82 matches found
ethical-hacking-portfolio
Ethical Hacking Portfolio - CS4069 | Spring 2026 Course:...
Dork2Sqlmap
Dork2Sqlmap A lightweight tool that let...
BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE , is estimated to have collected over 10,000 private...
User Registration And Management System 3.2 SQL Injection
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title User Registration & Management System - SQLi .:. Google Dorks .:. inurl:loginsystem/index.php .:. Date: June 18, 2024 .:. Exploit Author: bRpsd .:. Contact: cyatlive.no .:. Vendor - https://phpgurukul.com/ .:...
Dorkish - Chrome Extension Tool For OSINT & Recon
During reconaissance phase or when doing OSINT , we often use google dorking and shodan and thus the idea of Dorkish. Dorkish is a Chrome extension tool that facilitates custom dork creation for Google and Shodan using the builder and it offers prebuilt dorks for efficient reconnaissance and OSIN...
Google-Dorks-Bug-Bounty - A List Of Google Dorks For Bug Bounty, Web Application Security, And Pentesting
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting Live Tool Broad domain search w/ negative search site:example.com -www -shop -share -ir -mfa PHP extension w/ parameters site:example.com ext:php inurl:? Disclosed XSS and Open Redirects site:openbugbounty.org...
SuperStoreFinder 3.7 XSS / CSRF / Command Execution
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title SuperStoreFinder - Multiple Vulnerabilities .:. Google Dorks .:. "designed and built by Joe Iz." "Super Store Finder is designed and built by Joe Iz from Highwarden Huntsman." inurl:/superstorefinder/index.php ....
London Councils & pirate books. Google dorking for subdomain takeovers
TL;DR Google dorks found me an exploited DigitalOcean subdomain takeover on London Councils’ .gov.uk domain It used a meta refresh to redirect to a site hosting unprovenanced PDFs London Councils had a security.txt file which made disclosure a doddle Their security team were awesome and fixed it...
Web-Attack-Cheat-Sheet
It is an offensive tool for web application security testing. The repository contains a comprehensive web attack cheat sheet, covering various techniques for discovering, enumerating, scanning, and monitoring web applications. The tool covers topics such as IP and subdomain enumeration, cache and...
CKEditor 3 - Server-Side Request Forgery (SSRF)
Exploit Title: CKEditor 3 - Server-Side Request Forgery SSRF Google Dorks : inurl /editor/filemanager/connectors/uploadtest.html Date: 12-6-2021 Exploit Author: Blackangel Software Link: https://ckeditor.com/ Version:all version under 4 1,2,3 Tested on: windows 7 Steps of Exploit:- 1-using google...
CKEditor 3 Server-Side Request Forgery
Exploit Title: CKEditor 3 - Server-Side Request Forgery SSRF Google Dorks : inurl /editor/filemanager/connectors/uploadtest.html Date: 12-6-2021 Exploit Author: Blackangel Software Link: https://ckeditor.com/ Version:all version under 4 1,2,3 Tested on: windows 7 Steps of Exploit:- 1-using google...
CKEditor 3 - Server-Side Request Forgery Vulnerability
Exploit Title: CKEditor 3 - Server-Side Request Forgery SSRF Google Dorks : inurl /editor/filemanager/connectors/uploadtest.html Exploit Author: Blackangel Software Link: https://ckeditor.com/ Version:all version under 4 1,2,3 Tested on: windows 7 Steps of Exploit:- 1-using google dorks inurl...
Joomla Matukio Events 7.0.5 Cross Site Scripting Vulnerability
Exploit Title:Joomla Matukio Events 7.0.5 Stored XSS Author: Vincent666 ibn Winnie Software Link: https://matukio.compojoom.com/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel : https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ Google Dorks: inurl:option=commatukio...
Joomla Matukio Events 7.0.5 Cross Site Scripting
Exploit Title:Joomla Matukio Events 7.0.5 Stored XSS Date:08.03.2021 Author: Vincent666 ibn Winnie Software Link: https://matukio.compojoom.com/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel : https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ Google Dorks:...
Reconftw - Simple Script For Full Recon
This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;dr Requires Go Run ./install.sh before first run apt, rpm, pacman compatible git clone https://github.com/six2dez/reconftw cd reconftw chmod +x .sh ./install.sh ./reconftw.sh -d target.com -a...
BigBountyRecon - This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation. Reconnaissance is the most important step in any penetration testing or a bug hunting process. It provides an attacke...
Oblivion - Data Leak Checker And OSINT Tool
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It's possible too verify if any credential of user has been leak out before. The Oblivion have two modes: Oblivion Client: graphical mode. Oblivion Server: mode with A...
Grawler - Tool Which Comes With A Web Interface That Automates The Task Of Using Google Dorks, Scrapes The Results, And Stores Them In A File
Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file. General info Grawler aims to automate the task of using google dorks with a web interface, the main idea is to provide a simple yet...
Pagodo - Automate Google Hacking Database Scraping And Searching
The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdbscraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered...