├── AWS.md ├── ApiKey.md ├── Buffer-Overflow.md ├── CRLF.md ├── CV ├── GochaOkradzeCV.pdf └── GochaOkradze_CV_EN.pdf ├── Cors-Origin.md ├── Crawl_Parameters.md ├── EndpointsExtractor.md ├── ErrorsAndVulnsDetect.md ├── Georgian-Recon.md ├── Gospider.md ├── IP_regex.md ├── Img ├── Screenshot from 2019-05-10 02-25-10.png ├── Screenshot from 2019-05-10 02-40-35.png ├── Screenshot from 2019-05-10 09-56-26.png ├── Screenshot from 2019-05-10 10-08-11.png └── empty.md ├── LFI.md ├── MyBugBountyMethodology.md ├── OpenRedirect_SSRF.md ├── RCE.md ├── README.md ├── ReconWithBurp_Suite.md ├── SQLiError.md ├── Secret_Patterns_db.MD ├── SubRegex.md ├── SubdomainsToBurp.md ├── Time-Based-SQLi.md ├── WEB APPLICATION PENTESTING CHECKLIST.pdf ├── WebDAV.md ├── bxss_js.md ├── content_discovery.md ├── file_upload.md ├── htmlattribs ├── paramName-inputTag.md ├── translate └── wahh-yandex-translate-ru.pdf ├── web ports.md ├── wordlists ├── 1.json ├── 2.json ├── README.md ├── b.json ├── blind-time-based-sqli-payloads.txt ├── common_api_paths.txt ├── content.txt ├── lfi-linux.txt ├── parameters.txt ├── s0md3v_XSS.txt ├── sensitive.txt ├── ssrf.txt ├── swagger.json ├── test.html ├── testSwagger │ ├── 06.json │ ├── c.json │ ├── j.json │ ├── q.json │ ├── t.json │ ├── w.json │ └── y.json └── xssAttacks.json ├── xpath.md ├── xss from img for S3 bucket.md ├── xss.md └── xxe.md /AWS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/AWS.md -------------------------------------------------------------------------------- /ApiKey.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/ApiKey.md -------------------------------------------------------------------------------- /Buffer-Overflow.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Buffer-Overflow.md -------------------------------------------------------------------------------- /CRLF.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/CRLF.md -------------------------------------------------------------------------------- /CV/GochaOkradzeCV.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/CV/GochaOkradzeCV.pdf -------------------------------------------------------------------------------- /CV/GochaOkradze_CV_EN.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/CV/GochaOkradze_CV_EN.pdf -------------------------------------------------------------------------------- /Cors-Origin.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Cors-Origin.md -------------------------------------------------------------------------------- /Crawl_Parameters.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Crawl_Parameters.md -------------------------------------------------------------------------------- /EndpointsExtractor.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/EndpointsExtractor.md -------------------------------------------------------------------------------- /ErrorsAndVulnsDetect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/ErrorsAndVulnsDetect.md -------------------------------------------------------------------------------- /Georgian-Recon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Georgian-Recon.md -------------------------------------------------------------------------------- /Gospider.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Gospider.md -------------------------------------------------------------------------------- /IP_regex.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/IP_regex.md -------------------------------------------------------------------------------- /Img/Screenshot from 2019-05-10 02-25-10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Img/Screenshot from 2019-05-10 02-25-10.png -------------------------------------------------------------------------------- /Img/Screenshot from 2019-05-10 02-40-35.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Img/Screenshot from 2019-05-10 02-40-35.png -------------------------------------------------------------------------------- /Img/Screenshot from 2019-05-10 09-56-26.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Img/Screenshot from 2019-05-10 09-56-26.png -------------------------------------------------------------------------------- /Img/Screenshot from 2019-05-10 10-08-11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Img/Screenshot from 2019-05-10 10-08-11.png -------------------------------------------------------------------------------- /Img/empty.md: -------------------------------------------------------------------------------- 1 | empty file 2 | -------------------------------------------------------------------------------- /LFI.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/LFI.md -------------------------------------------------------------------------------- /MyBugBountyMethodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/MyBugBountyMethodology.md -------------------------------------------------------------------------------- /OpenRedirect_SSRF.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/OpenRedirect_SSRF.md -------------------------------------------------------------------------------- /RCE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/RCE.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/README.md -------------------------------------------------------------------------------- /ReconWithBurp_Suite.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/ReconWithBurp_Suite.md -------------------------------------------------------------------------------- /SQLiError.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/SQLiError.md -------------------------------------------------------------------------------- /Secret_Patterns_db.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Secret_Patterns_db.MD -------------------------------------------------------------------------------- /SubRegex.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/SubRegex.md -------------------------------------------------------------------------------- /SubdomainsToBurp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/SubdomainsToBurp.md -------------------------------------------------------------------------------- /Time-Based-SQLi.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/Time-Based-SQLi.md -------------------------------------------------------------------------------- /WEB APPLICATION PENTESTING CHECKLIST.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/WEB APPLICATION PENTESTING CHECKLIST.pdf -------------------------------------------------------------------------------- /WebDAV.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/WebDAV.md -------------------------------------------------------------------------------- /bxss_js.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/bxss_js.md -------------------------------------------------------------------------------- /content_discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/content_discovery.md -------------------------------------------------------------------------------- /file_upload.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/file_upload.md -------------------------------------------------------------------------------- /htmlattribs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/htmlattribs -------------------------------------------------------------------------------- /paramName-inputTag.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/paramName-inputTag.md -------------------------------------------------------------------------------- /translate/wahh-yandex-translate-ru.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/translate/wahh-yandex-translate-ru.pdf -------------------------------------------------------------------------------- /web ports.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/web ports.md -------------------------------------------------------------------------------- /wordlists/1.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/1.json -------------------------------------------------------------------------------- /wordlists/2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/2.json -------------------------------------------------------------------------------- /wordlists/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/README.md -------------------------------------------------------------------------------- /wordlists/b.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/b.json -------------------------------------------------------------------------------- /wordlists/blind-time-based-sqli-payloads.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/blind-time-based-sqli-payloads.txt -------------------------------------------------------------------------------- /wordlists/common_api_paths.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/common_api_paths.txt -------------------------------------------------------------------------------- /wordlists/content.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/content.txt -------------------------------------------------------------------------------- /wordlists/lfi-linux.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/lfi-linux.txt -------------------------------------------------------------------------------- /wordlists/parameters.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/parameters.txt -------------------------------------------------------------------------------- /wordlists/s0md3v_XSS.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/s0md3v_XSS.txt -------------------------------------------------------------------------------- /wordlists/sensitive.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/sensitive.txt -------------------------------------------------------------------------------- /wordlists/ssrf.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/ssrf.txt -------------------------------------------------------------------------------- /wordlists/swagger.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/swagger.json -------------------------------------------------------------------------------- /wordlists/test.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/test.html -------------------------------------------------------------------------------- /wordlists/testSwagger/06.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/06.json -------------------------------------------------------------------------------- /wordlists/testSwagger/c.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/c.json -------------------------------------------------------------------------------- /wordlists/testSwagger/j.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/j.json -------------------------------------------------------------------------------- /wordlists/testSwagger/q.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/q.json -------------------------------------------------------------------------------- /wordlists/testSwagger/t.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/t.json -------------------------------------------------------------------------------- /wordlists/testSwagger/w.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/w.json -------------------------------------------------------------------------------- /wordlists/testSwagger/y.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/testSwagger/y.json -------------------------------------------------------------------------------- /wordlists/xssAttacks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/wordlists/xssAttacks.json -------------------------------------------------------------------------------- /xpath.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/xpath.md -------------------------------------------------------------------------------- /xss from img for S3 bucket.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/xss from img for S3 bucket.md -------------------------------------------------------------------------------- /xss.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/xss.md -------------------------------------------------------------------------------- /xxe.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ghsec/webHunt/HEAD/xxe.md --------------------------------------------------------------------------------