Dark C0d3rs - Web & Bug Bounty

API PenTesting Playlist

Wed, 05 Nov 2025 05:23:06 +0000

API PenTesting Playlist
- Link : You are not allowed to view links. Register or Login to view.

subfinder with shuffledns!

Thu, 16 Oct 2025 05:02:32 +0000

Find more subdomains by combining subfinder with shuffledns!

shuffledns -mode bruteforce -d -w -r | anew subs.txt && subfinder -d | anew subs.txt

Install subfinder now ?
You are not allowed to view links. Register or Login to view.

Install shuffleDNS ?
You are not allowed to view links. Register or Login to view.

XSS advanced payloads

Thu, 07 Aug 2025 12:37:38 +0000

link : You are not allowed to view links. Register or Login to view.

CloudFlair - find original IP/server behind CloudFlare

Thu, 07 Aug 2025 12:23:56 +0000

CloudFlair is a tool to find origin servers of websites protected by CloudFlare (or CloudFront) which are publicly exposed and don't appropriately restrict network access to the relevant CDN IP ranges.

The tool uses Internet-wide scan data from Censys to find exposed IPv4 hosts presenting an SSL certificate associated with the target's domain name. API keys are required and can be retrieved from your Censys account.

Link : You are not allowed to view links. Register or Login to view.

XSS & Param Fuzzing via Wayback + Nuclei

Mon, 09 Jun 2025 18:51:49 +0000

Sharing a quick and effective one-liner to discover parameter-based vulnerabilities like XSS using archived URLs and fuzzing templates.

Single Subdomain One-Liner:

Code:
echo sub.target.com | waybackurls \

  | grep "=" \

  | gf xss \

  | uro \

  | httpx -silent -mc 200 -title \

  > live-params.txt && \

nuclei -l live-params.txt -t fuzzing-templates/ -severity low,medium,high -o findings.txt

Multiple Subdomains (List from subs.txt):

Code:
cat subs.txt | while read sub; do

  echo "[*] Processing $sub"

  echo $sub | waybackurls \

    | grep "=" \

    | gf xss \

    | uro \

    | httpx -silent -mc 200,302,403 -title \

    >> live-params.txt

done

nuclei -l live-params.txt -t fuzzing-templates/ -severity low,medium,high -o findings.txt

You can also use anew in place of >> to avoid duplicate URLs in live-params.txt.

Requirements:

You are not allowed to view links. Register or Login to view.
You are not allowed to view links. Register or Login to view.
You are not allowed to view links. Register or Login to view.
You are not allowed to view links. Register or Login to view.
You are not allowed to view links. Register or Login to view. with fuzzing-templates

Optional Speed Boost:

Code:
cat subs.txt | xargs -P 10 -I{} bash -c \

'echo {} | waybackurls | grep "=" | gf xss | uro | httpx -silent -mc 200,302,403 -title' >> live-params.txt

JSMON CLI - Find ALL hidden API endpoints directly from JavaScript files

Sat, 26 Apr 2025 15:53:57 +0000

JSMON CLI is a command-line interface for interacting with the jsmon.sh web application. It provides a convenient way to access various features of JSMON directly from your terminal.

Features

Upload URLs for scanning
Rescan previously scanned URLs
Upload and scan files
View scan results
Manage domains
Set up and manage cron jobs for automated scanning
Compare JavaScript responses
View user profile and usage information

Link: You are not allowed to view links. Register or Login to view.

403 Bypass Techniques

Sun, 23 Mar 2025 07:45:30 +0000

extensive and updated reference for 403 (Forbidden) bypass techniques and tricks for bug bounty hunters and penetration testers.

Link: You are not allowed to view links. Register or Login to view.

Caido - A lightweight web security auditing toolkit

Sun, 23 Mar 2025 07:41:31 +0000

Installing Caido on Windows

Download the Caido installer package for Windows from the dashboard or Github repository.
Open the downloaded package and follow the prompts to install Caido on your system.
Once the installation is complete, you can launch Caido from the Start menu or by searching for it in the Windows search bar.

Installing Caido on Linux

Download the Caido installer package for Linux from the dashboard or Github repository.
Open a terminal and navigate to the directory where the downloaded package is located.
Use the command sudo dpkg -i to install Caido.
Once the installation is complete, you can launch Caido by running the caido command in the terminal.

Installing Caido on MacOS

Download the Caido installer package for macOS from the dashboard or Github repository.
Open the downloaded package and follow the prompts to install Caido on your system.
Once the installation is complete, you can launch Caido from the Applications folder or by searching for it in Spotlight.

Link : You are not allowed to view links. Register or Login to view.
You are not allowed to view links. Register or Login to view.

Brainstorm - AI directory fuzzing

Mon, 03 Mar 2025 05:53:28 +0000

A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery

Combines traditional web fuzzing techniques with AI-powered path generation to discover hidden endpoints, files, and directories in web applications.

Reference: You are not allowed to view links. Register or Login to view.

Github : You are not allowed to view links. Register or Login to view.

xnLinkFinder - discover endpoints and potential parameters

Fri, 28 Feb 2025 12:40:30 +0000

a tool used to discover endpoints (and potential parameters) for a given target. It can find them by:

crawling a target (pass a domain/URL)
crawling multiple targets (pass a file of domains/URLs)
searching files in a given directory (pass a directory name)
get them from a Burp project (pass location of a Burp XML file)
get them from an ZAP project (pass location of a ZAP ASCII message file)
get them from a Caido project (pass location of a Caido export CSV file)
processing a You are not allowed to view links. Register or Login to view. results directory (searching archived response files from waymore -mode R and also requesting URLs from waymore.txt and the original URLs from index.txt - see You are not allowed to view links. Register or Login to view.)

The python script is based on the link finding capabilities of my Burp extension You are not allowed to view links. Register or Login to view.. As a starting point, I took the amazing tool You are not allowed to view links. Register or Login to view. by Gerben Javado, and used the Regex for finding links, but with additional improvements to find even more.

Link : You are not allowed to view links. Register or Login to view.

Shadow Repeater:AI-enhanced manual testing - Burp Plugin

Fri, 21 Feb 2025 09:09:47 +0000

Shadow Repeater monitors your Repeater requests and identifies which parameters you're changing. It then extracts the payloads you've placed in these parameters, and sends them to an AI model which generates variants. Finally, it attacks the target with these payload variations and uses response diffing to identify whether any of them triggered a new interesting code path. This approach allows it to build on a manual tester's expertise to uncover unexpected behaviors, such as unconventional You are not allowed to view links. Register or Login to view. vectors, successful You are not allowed to view links. Register or Login to view. attempts, and even novel vulnerabilities like email splitting attacks.

You can get the source code for You are not allowed to view links. Register or Login to view. and it's available on the BApp store.

Reference : You are not allowed to view links. Register or Login to view.

Dork Generators

Thu, 20 Feb 2025 06:25:16 +0000

Shodan Dorks Generator : You are not allowed to view links. Register or Login to view.
Google Dorks Generator : You are not allowed to view links. Register or Login to view.
Github Dorks Generator : You are not allowed to view links. Register or Login to view.
DorkGPT (Generate Google Dorks with AI) : You are not allowed to view links. Register or Login to view.

Google Dorks for Bug Bounty : You are not allowed to view links. Register or Login to view.

AI HTTP Analyzer - Burp Plugin

Thu, 20 Feb 2025 05:12:22 +0000

AI HTTP ANALYZER is an advanced security analysis assistant integrated into Burp Suite. It examines HTTP requests and responses for potential security vulnerabilities such as SQL injection, XSS, CSRF, and other threats. The extension provides focused technical analysis, including quick identification of detected vulnerabilities, clear technical steps for exploitation, and PoC examples and payloads where applicable.

Features

Analyze HTTP requests and responses for security vulnerabilities
Provide technical analysis and exploitation steps
Include PoC examples and payloads
Integrate with Burp Suite's UI and context menu
Real-time vulnerability assessments
AI-powered context-aware analysis
Generate Proof-of-Concept exploits
Custom PoC script generation
Payload customization for specific scenarios

Link : You are not allowed to view links. Register or Login to view.

Extract All Links from a Webpage - bug bounty tip

Tue, 18 Feb 2025 07:26:25 +0000

JS to extract all links from a page instantly. Just open your browser console (
F12 → Console) and paste this:

Code:
javascript:console.log('Links on this Page:\n' + Array.from(document.querySelectorAll('a')).map(link => link.href).join('\n'));

Credit: You are not allowed to view links. Register or Login to view.

#BugBounty #Recon #Pentesting #Hacking #OSINT