Skip to content

Instantly share code, notes, and snippets.

View pentestguy's full-sized avatar
🎯
Focusing

5hu8h4m/n4g4 pentestguy

🎯
Focusing
View GitHub Profile
@0x240x23elu
0x240x23elu / Jira bug-exploit
Last active March 12, 2024 09:45
Jira Bug CVE-2019-8449,CVE-2019-8451,CVE-2019-8451,cve-2018-20824,cve-2020-14179,cve-2020-14181,CVE-2018-5230
cve-2019-8449
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
https://jira.atlassian.com/browse/JRASERVER-69796
https://victomhost/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true
=====================================================================================================================================
@random-robbie
random-robbie / DutchGov.txt
Last active April 15, 2024 18:06
Dutch Gov - bug bounty scope - feel free to add more if you know they are in scope - taken from - https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid
http://www.rijksoverheid.nl
http://www.rivm.nl
http://coronadashboard.rijksoverheid.nl
http://www.nederlandwereldwijd.nl
http://www.government.nl
http://lci.rivm.nl
http://www.rvo.nl
http://www.defensie.nl
http://www.werkenvoornederland.nl
http://www.rijkswaterstaat.nl
@stevenswafford
stevenswafford / google-dorks
Created June 6, 2015 05:57
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!