├── CMS └── Wordpress │ ├── wordpress Automation.md │ ├── wordpress Endpoint │ └── wordpress.md ├── CVE.md ├── CheatSheet ├── Basic Tools.md ├── File Inclusion.md ├── File Transfers.md ├── Metasploit.md ├── SQL Injection.md ├── Transfering Files with Code.md ├── ffuf CheatSheet.md └── readme.md ├── LFI └── LFI Cheat Sheet.md ├── Nginx ├── One-liner.md ├── OneApi.txt ├── Payloads ├── 403 Bypass Payload ├── Command Injection Payload ├── Generic Time Based SQL Injection Payloads: ├── LFI Payloads ├── Login-Bypass ├── Microsoft SQL Server Blind (Time Based): ├── MySQL Blind (Time Based) ├── Open Redirect Payload List ├── Oracle Blind (Time Based): ├── Postgresql Blind (Time Based): ├── SQL Injection Auth Bypass ├── SSTI Payload ├── Sql detection payload └── XSS Payload.txt ├── README.md ├── Redirect Payload.txt ├── SQLI ├── MySQL Blind (Time Based) Payload list ├── MySQL cheatsheet.md ├── SQLI DIOS.md ├── SQLI Payload ├── SQLiDetector ├── Tools.md └── sqli-logic.txt ├── SSTI ├── SSTI Detection.txt ├── Tools.md ├── Wordlists ├── Fuzz.txt ├── JiraFuzz.txt ├── LastFuzz.txt ├── OneApi.txt ├── OneXFuzz.txt ├── README.md ├── admin panel ├── oneFuzz.txt ├── param.txt ├── readme.md └── subdomain_megalist.txt ├── XSS.html ├── XSS ├── Blind XSS Header Payload ├── Tools.md ├── XSS Payload └── XSS.md ├── directory-list-2.3-medium.txt ├── fuzz-php.php ├── headers.txt ├── jwt.secrets.list ├── leaky-paths.txt ├── my302redirectserver.py ├── providers.json ├── raft-medium-directories.txt ├── ssrf-bypasses.txt └── zapstiko.py /CMS/Wordpress/wordpress Automation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CMS/Wordpress/wordpress Automation.md -------------------------------------------------------------------------------- /CMS/Wordpress/wordpress Endpoint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CMS/Wordpress/wordpress Endpoint -------------------------------------------------------------------------------- /CMS/Wordpress/wordpress.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CMS/Wordpress/wordpress.md -------------------------------------------------------------------------------- /CVE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CVE.md -------------------------------------------------------------------------------- /CheatSheet/Basic Tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/Basic Tools.md -------------------------------------------------------------------------------- /CheatSheet/File Inclusion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/File Inclusion.md -------------------------------------------------------------------------------- /CheatSheet/File Transfers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/File Transfers.md -------------------------------------------------------------------------------- /CheatSheet/Metasploit.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/Metasploit.md -------------------------------------------------------------------------------- /CheatSheet/SQL Injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/SQL Injection.md -------------------------------------------------------------------------------- /CheatSheet/Transfering Files with Code.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/Transfering Files with Code.md -------------------------------------------------------------------------------- /CheatSheet/ffuf CheatSheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/CheatSheet/ffuf CheatSheet.md -------------------------------------------------------------------------------- /CheatSheet/readme.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /LFI/LFI Cheat Sheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/LFI/LFI Cheat Sheet.md -------------------------------------------------------------------------------- /Nginx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Nginx -------------------------------------------------------------------------------- /One-liner.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/One-liner.md -------------------------------------------------------------------------------- /OneApi.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/OneApi.txt -------------------------------------------------------------------------------- /Payloads/403 Bypass Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/403 Bypass Payload -------------------------------------------------------------------------------- /Payloads/Command Injection Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Command Injection Payload -------------------------------------------------------------------------------- /Payloads/Generic Time Based SQL Injection Payloads:: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Generic Time Based SQL Injection Payloads: -------------------------------------------------------------------------------- /Payloads/LFI Payloads: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/LFI Payloads -------------------------------------------------------------------------------- /Payloads/Login-Bypass: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Login-Bypass -------------------------------------------------------------------------------- /Payloads/Microsoft SQL Server Blind (Time Based):: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Microsoft SQL Server Blind (Time Based): -------------------------------------------------------------------------------- /Payloads/MySQL Blind (Time Based): -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/MySQL Blind (Time Based) -------------------------------------------------------------------------------- /Payloads/Open Redirect Payload List: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Open Redirect Payload List -------------------------------------------------------------------------------- /Payloads/Oracle Blind (Time Based):: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Oracle Blind (Time Based): -------------------------------------------------------------------------------- /Payloads/Postgresql Blind (Time Based):: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Postgresql Blind (Time Based): -------------------------------------------------------------------------------- /Payloads/SQL Injection Auth Bypass: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/SQL Injection Auth Bypass -------------------------------------------------------------------------------- /Payloads/SSTI Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/SSTI Payload -------------------------------------------------------------------------------- /Payloads/Sql detection payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/Sql detection payload -------------------------------------------------------------------------------- /Payloads/XSS Payload.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Payloads/XSS Payload.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/README.md -------------------------------------------------------------------------------- /Redirect Payload.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Redirect Payload.txt -------------------------------------------------------------------------------- /SQLI/MySQL Blind (Time Based) Payload list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/MySQL Blind (Time Based) Payload list -------------------------------------------------------------------------------- /SQLI/MySQL cheatsheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/MySQL cheatsheet.md -------------------------------------------------------------------------------- /SQLI/SQLI DIOS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/SQLI DIOS.md -------------------------------------------------------------------------------- /SQLI/SQLI Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/SQLI Payload -------------------------------------------------------------------------------- /SQLI/SQLiDetector: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/SQLiDetector -------------------------------------------------------------------------------- /SQLI/Tools.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /SQLI/sqli-logic.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SQLI/sqli-logic.txt -------------------------------------------------------------------------------- /SSTI: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SSTI -------------------------------------------------------------------------------- /SSTI Detection.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/SSTI Detection.txt -------------------------------------------------------------------------------- /Tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Tools.md -------------------------------------------------------------------------------- /Wordlists/Fuzz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/Fuzz.txt -------------------------------------------------------------------------------- /Wordlists/JiraFuzz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/JiraFuzz.txt -------------------------------------------------------------------------------- /Wordlists/LastFuzz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/LastFuzz.txt -------------------------------------------------------------------------------- /Wordlists/OneApi.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/OneApi.txt -------------------------------------------------------------------------------- /Wordlists/OneXFuzz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/OneXFuzz.txt -------------------------------------------------------------------------------- /Wordlists/README.md: -------------------------------------------------------------------------------- 1 | # wordlists -------------------------------------------------------------------------------- /Wordlists/admin panel: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/admin panel -------------------------------------------------------------------------------- /Wordlists/oneFuzz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/oneFuzz.txt -------------------------------------------------------------------------------- /Wordlists/param.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/param.txt -------------------------------------------------------------------------------- /Wordlists/readme.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Wordlists/subdomain_megalist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/Wordlists/subdomain_megalist.txt -------------------------------------------------------------------------------- /XSS.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/XSS.html -------------------------------------------------------------------------------- /XSS/Blind XSS Header Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/XSS/Blind XSS Header Payload -------------------------------------------------------------------------------- /XSS/Tools.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /XSS/XSS Payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/XSS/XSS Payload -------------------------------------------------------------------------------- /XSS/XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/XSS/XSS.md -------------------------------------------------------------------------------- /directory-list-2.3-medium.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/directory-list-2.3-medium.txt -------------------------------------------------------------------------------- /fuzz-php.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/fuzz-php.php -------------------------------------------------------------------------------- /headers.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/headers.txt -------------------------------------------------------------------------------- /jwt.secrets.list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/jwt.secrets.list -------------------------------------------------------------------------------- /leaky-paths.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/leaky-paths.txt -------------------------------------------------------------------------------- /my302redirectserver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/my302redirectserver.py -------------------------------------------------------------------------------- /providers.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/providers.json -------------------------------------------------------------------------------- /raft-medium-directories.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/raft-medium-directories.txt -------------------------------------------------------------------------------- /ssrf-bypasses.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/ssrf-bypasses.txt -------------------------------------------------------------------------------- /zapstiko.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zapstiko/Bug-Bounty/HEAD/zapstiko.py --------------------------------------------------------------------------------