Nithin R Profile picture
Sep 11 8 tweets 2 min read
The easiest P1/P2 afaik is Sensitive Information.

You can mostly find this on Github. Using the correct dorks would result in quick $$$$.

Here's a list of highly efficient Github dorks that I use on a regular basis.

🧵👇

#bugbounty #dorks #github #bugbountytips
💬 Sensitive words

password, api_key, access_key, dbpassword, dbuser, pwd, pwds, aws_access, key, token, credentials, pass, pwd, passwd, private, preprod, appsecret
🗣️ Language

Combine the above sensitive words with some well known languages where they're seen usually.

language:json, bash, shell, java etc.

Example: HEROKU_API_KEY language:json
🧲 Extension

Language is one thing but files with some extensions also contain interesting information.

extension:bat,config,ini,env etc.
📁 Filename

filename:netrpc, .git-credentials, .history, .htpasswd, bash_history
🧬 Combined

Often it's better to combine multiple dorks together if you have too many code files.
🚀 These are the dorks I use the most.

Do you use anything else? Comment down below.
That's a wrap!

If you enjoyed this thread:

1. Follow me @thebinarybot for more of these
2. RT the tweet below to share this thread with your audience

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Nithin R

Nithin R Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @thebinarybot

Sep 7
Different people have different hobbies.

But I feel everybody should have a hobby under different buckets such as creativity, money making etc. that can help you grow while doing what you love.

Read more below 🧵👇

#productivity #growth
1. Hobby to keep you creative

Having a creative activity is essential for increasing brain function, focus, and emotional expression.

Writing, painting, doodling, journaling, stitching, crochet, DIY crafts etc are good hobbies to keep one creative.
2. Hobby to make you money

If you have turned your passion to profession, then it’s a different case but if not, try having a hobby that helps you make some extra money.

Examples for hobbies that can help you earn money are writing, singing, painting, coaching etc.
Read 7 tweets
Sep 6
Before doing a penetration test on a corporation, you must conduct OSINT, or open source intelligence, on the company's in scope assets.

Here's a list of commonly used OSINT tools below.

🧵👇

#OSINT #bugbounty #hacking #pentesting
1. Maltego
2. Mikita
3. SpiderFoot
4. Spyse
5. BuiltWith
6. Intelligence X
Read 7 tweets
Sep 6
Does music affect your productivity?

Learn more below.

🧵👇

#productivity #growth #music
🚀 Music between tasks may increase productivity.

Although listening to music while working may have negative consequences, listening to music in between tasks might improve your mental performance and capacity to concentrate for lengthy periods of time.
🎗️ Music familiarity is best for focus

When we listen to familiar music rather than unknown music, certain parts of our brain that elicit powerful emotions and boost focus become more active.
Read 7 tweets
Sep 5
When you know that a server is attempting to validate an image's intrinsic attributes and prevent Content-Type/Extension bypasses, you can upload a polygot file to get RCE.

But what's all this? How do I do this?

Learn more below.
🧵👇

#bugbounty #bugbountytips #infosec
🔵 Understanding how applications can determine file type

There are many ways through which an application can determine the file type. This detection could be based on extension type, magic bytes detection or more sophisticated detection using file headers.
1. Extension type detection

The easiest of all ways to detect a file type is using the file's extension. Example: dogs.jpg is a JPG file.

I have already written a thread to perform extension bypasses and upload a web shell. Check it out here:
Read 10 tweets
Sep 5
I recently read "The Monk who sold his Ferrari" by our beloved Robin Sharma. Needless to say, it's a very well written book with lots of values.

Here are 5 life lessons from the above-mentioned book.

🧵👇

#productivity #growth #books #reading
[Summary]

In search of wisdom and happiness, the Protagonist, a seven-figure-earning lawyer, surrenders his possessions and traveled to the Himalayan foothills to study the wisdom of the Sages.

It is a story about materialistic success transforming into true prosperity.
1. Positive Thoughts

The quality of your life is determined by the quality of your thoughts. Mastering your mind means seeing setbacks as opportunities.
Read 9 tweets
Sep 4
There are many ways to upload a web shell leveraging the file upload functionality despite the server employing file extension blacklists.

Here's a thread on different techniques to obfuscate your file extension and bypass extension blacklists.

🧵👇

#bugbounty #bugbountytips
1. Case sensitive checks

If you're uploading a php shell like "shell.php", try uploading the same after changing the name of your file to shell.PHP or shell.pHp.
2. Multiple extensions

shell.php.jpg can be interpreted either as a image or a php file. Try shell.php.jog and shell.jpg.php.

Profit if either of them work.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(