This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
Tarek bugpie54
bugpie54
/ alert.js
Created
November 10, 2020 11:17
— forked from tomnomnom/alert.js
Ways to alert(document.domain)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
bugpie54
/ short-wordlist.txt
Created
November 10, 2020 11:18
— forked from tomnomnom/short-wordlist.txt
short-wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /.s3cfg | |
| /phpunit.xml | |
| /nginx.conf | |
| /.vimrc | |
| /LICENSE.md | |
| /yarn.lock | |
| /Gulpfile | |
| /Gulpfile.js | |
| /composer.json | |
| /.npmignore |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from requests.auth import HTTPBasicAuth | |
| auth = HTTPBasicAuth('natas16', 'WaIHEacj63wnNIBROHeqi3p9t0m5nhmh') | |
| chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | |
| existing_chars = '' | |
| password = '' | |
| for char in chars: |
bugpie54
/ JavascriptRecon.md
Created
February 2, 2021 06:04
My Javascript Recon Process - BugBounty
bugpie54
/ Amass Config
Created
February 5, 2021 03:05
— forked from PatrikFehrenbach/Amass Config
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2017-2020 Jeff Foley. All rights reserved. | |
| # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. | |
| # Should results only be collected passively and without DNS resolution? Not recommended. | |
| #mode = passive | |
| mode = active | |
| # The directory that stores the Cayley graph database and other output files | |
| # The default for Linux systems is: $HOME/.config/amass | |
| #output_directory = amass |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl --help | |
| Usage: curl [options...] <url> | |
| --abstract-unix-socket <path> Connect via abstract Unix domain socket | |
| --alt-svc <file name> Enable alt-svc with this cache file | |
| --anyauth Pick any authentication method | |
| -a, --append Append to target file when uploading | |
| --basic Use HTTP Basic Authentication | |
| --cacert <file> CA certificate to verify peer against | |
| --capath <dir> CA directory to verify peer against | |
| -E, --cert <certificate[:password]> Client certificate file and password |
bugpie54
/ nucleir.sh
Created
February 27, 2021 17:41
— forked from dwisiswant0/nucleir.sh
Automate nuclei
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nucleir() { | |
| local TPL="$HOME/Documents/nuclei-templates" | |
| [[ -z "${1}" ]] && { echo "-target/-l ?"; return; } | |
| [[ -z "${2}" ]] && { echo "Input target?"; return; } | |
| local T="" | |
| for i in `ls -1d ${TPL}/*/`; do | |
| if [[ ! "${i}" =~ (brute-force|examples|payloads) ]]; then |
bugpie54
/ my.cnf
Created
March 10, 2021 23:29
— forked from rohityadavcloud/my.cnf
Example MySQL my.cnf optimized
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [client] | |
| port = 3306 | |
| socket = /var/run/mysqld/mysqld.sock | |
| # This was formally known as [safe_mysqld]. Both versions are currently parsed. | |
| [mysqld_safe] | |
| socket = /var/run/mysqld/mysqld.sock | |
| nice = 0 | |
| syslog |
bugpie54
/ AngularTI.md
Created
March 12, 2021 11:19
— forked from mccabe615/AngularTI.md
Angular Template Injection Payloads
bugpie54
/ all.txt
Created
March 19, 2021 17:34
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
OlderNewer