Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
4.24k
stars
812
forks
source link
Collect js files from hosts up by gospider - wrong regex #7
wrong regex:
... | grep -Eo "(http|https)://[^/\"].*.js+"
, it must begrep -Eo "(http|https)://[^/\"].*\.js+"