├── Command_injection_payload_list ├── Intruder │ ├── Linux or Unix │ │ ├── Advanced list of Unix command injection.txt │ │ └── Basic list of Unix command injection.txt │ └── Windows │ │ ├── Advanced list of Windows command injection.txt │ │ └── Basic list of Windows command injection.txt └── README.md ├── Fuzzing API Wordlist ├── API_see_in_wild_path.txt ├── API_seen_in_wild.txt ├── Actions-lowercase.txt ├── Actions-uppercase.txt ├── Actions.txt ├── Common_path.txt ├── Objects-lowercase.txt ├── Objects-upper-uppercase.txt ├── Objects-uppercase.txt └── README.md ├── Host Header Injection ├── Advanced_Host_Header.txt ├── Bypass_loopback ├── Host Header Injection.txt └── Simple Host Header Injection.txt ├── Local File Inclusion └── Intruder │ ├── LFI_Bypass.txt │ └── find_parameter_LFI.txt ├── Path Traversal └── Intruder │ └── Bypass_path_traversal.txt ├── README.md ├── SQLi ├── Advanced-SQL-Injection-Cheatsheet │ ├── Error Based SQLi │ │ ├── README.md │ │ └── intruders.txt │ ├── LFI-via-load_file-function │ │ └── README.md │ ├── MSSQL - Error Based SQLi │ │ └── README.md │ ├── MySQL - Boolean Based Blind SQLi │ │ └── README.md │ ├── MySQL - Stabilise & Bypass │ │ └── README.md │ ├── MySQL - Time Based SQLi │ │ └── README.md │ ├── MySQL-Bypass-Error │ │ └── README.md │ ├── MySQL-Routed-Queries │ │ └── README.md │ ├── Oracle - Error Union\Based SQLi │ │ └── README.md │ ├── Postgres - Error Based SQLi │ │ └── README.md │ ├── Privilege Escalation - MSSQL │ │ └── README.md │ ├── Privilege Escalation │ │ └── README.md │ ├── README.md │ ├── The Alternative way of using And 0 in SQL Injection │ │ └── README.md │ └── The Alternative way of using Null in SQL Injection │ │ └── README.md ├── Blind SQLI intruder │ ├── generic.txt │ ├── mysql.txt │ ├── oracle.txt │ ├── postgresql.txt │ └── xor.txt ├── Intruder │ ├── Basic_SQLi.txt │ ├── detect │ │ ├── GenericBlind.txt │ │ ├── Generic_ErrorBased.txt │ │ ├── Generic_SQLI.txt │ │ ├── Generic_TimeBased.txt │ │ ├── Generic_UnionSelect.txt │ │ ├── MSSQL │ │ │ ├── MSSQL.txt │ │ │ └── MSSQL_blind.txt │ │ ├── MySQL │ │ │ ├── MySQL.txt │ │ │ └── MySQL_MSSQL.txt │ │ ├── NoSQL │ │ │ └── no-sql.txt │ │ ├── Oracle │ │ │ └── oracle.txt │ │ └── xPlatform │ │ │ └── xplatform.txt │ ├── everything.txt │ ├── exploit │ │ ├── Auth_Bypass.txt │ │ ├── DB2 │ │ │ └── db2-enumeration.txt │ │ ├── MSSQL │ │ │ └── ms-sql-enumeration.txt │ │ ├── MySQL │ │ │ ├── mysql-injection-login-bypass.txt │ │ │ └── mysql-read-local-files.txt │ │ └── PostgresSQL │ │ │ └── postgres-enumeration.txt │ ├── payloads-sql-blind │ │ ├── MSSQL │ │ │ ├── payloads-sql-blind-MSSQL-INSERT.txt │ │ │ └── payloads-sql-blind-MSSQL-WHERE.txt │ │ └── MySQL │ │ │ ├── payloads-sql-blind-MySQL-INSERT.txt │ │ │ ├── payloads-sql-blind-MySQL-ORDER_BY.txt │ │ │ └── payloads-sql-blind-MySQL-WHERE.txt │ └── sql.txt └── Readme.md ├── SSRF ├── 2024-03-16_03-33.png ├── Autorepeter SRRF.png ├── Intruder │ └── Bypass_SSRF_Abuse_of_Enclosed_Alphanumerics.txt ├── Regular expresion.png ├── Road to Pentesting-REGEX SSRF.png ├── SSRF FIND URL.png └── Transformers.gif ├── SSTI-Payloads ├── Intruder │ ├── ssti-payloads.txt │ └── ssti-urlencoded-payloads.txt ├── LICENSE └── README.md ├── Upload Insecure File └── Intruder │ └── intruder_extension_PHP.txt └── XSS ├── Intruder ├── Bypass_WAF_xss.txt ├── find_xss_basic.txt ├── find_xss_basic_2.txt ├── find_xss_basic_alert.txt ├── find_xss_body.txt ├── find_xss_div.txt ├── find_xss_polyglot.txt ├── find_xss_svg_bypass_waf.txt └── useragent.txt ├── Polyglot Payloads.png ├── XSS_polyglot_with_Cuneiform ├── generate_payloads ├── script_xss_fr4nzisko │ ├── Bypass_WAF_xss.txt │ ├── find_xss_basic.txt │ ├── find_xss_basic_2.txt │ ├── find_xss_basic_alert.txt │ ├── find_xss_body.txt │ ├── find_xss_div.txt │ ├── find_xss_polyglot.txt │ ├── find_xss_svg_bypass_waf.txt │ ├── xss_shield_breaker.py │ ├── xss_shield_breaker2.py │ ├── xss_shield_breaker3.py │ ├── xss_shield_breaker4.py │ ├── xss_shield_breaker5.py │ ├── xss_shield_breaker6.py │ ├── xss_shield_breaker7.py │ └── xss_shield_breaker8.py └── var_alerts_polyglots.py └── script_xss_fr4nzisko_final ├── find_xss_basic_alert.txt ├── find_xss_div.txt ├── find_xss_polyglot.txt ├── generate_payload ├── payload.txt ├── payloads_modificados.txt └── var_alerts_polyglots.py ├── xss_shield_breaker2.py ├── xss_shield_breaker3.py ├── xss_shield_breaker6.py ├── xss_shield_breaker7.py └── xss_shield_breaker8.py /Command_injection_payload_list/Intruder/Linux or Unix/Advanced list of Unix command injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Command_injection_payload_list/Intruder/Linux or Unix/Advanced list of Unix command injection.txt -------------------------------------------------------------------------------- /Command_injection_payload_list/Intruder/Linux or Unix/Basic list of Unix command injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Command_injection_payload_list/Intruder/Linux or Unix/Basic list of Unix command injection.txt -------------------------------------------------------------------------------- /Command_injection_payload_list/Intruder/Windows/Advanced list of Windows command injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Command_injection_payload_list/Intruder/Windows/Advanced list of Windows command injection.txt -------------------------------------------------------------------------------- /Command_injection_payload_list/Intruder/Windows/Basic list of Windows command injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Command_injection_payload_list/Intruder/Windows/Basic list of Windows command injection.txt -------------------------------------------------------------------------------- /Command_injection_payload_list/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Command_injection_payload_list/README.md -------------------------------------------------------------------------------- /Fuzzing API Wordlist/API_see_in_wild_path.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/API_see_in_wild_path.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/API_seen_in_wild.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/API_seen_in_wild.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Actions-lowercase.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Actions-lowercase.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Actions-uppercase.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Actions-uppercase.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Actions.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Actions.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Common_path.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Common_path.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Objects-lowercase.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Objects-lowercase.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Objects-upper-uppercase.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Objects-upper-uppercase.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/Objects-uppercase.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/Objects-uppercase.txt -------------------------------------------------------------------------------- /Fuzzing API Wordlist/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Fuzzing API Wordlist/README.md -------------------------------------------------------------------------------- /Host Header Injection/Advanced_Host_Header.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Host Header Injection/Advanced_Host_Header.txt -------------------------------------------------------------------------------- /Host Header Injection/Bypass_loopback: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Host Header Injection/Bypass_loopback -------------------------------------------------------------------------------- /Host Header Injection/Host Header Injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Host Header Injection/Host Header Injection.txt -------------------------------------------------------------------------------- /Host Header Injection/Simple Host Header Injection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Host Header Injection/Simple Host Header Injection.txt -------------------------------------------------------------------------------- /Local File Inclusion/Intruder/LFI_Bypass.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Local File Inclusion/Intruder/LFI_Bypass.txt -------------------------------------------------------------------------------- /Local File Inclusion/Intruder/find_parameter_LFI.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Local File Inclusion/Intruder/find_parameter_LFI.txt -------------------------------------------------------------------------------- /Path Traversal/Intruder/Bypass_path_traversal.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Path Traversal/Intruder/Bypass_path_traversal.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Error Based SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Error Based SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Error Based SQLi/intruders.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Error Based SQLi/intruders.txt -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/LFI-via-load_file-function/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/LFI-via-load_file-function/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MSSQL - Error Based SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MSSQL - Error Based SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Boolean Based Blind SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Boolean Based Blind SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Stabilise & Bypass/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Stabilise & Bypass/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Time Based SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL - Time Based SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL-Bypass-Error/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL-Bypass-Error/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL-Routed-Queries/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/MySQL-Routed-Queries/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Oracle - Error Union\Based SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Oracle - Error Union\Based SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Postgres - Error Based SQLi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Postgres - Error Based SQLi/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Privilege Escalation - MSSQL/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Privilege Escalation - MSSQL/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/Privilege Escalation/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/Privilege Escalation/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/The Alternative way of using And 0 in SQL Injection/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/The Alternative way of using And 0 in SQL Injection/README.md -------------------------------------------------------------------------------- /SQLi/Advanced-SQL-Injection-Cheatsheet/The Alternative way of using Null in SQL Injection/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Advanced-SQL-Injection-Cheatsheet/The Alternative way of using Null in SQL Injection/README.md -------------------------------------------------------------------------------- /SQLi/Blind SQLI intruder/generic.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Blind SQLI intruder/generic.txt -------------------------------------------------------------------------------- /SQLi/Blind SQLI intruder/mysql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Blind SQLI intruder/mysql.txt -------------------------------------------------------------------------------- /SQLi/Blind SQLI intruder/oracle.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Blind SQLI intruder/oracle.txt -------------------------------------------------------------------------------- /SQLi/Blind SQLI intruder/postgresql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Blind SQLI intruder/postgresql.txt -------------------------------------------------------------------------------- /SQLi/Blind SQLI intruder/xor.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Blind SQLI intruder/xor.txt -------------------------------------------------------------------------------- /SQLi/Intruder/Basic_SQLi.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/Basic_SQLi.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/GenericBlind.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/GenericBlind.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/Generic_ErrorBased.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/Generic_ErrorBased.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/Generic_SQLI.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/Generic_SQLI.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/Generic_TimeBased.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/Generic_TimeBased.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/Generic_UnionSelect.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/Generic_UnionSelect.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/MSSQL/MSSQL.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/MSSQL/MSSQL.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/MSSQL/MSSQL_blind.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/MSSQL/MSSQL_blind.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/MySQL/MySQL.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/MySQL/MySQL.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/MySQL/MySQL_MSSQL.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/MySQL/MySQL_MSSQL.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/NoSQL/no-sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/NoSQL/no-sql.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/Oracle/oracle.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/Oracle/oracle.txt -------------------------------------------------------------------------------- /SQLi/Intruder/detect/xPlatform/xplatform.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/detect/xPlatform/xplatform.txt -------------------------------------------------------------------------------- /SQLi/Intruder/everything.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/everything.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/Auth_Bypass.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/Auth_Bypass.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/DB2/db2-enumeration.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/DB2/db2-enumeration.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/MSSQL/ms-sql-enumeration.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/MSSQL/ms-sql-enumeration.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/MySQL/mysql-injection-login-bypass.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/MySQL/mysql-injection-login-bypass.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/MySQL/mysql-read-local-files.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/MySQL/mysql-read-local-files.txt -------------------------------------------------------------------------------- /SQLi/Intruder/exploit/PostgresSQL/postgres-enumeration.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/exploit/PostgresSQL/postgres-enumeration.txt -------------------------------------------------------------------------------- /SQLi/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-INSERT.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-INSERT.txt -------------------------------------------------------------------------------- /SQLi/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-WHERE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/payloads-sql-blind/MSSQL/payloads-sql-blind-MSSQL-WHERE.txt -------------------------------------------------------------------------------- /SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-INSERT.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-INSERT.txt -------------------------------------------------------------------------------- /SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-ORDER_BY.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-ORDER_BY.txt -------------------------------------------------------------------------------- /SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-WHERE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/payloads-sql-blind/MySQL/payloads-sql-blind-MySQL-WHERE.txt -------------------------------------------------------------------------------- /SQLi/Intruder/sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Intruder/sql.txt -------------------------------------------------------------------------------- /SQLi/Readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SQLi/Readme.md -------------------------------------------------------------------------------- /SSRF/2024-03-16_03-33.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/2024-03-16_03-33.png -------------------------------------------------------------------------------- /SSRF/Autorepeter SRRF.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/Autorepeter SRRF.png -------------------------------------------------------------------------------- /SSRF/Intruder/Bypass_SSRF_Abuse_of_Enclosed_Alphanumerics.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/Intruder/Bypass_SSRF_Abuse_of_Enclosed_Alphanumerics.txt -------------------------------------------------------------------------------- /SSRF/Regular expresion.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/Regular expresion.png -------------------------------------------------------------------------------- /SSRF/Road to Pentesting-REGEX SSRF.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/Road to Pentesting-REGEX SSRF.png -------------------------------------------------------------------------------- /SSRF/SSRF FIND URL.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/SSRF FIND URL.png -------------------------------------------------------------------------------- /SSRF/Transformers.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSRF/Transformers.gif -------------------------------------------------------------------------------- /SSTI-Payloads/Intruder/ssti-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSTI-Payloads/Intruder/ssti-payloads.txt -------------------------------------------------------------------------------- /SSTI-Payloads/Intruder/ssti-urlencoded-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSTI-Payloads/Intruder/ssti-urlencoded-payloads.txt -------------------------------------------------------------------------------- /SSTI-Payloads/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSTI-Payloads/LICENSE -------------------------------------------------------------------------------- /SSTI-Payloads/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/SSTI-Payloads/README.md -------------------------------------------------------------------------------- /Upload Insecure File/Intruder/intruder_extension_PHP.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/Upload Insecure File/Intruder/intruder_extension_PHP.txt -------------------------------------------------------------------------------- /XSS/Intruder/Bypass_WAF_xss.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/Bypass_WAF_xss.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_basic.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_basic.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_basic_2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_basic_2.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_basic_alert.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_basic_alert.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_body.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_body.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_div.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_div.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_polyglot.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_polyglot.txt -------------------------------------------------------------------------------- /XSS/Intruder/find_xss_svg_bypass_waf.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/find_xss_svg_bypass_waf.txt -------------------------------------------------------------------------------- /XSS/Intruder/useragent.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Intruder/useragent.txt -------------------------------------------------------------------------------- /XSS/Polyglot Payloads.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/Polyglot Payloads.png -------------------------------------------------------------------------------- /XSS/XSS_polyglot_with_Cuneiform: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/XSS_polyglot_with_Cuneiform -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/Bypass_WAF_xss.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/Bypass_WAF_xss.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic_2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic_2.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic_alert.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_basic_alert.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_body.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_body.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_div.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_div.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_polyglot.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_polyglot.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/find_xss_svg_bypass_waf.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/find_xss_svg_bypass_waf.txt -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker2.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker3.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker4.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker4.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker5.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker5.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker6.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker6.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker7.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker7.py -------------------------------------------------------------------------------- /XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker8.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/script_xss_fr4nzisko/xss_shield_breaker8.py -------------------------------------------------------------------------------- /XSS/generate_payloads/var_alerts_polyglots.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/generate_payloads/var_alerts_polyglots.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/find_xss_basic_alert.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/find_xss_basic_alert.txt -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/find_xss_div.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/find_xss_div.txt -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/find_xss_polyglot.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/find_xss_polyglot.txt -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/generate_payload/payload.txt: -------------------------------------------------------------------------------- 1 | alert(1) 2 | -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/generate_payload/payloads_modificados.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/generate_payload/payloads_modificados.txt -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/generate_payload/var_alerts_polyglots.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/generate_payload/var_alerts_polyglots.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/xss_shield_breaker2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/xss_shield_breaker2.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/xss_shield_breaker3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/xss_shield_breaker3.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/xss_shield_breaker6.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/xss_shield_breaker6.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/xss_shield_breaker7.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/xss_shield_breaker7.py -------------------------------------------------------------------------------- /XSS/script_xss_fr4nzisko_final/xss_shield_breaker8.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fr4nzisko/Bug_Bounty_Web_and_API_Tools/HEAD/XSS/script_xss_fr4nzisko_final/xss_shield_breaker8.py --------------------------------------------------------------------------------