liquidsec
Follow
Popular repositories
-
aspnetCryptTools Public
Just some random small tools for dealing with asp.net Forms Authentication Cookies
-
-
-
dp_crypto Public
Forked from bao7uo/dp_crypto
Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)
Python
-
bounty-targets-data Public
Forked from arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
1,060 contributions in the last year
Contribution activity
March 2023
Created 45 commits in 3 repositories
Created a pull request in blacklanternsecurity/bbot that received 2 comments
fixing false positives caused by cookies being tracked over multiple requests
Requests was tracking cookies/sessions, the cookies assigned and resent automatically were interfering with the shortname detection process in some…
Opened 13 other pull requests in 2 repositories
blacklanternsecurity/bbot
12
merged
- courtesy of chatGPT
- Relative links
- Pushing naabu fix to stable
- bug fix + runs once per host
- Telerik fixing canceled futures bug
- Naabu sudo fix
- adding additional nuclei messages
- Misc bug fixes and minor adjustments
- small bug fix and tests for url_manipulation
- adding additional scope tests
- made speculate ports a configurable option
- iis_shortnames module test
blacklanternsecurity/badsecrets
1
merged
Reviewed 21 pull requests in 1 repository
blacklanternsecurity/bbot
21 pull requests
- Miscellaneous Bug Fixes
- Threading Fixes + Optimizations
- New Module: secrets-patterns-db
- fixed CNAME scoping bug
- update active/passive log messages
- Miscellaneous Bug Fixes
- Dev --> Stable
- Fix bug with massdns rejecting cloud resources
- Fix bug where a single CTRL+C isn't sufficient to stop the scan
- Added Cloudflare Detection
- Dev --> Stable (1.05)
- Flag Rework
- Bump versions
- Update Readme, Rework Event.always_in_scope
- Fixed hanging bug, bumped nuclei version
- Remove unnecessary batch submission delay, boost sslcert performance
- Fix event emission bug
- Tag URLs with http title, add event tag sanitization
- Fixed requests race condition
- Include record type in hijackable subdomain findings
- Speed up nameserver validation on first run
Created an issue in blacklanternsecurity/bbot that received 1 comment
host_header module should be once per host
it is unlikely that different URLs within the same host will have different results, and typically if one URL triggers the event every one will, cr…
Opened 20 other issues in 3 repositories
blacklanternsecurity/bbot
10
open
8
closed
- iis_shortnames - need to enumerate all files types w/suffix
- It should be possible to add GET parameters to targets
- Tighten filter for A-tags in excavate
- It is theoretically possible for a name collision with the random names
- consolidate module level host tracking
- telerik canceled future bug
- host_header module cookie parsing bug
- Use wordcloud data within VHOST and paramminer modules
- Consider not displaying unresolved DNS_NAME by default
- Nuclei module unknown severity fails validation
- implement deduplication on the wordlist helper
- hunt module a-tag rework
- Add command line config validation
- Odd Wildcard behavior occasionally evades detection
- Nuclei module hanging
- Requests Helper should not maintain one session
- AttributeError: 'NoneType' object has no attribute 'scope_distance' (wayback module)
- Hijackable subdomain findings should include record type