This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
Diaa Hassan Diaa-Hassan
🧙
Diaa-Hassan
/ bucket-disclose.sh
Created
June 7, 2022 18:06
— forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Written by Frans Rosén (twitter.com/fransrosen) | |
| _debug="$2" #turn on debug | |
| _timeout="20" | |
| #you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key | |
| _aws_key="AKIA..." | |
| H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3" | |
| H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" |
Diaa-Hassan
/ waybackurls.py
Created
June 7, 2022 18:13
— forked from mhmdiaa/waybackurls.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| def waybackurls(host, with_subs): | |
| if with_subs: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
| else: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
Diaa-Hassan
/ bountyscan_setup.sh
Created
June 7, 2022 18:16
— forked from random-robbie/bountyscan_setup.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| export DEBIAN_FRONTEND=noninteractive; | |
| echo "[*] Starting Install... [*]" | |
| echo "[*] Upgrade installed packages to latest [*]" | |
| echo -e "\nRunning a package upgrade...\n" | |
| apt-get -qq update && apt-get -qq dist-upgrade -y | |
| apt full-upgrade -y | |
| apt-get autoclean | |
| echo "[*] Install stuff I use all the time [*]" |
Diaa-Hassan
/ nmap-pwn.md
Created
June 7, 2022 18:17
— forked from random-robbie/nmap-pwn.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /$USER_wrdp1.sql | |
| /$USER_wpdb.sql | |
| /home/$USER/mail/dovecot-uidlist | |
| /var/spool/exim/input/i/1lE8Ii-0006Gf-LV-D | |
| /var/log/cpanel-install.log | |
| /var/log/exim_mainlog | |
| /var/log/mysqld.log | |
| /var/log/cron | |
| /var/log/maillog | |
| /var/log/exim_mainlog-20210221.gz |
Diaa-Hassan
/ Bug Bounty methodology
Created
June 29, 2022 03:11
— forked from cyberheartmi9/Bug Bounty methodology
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ██████╗ ███████╗ ██████╗ ██████╗ ███╗ ██╗ | |
| ██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗ ██║ | |
| ██████╔╝█████╗ ██║ ██║ ██║██╔██╗ ██║ | |
| ██╔══██╗██╔══╝ ██║ ██║ ██║██║╚██╗██║ | |
| ██║ ██║███████╗╚██████╗╚██████╔╝██║ ╚████║ | |
| ╚═╝ ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝ | |
| @intx0x80 |
Diaa-Hassan
/ get-shodan-favicon-hash.py
Created
June 29, 2022 03:18
— forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://twitter.com/brsn76945860/status/1171233054951501824 | |
| pip install mmh3 | |
| ----------------------------- | |
| # python 2 | |
| import mmh3 | |
| import requests | |
| response = requests.get('https://cybersecurity.wtf/favicon.ico') | |
| favicon = response.content.encode('base64') |
Diaa-Hassan
/ goscreenshot.go
Created
June 29, 2022 03:22
— forked from yehgdotnet/goscreenshot.go
goscreenshot.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //https://golangcode.com/headless-chrome-screenshot/ | |
| package main | |
| import ( | |
| "context" | |
| "io/ioutil" | |
| "log" | |
| "github.com/chromedp/cdproto/page" |
Diaa-Hassan
/ randomizeip.sh
Created
June 29, 2022 03:22
— forked from yehgdotnet/randomizeip.sh
Randomize Hostname and Renew IP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo +++++++++++++++++++++++++++++++++++++++++ | |
| echo Randomize Hostname and Renew IP | |
| echo by Aung Khant, http://yehg.net | |
| echo +++++++++++++++++++++++++++++++++++++++++ | |
| echo | |
| ######################################################## | |
| sleep 1 |
OlderNewer