Methodology
Methodology
Methodology
  • 🧑‍🏫My Methodologies
  • 🕶️Google Dorks
  • 🌀Possible "Content-Type" Header values
  • 📜Scripts written by me for XSS
  • 🔼Subdomain Takeover
  • ✍️Tips and Write-ups
  • 🔧Tools and their Uses
  • 🎯XSS nuclei template CVE-2023-24488.yaml
  • 🕵️Recon strategies by other Hackers
    • 🔎Blind SQL Injection Detection and Exploitation (Cheat Sheet)
    • 🔎How i got more than 100 vulnerabilities in just one site? (zseano-challenge)
    • 🔎JS is l0ve ❤️.
    • 🔎My top 5 bookmarks that I consistently use for bug bounty and penetration testing.
    • 🔎Find the treasure hidden inside JavaScript
    • 🔎Deep-Subdomains-Enumeration-Methodology
    • 🔎Extensive Recon Guide For Bug Hunting
    • 🔎Finding Time Based SQLi injections : Edition 2023
    • 🔎From Self XSS to Account Take Over(ATO)
    • 🔎How I hacked NASA and got 8 bugs ?
    • 🔎How I was able to find 4 Cross-site scripting (XSS) on vulnerability disclosure program ?
    • 🔎Leakage of credential data for full control over the target.
    • 🔎Recon Like a Boss
    • 🔎Recon With Me
    • 🔎Simple Recon Methodology
    • 🔎SQL injection through HTTP headers
    • 🔎How to Get Unique Subdomains on Large scope
    • 🔎Static Analysis of Client-Side JavaScript for pen testers and bug bounty hunters
  • 🎯subdomain-enumeration
  • 🛠️CRLF
  • ❌xss
  • ⛴️Ghetto XSS Cheatsheet
  • 🚀Oneliners
Powered by GitBook
On this page
  1. Recon strategies by other Hackers

My top 5 bookmarks that I consistently use for bug bounty and penetration testing.

source: https://medium.com/@atikqur007/5-must-need-bookmark-for-bug-bounty-hunters-penetration-testers-5941e4588488

PreviousJS is l0ve ❤️.NextFind the treasure hidden inside JavaScript

Last updated 1 year ago

Hello Folks,

I'd like to share my top 5 personal bookmarks that I repeatedly use while performing penetration testing. Without further ado, let's dive into the topic.

offsec.tools Dashboard

This website features a wide list of bug bounty tools, conveniently sorted by category. If you're looking for subdomain enumeration tools, simply click on the #subdomains category to access the latest tools without having to spend a lot of time searching on Google.

2. PayloadsAllTheThings

Sometimes, you might struggle to track down payloads for a particular category or simply need to conduct a speedy test with some straightforward payloads. This is when I turn to the PayloadsAllTheThings repository. It contains an extensive collection of basic to advanced payloads covering nearly all types of bugs, including SQL injection, XSS, SSRF, open redirect, and more.

3. keyhacks

Do you ever come across an API key that you find during your bug bounty but struggle to figure out how to use it? Or maybe the documentation is too complex to understand? I have a solution for you - the Keyhacks repository. It provides simple commands for using API keys for various web services. Check it out!

4. Domain and IP bulk lookup tool

When checking the cname or DNS history of subdomains, I prefer to use the Domain and IP bulk lookup tool. The interface is straightforward and the results are displayed beautifully, which is why I tend to use it more often.

5. Can-i-take-over-xyz

Thank you

This is probably my most frequently used and favorite resource. I tend to have a lot of questions and uncertainties regarding subdomain takeover, so I am grateful for how well manages the repository. I hope that all of your inquiries related to subdomain takeover can be answered here. In the event that I can't find what I'm looking for, I check both the issue section and the comments section of each issue. Often times, someone else has already provided a solution to my problem.

Reach me:

🕵️
🔎
https://offsec.tools/
https://github.com/swisskyrepo/PayloadsAllTheThings
https://github.com/streaak/keyhacks
https://www.infobyip.com/ipbulklookup.php
EdOverflow
https://github.com/EdOverflow/can-i-take-over-xyz
Twitter
Facebook
offsec.tools