Skip to content

Instantly share code, notes, and snippets.

View aufzayed's full-sized avatar

ᴀʙᴅᴇʟʀʜᴍᴀɴ ᴢᴀʏᴇᴅ aufzayed

View GitHub Profile
# the required tools
# subjs -> https://github.com/lc/subjs
# js-beautify -> https://github.com/beautify-web/js-beautify
# haklistgen -> https://github.com/hakluke/haklistgen
haklist() {
# declare TMPDIR variable
TMPDIR="/tmp/haklist"
@aufzayed
aufzayed / token_spray_automation.sh
Created October 24, 2021 09:20
search for leaked data (tokens, secrets) in JavaScript files and validate them with nuclei token spray
# requirements:
# gf -> https://github.com/tomnomnom/gf
# gf patterns to find leaked tokens and secrets -> https://github.com/emadshanab/Gf-Patterns-Collection
# subjs -> https://github.com/lc/subjs
# gau -> https://github.com/lc/gau
# nuclei -> https://github.com/projectdiscovery/nuclei
# hakcheckurl -> https://github.com/hakluke/hakcheckurl
# note: before you run the script, edit your gf patterns and remove all grep 'H' and 'n' flag and add the 'h' flag
@aufzayed
aufzayed / lynx_subjs.sh
Created October 22, 2021 04:33
Combine lynx and subjs to find more javascript files
# install lynx: sudo apt install lynx
# lynx -dump: dump the first file to stdout and exit
# awk '/http/{print $2}': print only urls
# grep -E "https://example\.com": print only URLs that belong to example.com
# do not forget to use the URL schema in the grep pattern to avoid subdomains
lynx -dump https://example.com/ | awk '/http/{print $2}' | grep -E 'https://example\.com' | subjs | sort -u
@aufzayed
aufzayed / dorg.py
Created July 9, 2020 10:28
python script to organize big list of subdomains
#!/usr/bin/env python3
import re, sys, json
# usage: dorg.py subdomains_list.txt domain_name
# python3 dorg.py example_com_subs.txt example.com
file_path = sys.argv[1]
domain = sys.argv[2]
pattern = '[a-zA-Z0-9\-]+\.' + domain.replace('.', '\.')