debian@pikpikcu~$ cat subdo.txt | hakrawler | grep 'http' | cut -d '' -f 2 > crawler.txt
debian@pikpikcu~$ gau -subs domain.com >> crawler.txt
debian@pikpikcu~$ waybackurls domain.com >> crawler.txt
debian@pikpikcu~$ cat crawling.txt | grep "?" | unfurl --unique format %s://%d%p > base.txt
debian@pikpikcu~$ cat base.txt | parallel -j50 -q grep {} -m5 crawling.txt | tee -a final.txt
debian@pikpikcu~$ cat final.txt | egrep -iv ".(jpg|jpeg|gif|css|tif|tiff|woff|woff2|ico|pdf|svg|txt|js)" > final_bos.txt
debian@pikpikcu~$ rm -rf base.txt final.txt
Diaa Hassan Diaa-Hassan
🧙
pikpikcu
/ Chek_info_port.sh
Created
June 20, 2020 10:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$1" == "-h" ] || [ "$1" == "--help" ] | |
| then | |
| me=`basename "$0"` | |
| echo "Find information about TCP/IP ports." | |
| echo -e "Usage:\n\t./${me} [port|service]" | |
| echo -e "Example:\n\t./${me} snmp\n\t./${me} 3389" | |
| exit 1 | |
| fi |
bing0o
/ subenum_beta.sh
Created
July 11, 2020 17:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # script for subdomain enumeration using 4 of the best tools with some APIs: | |
| # * findomain: https://github.com/Edu4rdSHL/findomain | |
| # * SubFinder: https://github.com/projectdiscovery/subfinder | |
| # * Amass: https://github.com/OWASP/Amass | |
| # * AssetFinder: https://github.com/tomnomnom/assetfinder | |
| # | |
| # a perl version is being developed by @terminalforlife | |
| # * https://github.com/terminalforlife/PerlProjects/tree/master/source/dominator |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dorks are cool | |
| Dorks for Google, Shodan and BinaryEdge | |
| Only for use on bug bounty programs or in cordination with a legal security assesment. | |
| I am in no way responsible for the usage of these search queries. | |
| Be responsible thanks - https://www.bugcrowd.com/resource/what-is-responsible-disclosure/ | |
| This repository is "under construction" feel free to make pull requests :-) |
pikpikcu
/ crawling.md
Last active
July 8, 2022 21:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "program_name": "(ISC)²", | |
| "policy_url": "https://bugcrowd.com/isc2", | |
| "submission_url": "https://bugcrowd.com/isc2/report", | |
| "launch_date": "", | |
| "bug_bounty": false, | |
| "swag": false, | |
| "hall_of_fame": true, | |
| "safe_harbor": "partial" |
dubey-amit
/ Unique wayback url
Last active
July 8, 2022 14:03
Get all the Wayback endpoints to compare it with your Burp crawled URLs & probe all the unique endpoints.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat urls | unfurl -u format %s://%d%p > unique && sort -uo unique unique && cat unique | unfurl -u domains | waybackurls | unfurl -u format %s://%d%p > wayurl && sort -uo wayurl wayurl | comm -1 -3 unique wayurl > final && rm urls && rm unique && rm wayurl && httpx -l final --status-code -silent --content-length | grep -i 200 |
muff-in
/ resources.md
Last active
October 30, 2025 15:30
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
Spy0x7
/ find js file one liner
Last active
July 8, 2022 13:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| assetfinder site.com | gau|egrep -v '(.css|.png|.jpeg|.jpg|.svg|.gif|.wolf)'|while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Zo-9_]+" |sed -e 's, 'var','"$url"?',g' -e 's/ //g'|grep -v '.js'|sed 's/.*/&=xss/g'):echo -e "\e[1;33m$url\n" "\e[1;32m$vars";done |
yehgdotnet
/ recon-by-mentor.sh
Created
August 16, 2020 16:57
CyberMentor's Recon script - https://pastebin.com/raw/MhE6zXVt by Heath Adams
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| url=$1 | |
| if [ ! -d "$url" ];then | |
| mkdir $url | |
| fi | |
| if [ ! -d "$url/recon" ];then | |
| mkdir $url/recon | |
| fi | |
| # if [ ! -d '$url/recon/eyewitness' ];then | |
| # mkdir $url/recon/eyewitness |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -s "http://web.archive.org/cdx/search/cdx?url=*.domain/*&output=txt&fl=original&collapse=urlkey&page=/" | gf ssrf | qsreplace "https://localtest.me" | parallel -j50 -q curl -i -s -k -o >(grep -io "<title>[^<]*" | cut -d'>' -f2-) --silent --max-time 2 --write-out 'Status:%{http_code}\t Header-size:%{size_header}tUrl:%{url_effective} || ' |