9 matches found
MAL-2025-10035 Malicious code in @zalastax/nolb-_gau (npm)
The package @zalastax/nolb-gau was found to contain malicious code...
Malicious code in @zalastax/nolb-_gau (npm)
The package @zalastax/nolb-gau was found to contain malicious code...
gau-weissenburg.de Cross Site Scripting vulnerability OBB-3861569
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Exploit for Code Injection in Apache Commons_Text
CVE-2022-42889-text4shell π₯π₯π₯ Apache commons text - CVE-2022-...
SSRFire - An Automated SSRF Finder. Just Give The Domain Name And Your Server And Chill! Also Has Options To Find XSS And Open Redirects
An automated SSRF finder. Just give the domain name and your server and chill! ; It also has options to find XSS and open redirects. Syntax ./ssrfire.sh -d domain.com -s yourserver.com -f customfile.txt -c cookies domain.com --- The domain for which you want to test yourserver.com --- Your server...
gau-cho.de Improper Access Control vulnerability OBB-2224787
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Garud - An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps with 1VCPU and 2GB ram. Tools used - You must need to install...
Scripthunter - Tool To Find JavaScript Files On Websites
Scripthunter is a tool that finds javascript files for a given website. To scan Google, simply run ./scripthunter.sh https://google.com. Note that it may take a while, which is why scripthunter also implements a notification mechanism to inform you when a scan is finished via Telegram API. Blogpo...
Wordlist_Generator - Unique Wordlist Generator Of Unique Wordlists
wordlistgenerator generates wordlists with unique words with techniques mentioned in tomnomnom's report "Who, What, Where, When". It takes URLs from gau and splits them to get words in URLs. Then it requests each URL to fetch all words. Finally, wordlistgenerator removes from wordlist everything...