Skip to content

Instantly share code, notes, and snippets.

View warlock0007's full-sized avatar

Mr.Geek warlock0007

1 follower · 1 following
View GitHub Profile
@warlock0007
warlock0007 / github_bugbountyhunting.md
Created May 19, 2018 03:59 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@warlock0007
warlock0007 / mimetypes.sniff.txt
Created May 19, 2018 03:58 — forked from 1lastBr3ath/mimetypes.sniff.txt
A list of mime types which are sniffed or can be sniffed, ran against IE mode 7 (X-UA-Compatible: IE=7)
application/3gpp-ims
application/A2L
application/activemessage
application/alto-costmap
application/alto-directory
application/alto-endpointcost
application/alto-endpointcostparams
application/alto-endpointprop
application/alto-endpointpropparams
application/alto-error
@warlock0007
warlock0007 / linkfinder.md
Created May 19, 2018 03:58 — forked from 1lastBr3ath/linkfinder.md
Usage of LinkFinder (@GerbenJavado)
  • Navigate to page from where you want to extract links
  • Open your browser's console and paste the following ;
    document.querySelectorAll('script[src]').forEach((i)=>document.write(i.src+'<br/>'))
  • Copy all links and write it into a file (ex: jslinks.txt)
  • Open your terminal and cd to directory where you've downloaded LinkFinder
  • Run the following command
 while IFS= read link; do python linkfinder.py -i "$link" -o cli; done &lt; jslinks.txt | tee -a output.html
@warlock0007
warlock0007 / google-dorks
Created May 6, 2018 07:32 — forked from clarketm/google-dorks
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!