This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
Anthony Bordel minkione
minkione
/ master_script.sh
Created
January 20, 2021 20:51
— forked from LuD1161/master_script.sh
Master Script to automate all the recon
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -z "$2" ] | |
| then | |
| echo "2nd Argument not supplied" | |
| echo "2nd argument can be basic or advanced,it used for nmap" | |
| echo "Usage : ./master_script.sh domain basic|advanced" | |
| echo "Also do set your expo token export expToken=xxxx to receive push notification when this gets completed" | |
| echo "Get your expo token here : https://play.google.com/store/apps/details?id=com.hackingsimplified.notifyme" | |
| exit 1 |
minkione
/ ffuf.sh
Created
January 20, 2021 20:37
— forked from noobsdt/ffuf.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "###############################" | |
| echo "# Ffuf #" | |
| echo "###############################" | |
| echo "" | |
| echo "" | |
| echo "[1] subdomains.txt" | |
| echo "[2] subdomain-large.txt" | |
| echo "[3] raft-large-directories.txt" |
minkione
/ gist:1c0c03bd3699c7f8a36c0071b95b3180
Created
January 20, 2021 20:36
— forked from the-xentropy/gist:05ab1c5efd7ae7651b14e0fb85c6312c
Use wfuzz or ffuf to enumerate s3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Ffuf (faster): | |
| ffuf -u "https://s3.REGION.amazonaws.com/COMPANYDELIMITERENVIRONMENT" -w "aws-regions.txt:REGION" -w "company.txt:COMPANY" -w "delimiters.txt:DELIMITER" -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt:ENVIRONMENT" -mc 200 -v | |
| Wfuzz: | |
| wfuzz -u "https://s3.FUZZ.amazonaws.com/FUZ2ZFUZ3ZFUZ4Z" -w aws-regions.txt -w company.txt -w delimiters.txt -w "/usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt" --sc 200 -v -t 50 | |
| The files: |
minkione
/ autoffuf.sh
Created
January 20, 2021 20:28
— forked from ZoczuS/autoffuf.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Usage: ./autoffuf.sh http://example.com | |
| # | |
| # (C) Jakub Żoczek | |
| # https://twitter.com/zoczus | |
| ##### | |
| url=$1 | |
| wordlist="/opt/common.txt" |
minkione
/ juicy.sh
Created
January 20, 2021 20:20
— forked from incogbyte/juicy.sh
fast juicy files with tomnomnom wordlist and ffuf tool
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #tomnomnom juicy files https://gist.github.com/tomnomnom/57af04c3422aac8c6f04451a4c1daa51 | |
| # ffuf tool https://github.com/ffuf/ffuf | |
| # put the ffuf bin at /usr/local/bin and give the juicy.sh permission to execute with chmod +x juicy.sh and copy to | |
| # /usr/local/bin too.. after that.. execute juicy.sh at any terminal. | |
| # usage bash juicy.sh filename.txt | |
| filename="$1" | |
| while read -r line; do | |
| name="$line" |
minkione
/ install.sh
Created
January 20, 2021 20:11
— forked from h3mantD/install.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Color | |
| red='\e[31m' | |
| green='\e[32m' | |
| blue='\e[34m' | |
| white='\e[97m' | |
| echo "*** setting up a environment for running a tool ***" |
minkione
/ ffuf_oneline.sh
Created
January 20, 2021 20:01
— forked from InsiderPhD/ffuf_oneline.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Basic Usage | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 | |
| # Basic Usage With a Cookie | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 -b "laravel_session=eyJpdiI6Ii8wQU11dTVlUkg2alRHUXBIVzlGSnc9PSIsInZhbHVlIjoiOWs3YllJWTdqNC9xa1pMeFRvMFh0OE1vRFpaWm9GSzFkRktVZS9yUHBDM0lIazZ4K0NsbndxWVIxQ05VZWhqZUZaR0RGQWlFdmdDc24yWllYRklGSXI5STd2b05Pam4yRXIwV1BUWkZhUnFLNUFzOWsycmRHcnlxS0FqRWNsSnEiLCJtYWMiOiI3ZTliMmM2YzIxOTExNDE0NmVjYTYyMGI4Nzg4YzJiYjNmNjVkNDI1YzEyODYwMzY5YzczNzY3NTUwZDk0OGYzIn0%3D;" | |
| # Adding a delay | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –p 1 –t 3 | |
| # Adding a delay (new method) |
minkione
/ ssrf.sh
Created
January 20, 2021 19:21
— forked from hussein98d/ssrf.sh
This script takes a domain name and a callback server, parses links , appends SSRF parameters and fire the requests.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "Blind SSRF testing - append to parameters and add new parameters @hussein98d" | |
| echo "Usage: bash script.sh domain.com http://server-callbak" | |
| echo "This script uses https://github.com/ffuf/ffuf, https://github.com/lc/gau, https://github.com/tomnomnom/waybackurls" | |
| if [ -z "$1" ]; then | |
| echo >&2 "ERROR: Domain not set" | |
| exit 2 | |
| fi | |
| if [ -z "$2" ]; then | |
| echo >&2 "ERROR: Sever link not set" | |
| exit 2 |
minkione
/ JavascriptRecon.md
Created
January 19, 2021 07:38
My Javascript Recon Process - BugBounty
minkione
/ bountyscan_setup.sh
Created
January 18, 2021 09:41
— forked from jhaddix/bountyscan_setup.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| export DEBIAN_FRONTEND=noninteractive; | |
| echo "[*] Starting Install... [*]" | |
| echo "[*] Upgrade installed packages to latest [*]" | |
| echo -e "\nRunning a package upgrade...\n" | |
| apt-get -qq update && apt-get -qq dist-upgrade -y | |
| apt full-upgrade -y | |
| apt-get autoclean | |
| echo "[*] Install stuff I use all the time [*]" |