Skip to content

Instantly share code, notes, and snippets.

View Diaa-Hassan's full-sized avatar
🧙

Diaa Hassan Diaa-Hassan

🧙
58 followers · 267 following
View GitHub Profile
@bing0o
bing0o / myffuf.sh
Last active July 8, 2022 12:36
#!/bin/bash
usage() {
echo -e "
#Options:
-f, --file\t the domains list file
-t, --thread\t the threads number
-w, --wordlist\t the wordlist
-o, --output\t the output directory
@j3rrykh4n
j3rrykh4n / GoldDigger
Last active July 8, 2022 14:11
Look for Hole and dig everything ~_~
Technology
Subdomain Enumeration:
# Basic usage
subfinder -d example.com > example.com.subs
# Recursive
subfinder -d example.com -recursive -silent -t 200 -v -o example.com.subs
@secfb
secfb / Web-Attack-Cheat-Sheet.md
Created May 8, 2020 20:53
Web-Attack-Cheat-Sheet.md

Web-Attack-Cheat-Sheet

Discovering

Bug Bount Targets

https://github.com/arkadiyt/bounty-targets-data

IP Enumeration

http://www.asnlookup.com/
@cihanmehmet
cihanmehmet / subdomain_wordlist.md
Last active August 24, 2025 08:37
Subdomain Wordlist
@Anon-Exploiter
Anon-Exploiter / automateSubdEnum.sh
Last active July 8, 2022 13:05
For enumeration of subdomains from different scripts -- this will be getting used in a docker image soon
#!/bin/bash
mainPATH=$(pwd)/
bar="---------------------------------------"
echo -e "\n$bar\n\tSubdomains Enumerator\n$bar\n"
read -p "Please enter target (i.e. site.com): " domain
HOST=$domain
@dwisiswant0
dwisiswant0 / nuclei-scan.sh
Last active July 8, 2022 13:46
Automate nuclei for given hosts
#!/bin/bash
OUT="~/nuclei-results/$1"
TPL="~/nuclei-templates"
mkdir -p ${OUT}
SUB=$(subfinder -d $1 -silent | httprobe | tee ${OUT}/$1.txt)
cd ${TPL}; git pull origin master && cd -
for tpl in $(find $TPL -name "*.yaml"); do $GOPATH/bin/nuclei -l ${OUT}/$1.txt -t $tpl -o "${OUT}/$(basename "$tpl" .yaml).txt"; done
find ${OUT} -name "*.txt" -size 0 -delete
@dwisiswant0
dwisiswant0 / .bash_profile
Created May 27, 2020 07:38
SQLi & XSS Vulnerability Scanner
###
# ▶ go get -u github.com/lc/gau
# ▶ go get -u github.com/tomnomnom/qsreplace
# ▶ go get -u github.com/tomnomnom/hacks/kxss
# ▶ go get -u github.com/hahwul/dalfox
# ▶ git clone https://github.com/dwisiswant0/DSSS
###
gauq() {
@gh0sh
gh0sh / gf-and-gau-automate.sh
Last active November 30, 2022 10:02
Simple script to look for juicy endpoints with gf and gau
#!/usr/bin/env bash
#
# Requirements
# - Golang (for complete bug bounty tools, clone this https://github.com/x1mdev/ReconPi)
# - gau (go get -u github.com/lc/gau)
# - gf (go get -u github.com/tomnomnom/gf)
# - Gf-Patterns (https://github.com/1ndianl33t/Gf-Patterns) - Read the README.md for how to copy json file to ~/.gf/
cd ~/.gf
ls *.json > ~/patterns
@pikpikcu
pikpikcu / github-recon
Created June 20, 2020 10:24
“Hackme.tld” API_key
“Hackme.tld” secret_key
“Hackme.tld” aws_key
“Hackme.tld” Password
“Hackme.tld” FTP
“Hackme.tld” login
“Hackme.tld” github_token
“Hackme.tld” http:// & https:// 
“Hackme.tld” amazonaws
“Hackme.tld” digitaloceanspaces
@pikpikcu
pikpikcu / subdo_with_ptrarchive.sh
Created June 20, 2020 10:28
Pasive OSINT subdomain
#!/bin/bash
if [ "$1" == "-h" ] || [ "$1" == "--help" ] || [[ $# -eq 0 ]]
then
me=`basename "$0"`
echo "Find subdomains in PTR-archive http://ptrarchive.com/tools/search.htm?date=ALL&label=example.com"
echo -e "Usage:\n\t./${me} [domain]"
echo -e "Example:\n\t./${me} example.com"
echo -e "\t./${me} -v example.com # Verbose output, includes IPs."
exit 1