🔰 { One-Liner } – Extract all URLs from Source Code
➡️ curl "https://example .com/" | grep -oP '(https*://|www\.)[^ ]*' 
🔰 { One-Liner } – Subdomain Extraction
Find Subdomain from VirusTotal
➡️ curl -s "https ://www.virustotal.com/ui/domains/domain.com/subdomains?limit=40" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u
Get Subdomains from Archive
➡️ curl -s "http://web.archive.org/cdx/search/cdx?url=*.domain.com/*&output=text&fl=original&collapse=urlkey" | sed -e 's_https*://__' -e "s/\/.*//" | sort -uSee 👇🌿
Find JavaScript File
➡️ assetfinder --subs-only HOST | gau | egrep -v '(.css| .png| .jpeg| .jpg| .svg| .gif| .wolf)' | while read url ;do vars=$(curl -s $url | grep -Eo "var [a-zA-Zo-9_l+" | sed -e 's, 'var', '"$url"?',g' -e 's/ //g' | grep -v '.js' | sed 's/.*/&=xss/g'):echo e "\e[1;33m$url\n" "\e[1;32m$vars"; done
credits: https://bugbountyguide.org/bash-one-liner-automation-for-bug-bounty/
Suggest an edit to this article
Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- Sponsored -
