Program Name: 0x Project
Policy URL: https://blog.0xproject.com/announcing-the-0x-protocol-bug-bounty-b0559d2738c
Submission URL: team@0xproject.com
Program Name: 1Password Game
https://www.google.com |
https://www.google.com |
#!/bin/bash | |
# If you find a site with /_wpeprivate/config.json file exposed, run this and get all kinds of fun goodies. | |
# If it "no worked" (Technical Term) then you probably need to install jq! | |
TARGET=$1 | |
TARGETDOMAIN=$(echo $TARGET | cut -d/ -f3) | |
# Pretty Colors | |
RESET='\033[00m' | |
GREEN='\033[01;32m' |
#!/bin/bash | |
# | |
# Execute as wget -O - gist_url | bash | |
# | |
# Couldn't add gist url as, it changes after every update i.e. as soon as I save this, it's url will change :p | |
# | |
# It's debian based, so for centos and likewise you have to change apt to yum and similarly | |
# | |
InstallationStartTime=$(date +%s) |
#!/bin/bash | |
if [ -z "$2" ] | |
then | |
echo "2nd Argument not supplied" | |
echo "2nd argument can be basic or advanced,it used for nmap" | |
echo "Usage : ./master_script.sh domain basic|advanced" | |
exit 1 | |
fi |
{ | |
"mode": "patterns", | |
"proxySettings": [ | |
{ | |
"address": "127.0.0.1", | |
"port": 8080, | |
"username": "", | |
"password": "", | |
"type": 1, | |
"title": "127.0.0.1:8080", |
Bulb: https://images-na.ssl-images-amazon.com/images/I/51mhtAibkwL._SL1500_.jpg | |
Pipe: https://5.imimg.com/data5/FY/EL/MY-4600740/heavy-duty-industrial-pvc-pipe-500x500.jpg | |
WIre: https://quinled.info/wp-content/uploads/2018/10/cabkethickness-1.jpg | |
Brick: https://images.homedepot-static.com/productImages/21bd11f8-81e9-4ea6-a9c8-cba1ed8119e7/svn/bricks-red0126mco-64_1000.jpg | |
--------DB Strcture------------- | |
CREATE TABLE T_Merchant_details | |
( | |
mid int primary key NOT NULL, |
https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code | |
https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code | |
https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code | |
https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code | |
https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code | |
https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code | |
https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI |
Program Name: 0x Project
Policy URL: https://blog.0xproject.com/announcing-the-0x-protocol-bug-bounty-b0559d2738c
Submission URL: team@0xproject.com
Program Name: 1Password Game
curl -L -k -s https://www.example.com | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu | |
# debug mode and absolute/relative urls support (the best one): | |
function ejs() { | |
URL=$1; | |
curl -Lks $URL | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | sed -r "s/^src['\"]?[=:]['\"]//g" | awk -v url=$URL '{if(length($1)) if($1 ~/^http/) print $1; else if($1 ~/^\/\//) print "https:"$1; else print url"/"$1}' | sort -fu | xargs -I '%' sh -c "echo \"'##### %\";curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"('#####.*)|(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\" | sort -fu" | tr -d |