Fuzzing / Wordlists
- 5.
- 6.
- 7.
- 8.
- 9.Content Discovery - https://twitter.com/Alra3ees/status/1208502084246671366 (Also downloaded the same)
- 11.Dirbuster - When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u - https://twitter.com/i/status/1221792235215151104
- 12.
- 16.Status codes - hakul/hakcrawl - gofetch , statusparser
- 17.What are your normal testing steps when you see a 401? - https://twitter.com/nomanAli181/status/1146411693590736896
- 19.
- 22.
- 24.Jhaddix -
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u
Any tool to dedupe a list of urls according their parameters? I mean keep only 1 url if it appears several times with same params no matter their values - https://twitter.com/gwendallecoguic/status/1207435306410168322
- Check out subs_all txt here - https://drive.google.com/file/d/12nABC1GUL7lBsPuzC0pWJrPRzHMHqe8X/view?usp=sharing
- Tool - wordlistgen

https://twitter.com/Mah3Sec_/status/1325030700039368709
Exploiting:
Last modified 1yr ago