This is a recon tool which allows you to discover the subdomains used by a target web application on both client and server side. Afterwards, it runs dirsearch on the resulted text file. It can also scan for open ports using NMAP and finds hidden parameters on every live Host. Summary: Hello everyone, in this […]
BugBounty
Yogosha Hackitivist Challenge 2019

I started with hackitivist1 and found that the provided link was vulnerable to blind SQLI, so I started digging more into it. As you can see in the picture below (Figure 1) that after running SQLMAP, I was able to find the database. And then after, I found the username, password, and secret key Unfortunately, […]