DOM-XSS-SiteMinder

Payload:
\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e

📞 Nuclei Template

#XSS #DOM
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
⛓ T.me/BugCod3Topic
📣 T.me/BugCod3

Form Finder

This noscript can be used to find HTML forms in the list of endpoints/URLs.

Usage:

python3 formfinder.py endpoints.txt

😸 Github

⬇️ Donwload
🔒 BugCod3

#Python #Form #Finder
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
⛓ T.me/BugCod3Topic
📣 T.me/BugCod3

Algolia AppId+API-KEY PoC to show permissions:

curl "https://[APP-ID]-dsn.algolia.net/1/keys/[APPKEY]?x-algolia-application-id=[APP-ID]&x-algolia-api-key=[ApiKey]"

If ACL is Search only, it's likely to be a P5, if it has other sensitive permissions.. it's a P1/P2

#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
⛓ T.me/BugCod3Topic
📣 T.me/BugCod3

✨ Smaug - The OSINT for database's ✨

Search inside every file, folder and subfolder for OSINT
(based on the book The Hobbit, Smaug the dragon)

💬
It is not an online tool. This program scans your local database to search a variable you specified inside each file with bruteforce.
This tool has been created for utility to search inside every file which contains your input,
and also not all files/folders are supported (outside UTF-8 unicode) atm.
Could be useful for osint individuals.

🔼 Compile:
🖥 Unix:
⚪️ run make inside smaug-main

🖥 Windows:
⚪️ linux enviroment, example WSL or Chocolatey, run make inside smaug-main.

⚪️ otherwise, if you are running inside an IDE, just compile the program specifying the Makefile under smaug-main.

💻 Usage:
⚪️ Place it (smaug.exe) under the root directory containing all files and subfolders.
⚪️ Run cmd.exe inside that folder
⚪️ Run: smaug.exe text_variable
⚪️ Now you wait till it finishes searching.

😸 Github

⬇️ Download
🔒 BugCod3

#C #Smaug #OSINT
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🦈 Wireshark 🦈

(4.2.4) has been released. Enjoy.

#Wireshark #Released
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

💬
as a reminder: it is highly recommended to read the articles related to manual techniques rather than using open source tools which are more likely to be suspected by the anti-virus because of IOSs

😸 Github

⬇️ Download
🔒 BugCod3

#Pentest #AV #Bypass
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕷 ezXSS 🕷

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

💬
ezXSS is a tool that is designed to help find and exploit cross-site noscripting (XSS) vulnerabilities. One of the key features of ezXSS is its ability to identify and exploit blind XSS vulnerabilities, which can be difficult to find using traditional methods.

📊 Features:
⚪️ Easy to use dashboard with settings, statistics, payloads, view/share/search reports
⚪️ 🆕 Persistent XSS sessions with reverse proxy aslong as the browser is active
⚪️ Manage unlimited users with permissions to personal payloads & their reports
⚪️ Instant alerts via mail, Telegram, Slack, Discord or custom callback URL
⚪️ Custom extra javanoscript payloads
⚪️ Custom payload links to distinguish insert points
⚪️ Extract additional pages, block, whitelist and other filters
⚪️ Secure your login with Two-factor (2FA)
⚪️ The following information can be collected on a vulnerable page:
⚫️ The URL of the page
⚫️ IP Address
⚫️ Any page referer (or share referer)
⚫️ The User-Agent
⚫️ All Non-HTTP-Only Cookies
⚫️ All Locale Storage
⚫️ All Session Storage
⚫️ Full HTML DOM source of the page
⚫️ Page origin
⚫️ Time of execution
⚫️ Payload URL
⚫️ Screenshot of the page
⚫️ Extract additional defined pages
⚪️ Triggers in all browsers, starting from Chrome 3+, IE 8+, Firefox 4+, Opera 10.5+, Safari 4+
⚪️ much much more, and, its just ez :-)

Required:
⚪️ Server or shared web hosting with PHP 7.1 or up
⚪️ Domain name (consider a short one or check out shortboost)
⚪️ SSL Certificate to test on https websites (consider Cloudflare or Let's Encrypt for a free SSL)

Installation:
⚪️ ezXSS is ez to install with Apache, NGINX or Docker
⚪️ visit the wiki for installation instructions.

😸 Github

⬇️ Download
🔒 BugCod3

#PHP #XSS #Blind #Pentest
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🔍 Chiasmodon 🔍

💬
Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs (Classless Inter-Domain Routing), ASNs (Autonomous System Numbers), and subdomains. the tool allows users to search by domain, CIDR, ASN, email, username, password, or Google Play application ID.

📊 Features:
🌐 Domain: Conduct targeted searches by specifying a domain name to gather relevant information related to the domain.
🎮 Google Play Application: Search for information related to a specific application on the Google Play Store by providing the application ID.
🔎 CIDR and 🔢🔢ASN: Explore CIDR blocks and Autonomous System Numbers (ASNs) associated with the target domain to gain insights into network infrastructure and potential vulnerabilities.
✉️ Email, 👤Username, 🔒 Password: Conduct searches based on email, username, or password to identify potential security risks or compromised credentials.
🌍 Country: Sort and filter search results by country to gain insights into the geographic distribution of the identified information.
📋 Output Customization: Choose the desired output format (text, JSON, or CSV) and specify the filename to save the search results.
⚙️ Additional Options: The tool offers various additional options, such as viewing different result types (credentials, URLs, subdomains, emails, passwords, usernames, or applications), setting API tokens, specifying timeouts, limiting results, and more.

🔼 Install:

pip install chiasmodon

💻 Usage:

chiasmodon_cli.py -h

😸 Github

⬇️ Download
🔒 BugCod3

#OSINT #BugBounty #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3