khanjanny

#!/bin/bash

apt update
apt install wget curl python python3 python-pip python3-pip python-dev zip git phantomjs whatweb python-virtualenv bc locate dnsutils apache2 tree jq
pip install boto wfuzz google wafw00f truffleHog

#install golang phantomjs


#golang profile...

khanjanny

#!/bin/bash
file_lines=$(cat $1)
echo "Running LinkFinder over these urls..."

for line in $file_lines
do
if [[ "$line" == "http"* ]]
 then
  if [[ $(wget $line -O-) ]] 2>/dev/null
   then

khanjanny

HTTP Splitting
----------------------------------
en
Content-Length: 0

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 28
<html>http Splitting test</html>

khanjanny

//change hackerone.com to any domain to extract subdomains 


curl -s "https://crt.sh/?q=%25.hackerone.com&output=json" |jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u | grep -o "\w.*hackerone.com" | sort -u  >> output.txt
curl https://www.threatcrowd.org/searchApi/v2/domain/report/?domain=hackerone.com | jq '.' | sort -u | grep hackerone.com >> output.txt
curl https://api.hackertarget.com/hostsearch/?q=hackerone.com | cut -d',' -f1 | sort -u | grep hackerone.com >> output.txt
curl https://certspotter.com/api/v0/certs?domain=hackerone.com | sort -u >> output.txt
curl http://web.archive.org/cdx/search/cdx?url=*.hackerone.com/\&output=text\&fl=original\&collapse=urlkey |sort| grep hackerone.com |sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sort -u >> output.txt 
curl http://index.commoncrawl.org/CC-MAIN-2018-22-index?url=*.hackerone.com\&output=json | jq -r .url | sort -u >> output.txt
curl https://api.threatminer.org/v2/domain.php?q=hackerone.com\&rt=5 | jq '.' | sort -u | grep hacke

khanjanny

apt install git gcc make libpcap-dev python-argparse massdns golang python python3 
pip install py-altdns



go get -v github.com/projectdiscovery/subfinder/cmd/subfinder
go get github.com/haccer/subjack
go get -u github.com/rverton/webanalyze/...
go get github.com/tomnomnom/httprobe
go get github.com/tomnomnom/waybackurls

khanjanny

#!/bin/sh
set -e
#
# This script is meant for quick & easy install via:
#   'curl -sSL https://raw.githubusercontent.com/ysrc/xunfeng/master/install/install.sh | sh'
# or:
#   'wget -qO- https://raw.githubusercontent.com/ysrc/xunfeng/master/install/install.sh | sh'
#
export MONGODB_URL="http://downloads.mongodb.org/linux/mongodb-linux-x86_64-3.4.0.tgz"
export XUNFENG_REPO="https://github.com/ysrc/xunfeng.git"

khanjanny

display:
  error: false
  new: true
  unchanged: false
job_defaults:
  all: {}
  browser: {}
  shell: {}
  url: {}
report:

khanjanny

#!/bin/bash
echo "[+] Installing XFCE4, this will take a while"
sudo apt update
sudo apt dist-upgrade -y --force-yes
sudo apt --yes --force-yes install kali-desktop-xfce xorg xrdp
echo "[+] Configuring XRDP to listen on port 3390 (but not starting the service)..."
echo "[+] To start the service run: sudo /etc/init.d/xrdp start"
sudo sed -i 's/port=3389/port=3390/g' /etc/xrdp/xrdp.ini
sudo echo "alias startx=\"sudo /etc/init.d/xrdp start\"" > ~/.bash_aliases
sudo echo "alias stopx=\"sudo /etc/init.d/xrdp stop\"" > ~/.bash_aliases

khanjanny

#!/bin/bash
#This one is demo you can make your own stracture for yourself just add dir and file.... have fun

mkdir ~/work/$1
mkdir ~/work/$1/finaldata
mkdir ~/work/$1/finaldata/portscan
mkdir ~/work/$1/domains
mkdir ~/work/$1/recondata
mkdir ~/work/$1/needcheck
touch ~/work/$1/finaldata/subdomains.txt

khanjanny

The Web Application Hacker's Handbook

Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file

Contents

• Recon and analysis
• Test handling of access
• Test handling of input
• Test application logic
• Assess application hosting
• Miscellaneous tests