My requirement is to enumerate each end URL of website and get below details,(Example: https://example.com)
- Finally, find hidden secrets using nuclei. (Tool: nuclei)
Note: All the tools outlined above are open source tools. We can use them at our own risk and not to hack others.
You can't perform that action at this time. You signed in with another tab or window. You signed out in another tab or…
Let me explain my approach with screenshots. I have given comments wherever required to make them easily understandable. Below screenshot shows how to extract only the FQDN value (domain name) from a given URL.
Now, file name “files.txt” will contain the results.
The screenshot given above shows the file called “gf_patterns”. There are multiple gf patterns created by Tomnomnom to identify the patterns inside a file. This tool is very useful when hunter would like to identify patterns such as looking for AWS_keys, firebase URL or details and so on. The great flexibility about gf tool is any bug bounty hunter will be able to create his/her pattern according their need.
As part of my script I have utilized only a part of the patterns such as
Content discovery is one of the most important tasks in bug bounty hunting as it might disclose some sensitive information, installation files, back up files and so on. Most of the time hunters will perform content discovery using pre-defined list. However, I would strongly suggest all to create a customized directory list according to the target. Because, the probability of success is higher as compared to general wordlist.
Find hidden secrets using nuclei:
I hope you have enjoyed the content.!!!
Since most of the hunters know what each tools do, I did not want to waste your time explaining the functionality of the tools. I have just explained my approach in bug hunting. Hope everyone finds their own way!!!
I would like to give credits to all security researchers who have created these tools.
Disclaimer: You shall not misuse this information to gain unauthorized access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.
A wrapper around grep to avoid typing common patterns. I use grep a lot. When auditing code bases, looking at the…
hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application.
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
A simple yet effective tool to find using custom and predefined regex for recon, vulnerabilites and secrets. It scans…