, 2021 17:00 — forked from random-robbie/paying.md
paying bug bounty companys taken from https://github.com/disclose/disclose
Program Name: 0x Project
Policy URL: https://blog.0xproject.com/announcing-the-0x-protocol-bug-bounty-b0559d2738c
Submission URL: team@0xproject.com



Program Name: 1Password Game
@abdulsec
abdulsec / cloud_metadata.txt
Created January 21, 2021 03:35 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@abdulsec
abdulsec / JavascriptRecon.md
Created January 21, 2021 04:51
My Javascript Recon Process - BugBounty

Description

This is a simple guide to perform javascript recon in the bugbounty

Steps

  • The first step is to collect possibly several javascript files (more files = more paths,parameters -> more vulns)