![]() ![]() Use Case: echo “” | waybackurls | httpx -silent | Gxss -c 100 -p Xss | sort -u | dalfox pipe 34. Usage : gron “ | fgrep “thor” 33 GxssĪ tool to check a bunch of URLs that contain reflecting params. Gron transforms JSON into discrete assignments to make it easier to grep for what you want and see the absolute ‘path’ to it. Usage : cat testphp.txt | gf xss | sed ‘s/=.*/=/’ | sed ‘s/URL: //’ | tee testxss1.txt 32 Gron GFĪ wrapper around grep, to help you grep for things. Usage: cat domains.txt | gau -t 5 -b png,jpg,gif -o urls.txt 31. GAUįetch known URLs from AlienVault’s Open Threat Exchange, the Wayback Machine, and Common Crawl. DalFoxĭalFox is a fast, powerful parameter analysis and XSS scanner, based on a golang/DOM parser.Ĭat subdoamintxt| Gxss -p FUZZ | dalfox pipw –mining-dict /home/kali/Arjun/arjun/db/params.txt –skip-bav 29. Make concurrent requests with the curl command-line tool Go client to communicate with Chaos DNS API. Assetfinderįind domains and subdomains related to a given domain Usage: cat newthings.txt | anew things.txt > added-lines.txt 25. AnewĪ tool for adding new lines to files, skipping duplicates. ![]() targets.txt -threads 5 -c “nikto –host _target_ >. HTTP parameter discovery suite. Arjun can find query parameters for URL endpoints.Įasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support. ![]() Smuggler – An HTTP Request Smuggling / Desync testing tool written in Python 3Ĭat list_of_hosts.txt | python3 smuggler.py 22. Python JSFinder.py -u -os mi_subdomain.txt 21. JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website. Usage : python maps_api_scanner.py –api-key API_KEY 20. Google Maps API Scanner Used for determining whether a leaked/found Google Maps API Key is vulnerable to unauthorized access by other applications or not. CorsyĬorsy is a lightweight python program that scans for all known misconfigurations in CORS implementations Usage: python3 SecretFinder.py -i -o results.html 18. SecretFinder – A python script for find sensitive data (apikeys, accesstoken,jwt.) and search anything on javascript files TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes Usage: bin/massdns -r ~/tools/massdns/lists/resolvers.txt -q -t A -o S -w massdns.raw subdomain.txt 16. MassdnsĪ high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) Usage : cat subdomains.txt | waybackurls | sort -u > waybackdata | gf ssrf | tee -a ssfrparams.txĬat waybackdata | gf redirect | tee -a redirect.txt 15. GF Paterns For (SSRF, RCE, LFI, SQLi, SSTI, IDOR, url redirection, debug_logic, interesting Subs) parameters grep. Usage go-earlybird –path=/path/to/directory 14. It can be used to scan remote git repositories, local files or directories or as a pre-commit step. EarlyBirdĮarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more. Sub-Domain TakeOver Vulnerability Scanner Usage: python3 linkfinder.py -i -d -o cli 12. LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. Usage: python3 DumpsterDiver.py -p –min-key 40 –max-key 40 –entropy 4.3 11. Additionally, it allows creating a simple search rules with basic conditions. AWS Access Key, Azure Share Key or SSH keys) or passwords. DumpsterDiverĭumpsterDiver is a tool, which can analyze big volumes of data in search of hardcoded secrets like keys (e.g. Usage: python ItsOver.py -l Takeover.txt 10. ItsOver is a simple programm written on **python3** to quick check if the subdoamin is vulnerable to takeover Relative-url-extractorĪ small tool that extracts relative URLs (endpoints) from a fileĬurl -s |. Usage: python3 paramspider.py –domain –exclude php,jpg –output hackerone.txt 8. It mines the parameters from web archives (without interacting with the target host) Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.Įcho “ ” | subjs | python3 jsa.py 7. It’s recommended to pair this with gau and then Analyzing javascript files can help you find undocumented endpoints, secrets, and more. Subjs fetches javascript files from a list of URLS or subdomains. Usage: cat domains.txt | waybackurls > urls | grapX urls output_filename 5. GrapX will iterate through the URLs and grep the endpoints with all possible extensions. This script contain all the possible techniques to do the same. Methods from #bugbountytips, headers, verb tampering and user agents. Python script for 40X responses bypassing. Usage: python 403bypasser.py -u -d /secret\n 2. ![]() 403bypasser automates the techniques used to circumvent access control restrictions on target pages. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |