FedSearch
magikh0e :unverified: · @magikh0e
130 followers · 132 posts · Server infosec.exchange
GitHub - GitHub - projectdiscovery/subfinder: Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Simple Script for Finding Cross
Site Scripting (XSS) vulns

#!/bin/bash

subfinder -d $1 -o domains_subfinder_$1
amass enum --passive -d $1 -o domains_$1

cat domains_subfinder_$1 | tee -a domain_$1
cat domains_$1 | filter-resolved | tee -a domains_$1.txt

cat domains_$1.txt | httprobe -p http:81 -p http:8080 -p https:8443 | waybackurls | kxss | tee xss.txt

github.com/projectdiscovery/su
github.com/OWASP/Amass
github.com/tomnomnom/hacks/tre
github.com/tomnomnom/httprobe
github.com/tomnomnom/waybackur
github.com/tomnomnom/hacks/tre

#bugbounty #bugbountytips #xss #subfinder #httprobe #waybackurls #kxss #AMASS

Last updated 2 years ago
Original post

magikh0e :unverified: · @magikh0e
130 followers · 132 posts · Server infosec.exchange
GitHub - GitHub - projectdiscovery/subfinder: Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

SQL Injection Hunting

subfinder -d site.com -all -silent | waybackurls | sort -u | gf sqli > gf_sqli.txt; sqlmap -m gf_sqli.txt --batch --risk 3 --random-agent | tee -a sqli.txt

github.com/projectdiscovery/su
github.com/1ndianl33t/Gf-Patte
github.com/tomnomnom/waybackur

#bugbounty #bugbountytips #subfinder #sqlinjection #waybackurls #sqli

Last updated 2 years ago
Original post