Share this page!

Maybe Scrolly?
Hossein NafisiAsl Profile picture
Twitter logo
May 11 โ€ข 8 tweets โ€ข 2 min read
Have you ever get bounty by using default credentials?
Read this thread ๐Ÿ”ฅ

#bugbountytips
๐Ÿงต๐Ÿ‘‡๐Ÿป
You need to have a special word list for each vendor.

This thread has most known vendors default credentials that gathered from several sources.

Default Credentials for Apache Tomcat:
2/
Default Credentials for Cisco
3/
Default Credentials for IBM
4/
Default Credentials for Oracle
5/
Default Credentials for Windows(RDP)
6/
Default Credentials for Telnet
7/
More Vendors:
github.com/NafisiAslH/Knoโ€ฆ

โ€ข โ€ข โ€ข

Missing some Tweet in this thread? You can try to force a refresh
ใ€€

Keep Current with Hossein NafisiAsl

Hossein NafisiAsl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @MeAsHacker_HNA

Hossein NafisiAsl Profile picture
May 12
How We hacked Admin Panel just by JS file:
(step by step)
#bugbounty #bugbountytips

๐Ÿงต๐Ÿ‘‡๐Ÿป
1/ Introduction ๐Ÿ“–

Team gave mobile app and website.

We didnโ€™t waste of time on mobile app and decided to work on website.

We just tried to find Admin Panel because main domain was just a single page to download the app.
2/ Subdomain Enumeration ๐Ÿ”Ž

After brute forcing the subdomains we found that website had a subdomain like that admin.target.com

When we visited the subdomain we just got that Login Portal ImageImage
Read 8 tweets
Hossein NafisiAsl Profile picture
Mar 9
#Secret1
Top 10 Automatic Recon Tools

#Recon #BugBounty
#100BugBountySecrets
๐Ÿงต๐Ÿ‘‡
1/
R3C0Nizer is the first ever CLI based menu-driven automated web application B-Tier recon framework ...
github.com/Anon-Artist/R3โ€ฆ

#Recon #BugBounty
#100BugBountySecrets
๐Ÿงต๐Ÿ‘‡
2/
scant3r is a module-based web security tool, our goal is to make customizable tool with providing many functions and features that what you need for write a security module....
github.com/knassar702/scaโ€ฆ

#Recon #BugBounty
#100BugBountySecrets
๐Ÿงต๐Ÿ‘‡
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(