Bug Bounty Automation -{ Oneliner Commands } – { V2 }

https://twitter.com/Aacle_/status/1613814598343458819

🔰 { One-Liner } – Extract all URLs from Source Code

➡️ curl "https://example .com/" | grep -oP '(https*://|www\.)[^ ]*'
Extract all urls from source code
All URL Extraction from Source Code

🔰 { One-Liner } – Subdomain Extraction

Find Subdomain from VirusTotal

➡️ curl -s "https ://www.virustotal.com/ui/domains/domain.com/subdomains?limit=40" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u
Get Subdomain From VirusTotal
Subdomain Extraction using VirusTotal

Get Subdomains from Archive

➡️ curl -s "http://web.archive.org/cdx/search/cdx?url=*.domain.com/*&output=text&fl=original&collapse=urlkey" | sed -e 's_https*://__' -e "s/\/.*//" | sort -u

See 👇🌿

Get Subdomain From Archive
Subdomain From Web Archive

Find JavaScript File

➡️ assetfinder --subs-only HOST | gau | egrep -v '(.css| .png| .jpeg| .jpg|  .svg|  .gif| .wolf)' | while read url ;do vars=$(curl -s $url | grep -Eo "var [a-zA-Zo-9_l+" | sed -e 's, 'var', '"$url"?',g' -e 's/ //g' | grep -v '.js' | sed 's/.*/&=xss/g'):echo e "\e[1;33m$url\n" "\e[1;32m$vars"; done
Find Javascript file
Finding Js Files