Scribd
Upload
241 views

Chatgpt For Bugbounty

This document lists various oneliner commands and techniques for bug bounty hunting. It covers subdomain enumeration, vulnerability scanning, recon, API discovery, and other tasks. Links to additional bug bounty resources are also included.

Uploaded by

Luiz Carlos
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
241 views

Chatgpt For Bugbounty

This document lists various oneliner commands and techniques for bug bounty hunting. It covers subdomain enumeration, vulnerability scanning, recon, API discovery, and other tasks. Links to additional bug bounty resources are also included.

Uploaded by

Luiz Carlos
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 28

Bug Bounty Tips and Tricks

using CHATGPT #1
Joas Antonio dos Santos
https://www.linkedin.com/in/joas-antonio-dos-santos/
Amass
Amass + Nuclei: Finding domain
Amass + Nuclei 2: Finding domain
Finding subdomains with jsubfinder + httpx
Using FFUF to finding RCE
Full Account Takeover Technique in
API/Register
Oneliner Search JS domain using subjs, anew
and httpx
Shodan queries to search Scada, IoT, Router
Devices
Screnshoot page using aquatone using
domain files
oneliner using shodan and nuclei to scanning
hosts
Oneliner finding subdomain using gospider,
assetfinder, amass and nuclei
Oneliner portscan and subdomain discovery
using subfinder, cf-check, naabu and httprobe
Oneliner search SSRF using subfinder, httpx
and qsreplace
Oneliner recon domain and subdomains using
chaos, gospider, findomain, assetfinder, amass,
httpx and anew
Oneliner search xss using kxss, xargs and
httpx
Google dork to discovery api exposure
Create script to finder and test sql injection
Oneliner find xss using subfinder, httpx,
katana, gxss, kxss and dalfox
Domain enumeration and discovery files
using ffuf, httpx and findomain
oneliner find open redirect using waybackurls,
httpx, gf, anew and nuclei
Oneliner complete enumeration xss, lfi, ssrf in
domain using gauplus, anew, gxss, gf, qsreplace,
httpx and SecretFinder
Oneliner check cloudflare using subfinder,
dnsx, cf-check, naabu
Oneliner recon jira using uncover with shodan,
censys and fofa and vulnerability scan with nuclei
Oneliner recon subdomain using assetfinder,
httpx, xargs, waybackurls and nuclei vulnerability
scan
Oneliner extract js using haktrails, httpx, getjs,
anew, tojson
Oneliner LFI using gau, gf, qsreplace and xargs
Extra Resource
• https://twitter.com/ReconOne_bk
• https://github.com/KingOfBugbounty/KingOfBugBountyTips
• https://github.com/dwisiswant0/awesome-oneliner-bugbounty
• https://thevillagehacker.gitbook.io/one-liners-for-bug-bounty-hunting
• https://github.com/djadmin/awesome-bug-bounty
• https://attacker-codeninja.github.io/2022-06-06-awesome-bug-
bounty-roadmap/
• https://tikam02.github.io/Bug-Bounty-Resources/

You might also like