SSRF exploitation via URL Scheme

October 2, 2021 localghost 0

SSRF exploitation via URL Scheme 1-File:Allows an attacker to fetch the content of a file on the server file://path/to/filefile:///etc/passwdfile://\/\/etc/passwdssrf.php?url=file:///etc/passwd 2-HTTP:Allows an attacker to fetch any […]

bugbounty-tips-daily

Bug Bounty Tips, DORKS, Parameters Based on Frequency

February 19, 2021 localghost 0

Bug Bouty Cross-Site Scripting (XSS) DORKS ?q={payload}?s={payload}?search={payload}?id={payload}?lang={payload}?keywords={payload}?query={payload}?page={payload}?keyword={payload}?year={payload}?view={payload}?email={payload}?type={payload}?name={payload}?p={payload}?month={payload}?immagine={payload}?list_type={payload}?url={payload}?terms={payload}?categoryid={payload}?key={payload}?l={payload}?begindate={payload}?enddate={payload} Bug Bouty Server-Side Request Forgery (SSRF) DORKS?dest={target}?redirect={target}?uri={target}?path={target}?continue={target}?url={target}?window={target}?next={target}?data={target}?reference={target}?site={target}?html={target}?val={target}?validate={target}?domain={target}?callback={target}?return={target}?page={target}?feed={target}?host={target}?port={target}?to={target}?out={target}?view={target}?dir={target} Bug Bouty Local File Inclusion (LFI) DORKS ?cat={payload}?dir={payload}?action={payload}?board={payload}?date={payload}?detail={payload}?file={payload}?download={payload}?path={payload}?folder={payload}?prefix={payload}?include={payload}?page={payload}?inc={payload}?locate={payload}?show={payload}?doc={payload}?site={payload}?type={payload}?view={payload}?content={payload}?document={payload}?layout={payload}?mod={payload}?conf={payload Bug Bouty SQL […]