Awasome OSINT Tools
There are many various OSINT tools in the market. But some of them are uncommon. Here are some open source intelligence tools which are really […]
Articles by localghost
API Security Tools and Resources
If you are looking for API security here is a collection of awesome API Security tools and resources from arainho. You may find public repo […]
Complete Bug Bounty Cheat Sheet
Everthing about Bug Bounty you need to know is here. XSS•https://github.com/EdOverflow/bugbountycheatsheet/blob/master/cheatsheets/xss.md• https://github.com/ismailtasdelen/xss-payload-list SQLi•https://github.com/EdOverflow/bugbountycheatsheet/blob/master/cheatsheets/sqli.md SSRF•https://github.com/EdOverflow/bugbountycheatsheet/blob/master/cheatsheets/ssrf.md• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery CRLF•https://github.com/EdOverflow/bugbountycheatsheet/blob/master/cheatsheets/crlf.md • https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection CSV-Injection•https://github.com/EdOverflow/bugbountycheatsheet/blob/master/cheatsheets/csvinjection.md• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSV%20Injection Command Injection• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20InjectionDirectory Traversal• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Directory%20Traversal […]
WHERE TO LOOK FOR XXE?
Find XXE Vulnerability, XXE Dorks 1-Functionality that parses SVG files 2-Functionality that parses sitemap.xml files 3-SAML Authentication 4-HTML parsing 5-SOAP APIs 6-XML APIs Good Lock#bugbounty […]
SSRF exploitation via URL Scheme
SSRF exploitation via URL Scheme 1-File:Allows an attacker to fetch the content of a file on the server file://path/to/filefile:///etc/passwdfile://\/\/etc/passwdssrf.php?url=file:///etc/passwd 2-HTTP:Allows an attacker to fetch any […]
API #Bugbounty Tips
When you found API endpoint like “/api/v12/somthing” add “internal” to the route and check the respons. Example: Request:/api/v12/users/<userID> Respons: 403 Request: “/api/v12/internal/users/<userID>Respons: 200 After this […]
List of Tools to Detect XSS Vulnerabilities
XSSerW3afProbelyPower fuzzerBurp SuiteNetsparkerZAProxyWebScarabXSStrikeXSScrapywfuzzImmuniWeb On-demandnmapJMeterwapitiZAP-CLIArachniXSS HunterFirebugxsssniperSkipfishKNOXSSAcunetixPsalm Plus:Also you will need https://xsshunter.com/ #bugbountytips #xss
SSRF Bypass List For Localhost (127.0.0.1)
http://127.1/ http://0000::1:80/ http://[::]:80/ http://2130706433/ http://whitelisted@127.0.0.1 http://0x7f000001/ http://017700000001 http://0177.00.00.01 http://⑯⑨。②⑤④。⑯⑨。②⑤④/ http://⓪ⓧⓐ⑨。⓪ⓧⓕⓔ。⓪ⓧⓐ⑨。⓪ⓧⓕⓔ:80/ http://⓪ⓧⓐ⑨ⓕⓔⓐ⑨ⓕⓔ:80/ http://②⑧⑤②⓪③⑨①⑥⑥:80/ http://④②⑤。⑤①⓪。④②⑤。⑤①⓪:80/ http://⓪②⑤①。⓪③⑦⑥。⓪②⑤①。⓪③⑦⑥:80/ http://0xd8.0x3a.0xd6.0xe3 Good luck!
How to Find Deserialization Vulnerabilities? Freddy.
Are you goint to test a web site? And you are looking for deserialization vulnerabilities? All you need is Freddy Burpsuite plugin. Which target are […]
How to find J2EE vulnerabilities (Tomcat, Weblogic etc.)
How to find Tomcat, Weblogic vulnerabilities? All you need is J2EEScan (Burpsuite plugin). Which vulnerabilities can you detect with J2EEScan? Expression Language Injection (CVE-2011-2730)Apache Roller […]