Posts

Showing posts from October, 2023

List of 100 web vulnerabilities-

There are 100 web vulnerabilities classified into different types or categories. Injection Vulnerabilities: 1. SQL Injection (SQLi) 2. Cross-Site Scripting (XSS) 3. Cross-Site Request Forgery (CSRF) 4. Remote Code Execution (RCE) 5. Command Injection 6. XML Injection 7. LDAP Injection 8. XPath Injection 9. HTML Injection 10. Server-Side Includes (SSI) Injection 11. OS Command Injection 12. Blind SQL Injection 13. Server-Side Template Injection (SSTI) Broken Authentication and Session Management: 14. Session Fixation 15. Brute Force Attack 16. Session Hijacking 17. Password Cracking 18. Weak Password Storage 19. Insecure Authentication 20. Cookie Theft 21. Credential Reuse Sensitive Data Exposure: 22. Inadequate Encryption 23. Insecure Direct Object References (IDOR) 24. Data Leakage 25. Unencrypted Data Storage 26. Missing Security Headers 27. Insecure File Handling Security Misconfiguration: 28. Default Passwords 29. Directory Listing 30. Unprotected API Endpoints 31. Open Ports and S...

Analyze JavaScript files

A nalyze JavaScript files during your hunting process To analyze JavaScript files during your hunting process, you can use the following one-liner to extract all JavaScript files from a specific domain. Then, you can use the 'grep' command to filter and display only sensitive information like authentication tokens. Required tools for this process include: -A command-line interface. -A tool for recursively extracting JavaScript files from a domain. -The 'grep' command for pattern matching and extraction of sensitive data such as authentication tokens. -subfinder - https://github.com/projectdiscovery/subfinder -httpx - https://github.com/projectdiscovery/httpx -waybackurls - https://github.com/tomnomnom/waybackurls MAIN ONELINER:  subfinder -d domain.com | httpx -mc 200 | tee subdomains.txt && cat subdomains.txt | waybackurls | httpx -mc 200 | grep .js | tee js.txt GREP ONELINER FOR EXTRACTING TOKENS, AUTH,... : cat js.txt | grep -r -E “aws_access_key|aws_secret_k...