Skip to content

Instantly share code, notes, and snippets.

@JerryShah3

JerryShah3/component.txt

Last active April 9, 2024 02:32
Show Gist options
  • Save JerryShah3/95d3a1baf2d29973286effb491684297 to your computer and use it in GitHub Desktop.
Save JerryShah3/95d3a1baf2d29973286effb491684297 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. JerryShah3 revised this gist Sep 29, 2022. 1 changed file with 3 additions and 0 deletions.
    3 changes: 3 additions & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -51,7 +51,10 @@ http.component:"Loadash"

    http.component:"Cloudflare"
    http.component:"Cloudfront"
    http.component:"Amazon Cloudfront"
    http.component:"cdnjs"
    http.component:"jsDelivr"
    http.component:"CreateJS"
    http.component:"Akamai"
    http.component:"JQuery CDN"
    http.component:"Varnish"
  2. JerryShah3 revised this gist Sep 29, 2022. 1 changed file with 2 additions and 0 deletions.
    2 changes: 2 additions & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -95,7 +95,9 @@ http.component:"WooCommerce"
    http.component:"Wix"
    http.component:"Shopify"
    http.component:"Magento"
    http.component:"Contentful"
    http.component:"Django CMS"
    http.component:"Craft CMS"
    ----------------------------------------------


  3. JerryShah3 revised this gist Sep 28, 2022. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -95,6 +95,7 @@ http.component:"WooCommerce"
    http.component:"Wix"
    http.component:"Shopify"
    http.component:"Magento"
    http.component:"Django CMS"
    ----------------------------------------------


  4. JerryShah3 revised this gist Sep 27, 2022. 1 changed file with 3 additions and 1 deletion.
    4 changes: 3 additions & 1 deletion component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -101,4 +101,6 @@ http.component:"Magento"

    NOTE 1 : You need to enumerate and look for the vulnerabilities. This dorks will not give you the direct hit to vulnerabilities.

    NOTE 2 : This dorks will help you to know what vulnerabilities you can find on your target domains, if any of your target is using the above mentioned components.
    NOTE 2 : This dorks will help you to know what vulnerabilities you can find on your target domains, if any of your target is using the above mentioned components.

    NOTE 3 : All dorks mentioned are from the perspective of bug bounty.
  5. JerryShah3 revised this gist Sep 26, 2022. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -3,6 +3,7 @@
    http.component:"AngularJS"
    http.component:"Ruby"
    http.component:"Ruby on Rails"
    http.component:"Python"
    -------------------------------

    "For finding php vulnerabilites"
  6. JerryShah3 revised this gist Sep 26, 2022. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -55,6 +55,7 @@ http.component:"Akamai"
    http.component:"JQuery CDN"
    http.component:"Varnish"
    http.component:"Netlify"
    http.component:"WP Rocket"
    ----------------------------------------------

    "For finding subdomain takeovers"
  7. JerryShah3 revised this gist Sep 25, 2022. 1 changed file with 2 additions and 2 deletions.
    4 changes: 2 additions & 2 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -97,6 +97,6 @@ http.component:"Magento"



    NOTE 1 : You need to enumerate and look for the vulnerabilites. This dorks will not give you the direct hit to vulnerabilites.
    NOTE 1 : You need to enumerate and look for the vulnerabilities. This dorks will not give you the direct hit to vulnerabilities.

    NOTE 2 : This dorks will help you to know what vulnerabilites you can find on your target domains, if any of your target is using the above mentioned components.
    NOTE 2 : This dorks will help you to know what vulnerabilities you can find on your target domains, if any of your target is using the above mentioned components.
  8. JerryShah3 revised this gist Sep 23, 2022. 1 changed file with 5 additions and 0 deletions.
    5 changes: 5 additions & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -10,6 +10,11 @@ http.component:"Ruby on Rails"
    http.component:"PHP"
    ----------------------------------------------

    "For finding SAP XSS CVE"

    http.component:"SAP"
    ----------------------------------------------

    "For finding Log4j"

    http.component:"Java"
  9. JerryShah3 revised this gist Sep 23, 2022. 1 changed file with 65 additions and 6 deletions.
    71 changes: 65 additions & 6 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -1,38 +1,97 @@
    ```For template injection```
    "For finding template injection"

    http.component:"AngularJS"
    http.component:"Ruby"
    http.component:"Ruby on Rails"
    -------------------------------

    "For finding php vulnerabilites"

    http.component:"PHP"
    http.component:"Python"
    ----------------------------------------------

    "For finding Log4j"

    http.component:"Java"
    ----------------------------------------------

    "For finding vulnerable databases

    http.component:"MongoDB"
    http.component:"MySQL"
    ----------------------------------------------

    "For finding unauthentication admin dashboard"

    http.component:"Python"
    http.component:"Django"
    ----------------------------------------------

    "For finding api misconfigurations"

    http.component:"Open Graph"
    http.component:"Sentry"
    http.component:"Google Maps"
    ----------------------------------------------

    "For finding prototype pollution"

    http.component:"JQuery"
    http.component:"Node.js"
    http.component:"Loadash"
    ----------------------------------------------

    "For finding caching issues"

    http.component:"Cloudflare"
    http.component:"Cloudfront"
    http.component:"cdnjs"
    http.component:"Akamai"
    http.component:"JQuery CDN"
    http.component:"Varnish"
    http.component:"Netlify"
    ----------------------------------------------

    "For finding subdomain takeovers"

    http.component:"Amazon S3"
    http.component:"GitHub Pages"
    http.component:"Nginx"

    ----------------------------------------------

    "For finding smuggling/desync attacks"

    http.component:"HTTP/2"
    http.component:"HTTP/3"
    ----------------------------------------------

    "For finding deserialization vulnerabilities"

    http.component:"Microsoft ASP.NET"
    ----------------------------------------------

    "For finding OAuth squatting"

    http.component:"Google Sign-in"
    http.component:"Apple Sign-in"
    http.component:"Facebook Sign-in"
    ----------------------------------------------

    "For finding CMS related vulnerabilities"

    http.component:"WordPress"
    http.component:"Contentful"
    http.component:"Loadash"
    http.component:"Open Graph"
    http.component:"Sentry"
    http.component:"Discourse"
    http.component:"Joomla"
    http.component:"Drupal"
    http.component:"WooCommerce"
    http.component:"Wix"
    http.component:"Shopify"
    http.component:"Magento"
    ----------------------------------------------



    NOTE 1 : You need to enumerate and look for the vulnerabilites. This dorks will not give you the direct hit to vulnerabilites.

    NOTE 2 : This dorks will help you to know what vulnerabilites you can find on your target domains, if any of your target is using the above mentioned components.
  10. JerryShah3 revised this gist Sep 23, 2022. 1 changed file with 7 additions and 2 deletions.
    9 changes: 7 additions & 2 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -1,11 +1,16 @@
    ```For template injection```

    http.component:"AngularJS"
    http.component:"PHP"
    http.component:"Ruby"
    http.component:"Ruby on Rails"


    http.component:"PHP"
    http.component:"Python"
    http.component:"Java"
    http.component:"MongoDB"
    http.component:"MySQL"
    http.component:"Ruby on Rails"

    http.component:"Django"
    http.component:"Google Maps"
    http.component:"JQuery"
  11. JerryShah3 created this gist Sep 23, 2022.
    33 changes: 33 additions & 0 deletions component.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,33 @@
    http.component:"AngularJS"
    http.component:"PHP"
    http.component:"Ruby"
    http.component:"Python"
    http.component:"Java"
    http.component:"MongoDB"
    http.component:"MySQL"
    http.component:"Ruby on Rails"
    http.component:"Django"
    http.component:"Google Maps"
    http.component:"JQuery"
    http.component:"Node.js"
    http.component:"Cloudflare"
    http.component:"Cloudfront"
    http.component:"cdnjs"
    http.component:"Akamai"
    http.component:"JQuery CDN"
    http.component:"Varnish"
    http.component:"Netlify"
    http.component:"Amazon S3"
    http.component:"GitHub Pages"
    http.component:"Nginx"
    http.component:"HTTP/2"
    http.component:"HTTP/3"
    http.component:"Microsoft ASP.NET"
    http.component:"Google Sign-in"
    http.component:"Apple Sign-in"
    http.component:"Facebook Sign-in"
    http.component:"WordPress"
    http.component:"Contentful"
    http.component:"Loadash"
    http.component:"Open Graph"
    http.component:"Sentry"