Trickest @trick3st Twitter profile

Last Seen Profiles

@exrcalibur

@one_English_

@BohnMatthijs

@stw_pdg

@ThePeloqueen

@idie_youdie

@replay_sato

@cycle_investor

@bokeplokalmalam

@Yolanda40954270

@al_rukhaimi

@LexiconVGC

@minhyukkie025

@motimotinocos

@TheHatcheryChi

@BalebCailey

@Asmodee_USA

@HallPania

@armaanajoomal

@Uzucake

@walterzie

@GalaxyVtuber

@Likillith

@IM_muaaz

@hakudayo0720

@balessimo

@saw_sxng19783

@marjasissy

@Paul_stag

@Rakturath

@stw_pdg

@JaneValkeringNL

@Rudy57450026

@chucrukat

@hdFeYt3xB8tJu

@ikerasoo

Trickest

@trick3st

2 years

250k subdomain combinations in 0.67 seconds with mksub🚀

16

98

461

Trickest

@trick3st

2 years

CVE 2.0 has just been released! More optimized and accurate than ever, it has found over 2000 new CVE POCs in the latest run! Happy hunting!

4

123

412

Trickest

@trick3st

2 years

We've released a bunch of tools recently, and we haven't really introduced them properly on Twitter, so for the next 5 days, we'll be featuring one tool each day! Today, check out mksub, a tool to generate tens of thousands of subdomain combinations in seconds. 👇🧵

12

96

330

Trickest

@trick3st

2 years

Introducingggggg... 🥁 Generate thousands of URL path combos in seconds, perfect for generating brute force wordlists! mkpath! This tool is similar to mksub, but it works for URL path combinations instead of subdomains.

6

109

317

Trickest

@trick3st

2 years

Need to resolve a massive list of subdomains, but the lack of enough resolvers is slowing you down? Presenting the most exhaustive list of reliable DNS resolvers with more than 9000 validated nameservers! #infosec #recon #bugbountytips #redteam

GitHub - trickest/resolvers: The most exhaustive list of reliable DNS resolvers.

The most exhaustive list of reliable DNS resolvers. - trickest/resolvers

github.com

7

103

265

Trickest

@trick3st

1 year

Accidentally discovering hundreds of SSRFs 💥 During his latest Cloudflare bypass research, @carlospolopm ran into 551 vulnerable servers and a vulnerable version of Amazon Lightsale. Details in our latest blog post 🐞 #securityresearch #infosec

2

72

250

Trickest

@trick3st

2 years

New CVE data source alert 🚨 @Hacker0x01 's hacktivity has just been added as a PoC source to the Trickest CVE repository 😎

3

68

231

Trickest

@trick3st

3 years

Releasing our latest project, CVEs! A constantly updated collection of 𝘢𝘭𝘮𝘰𝘴𝘵 every publicly available CVE PoC. 👉 Browse, find a PoC, and test away! 👉 Search for a specific product. 👉 Watch the repo to be notified when new PoCs go public!

GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.

Gather and update all available and newest CVEs with their PoC. - trickest/cve

github.com

4

84

228

Trickest

@trick3st

2 years

If you're a bug bounty hunter, you will 💚 this GitHub repository. It contains all assets that we uncover on public bug bounty targets, and it is updated automatically, frequently 😎 Enjoy! 🚀

trickest/inventory

Asset inventory of over 800 public bug bounty programs. - trickest/inventory

github.com

3

85

220

Trickest

@trick3st

3 years

Asset Inventory of public bug bounty programs 🏃‍♂️ help bug bounty hunters get up and running as quickly as possible. 👀 give security teams better visibility into their assets. ⛈️ reduce the load and noise that some programs face from automated tools.

trickest/inventory

Asset inventory of over 800 public bug bounty programs. - trickest/inventory

github.com

1

66

217

Trickest

@trick3st

2 years

New subdomain enumeration wordlist 🚀 We took the hostnames dataset we have on Inventory, unfurl'ed it (thanks @tomnomnom !) to extract subdomains, sorted them, and combined them into this 1.4 million-word list. What wordlist do you wish existed?

10

43

209

Trickest

@trick3st

2 years

Hey bug hunters 👋 We constantly update a repository with recon data of public bug bounty programs, and we just added a bunch of new programs to the workflow for you to steal! 😎 Check out Inventory 2.0 with the data of over 50 programs! 🤯

10

72

188

Trickest

@trick3st

3 years

We are proud to publish the process we're currently using to find Log4j-related vulnerabilities! Many of the building blocks we're using here were created by remarkable people from the community. Thanks, everyone!

GitHub - trickest/log4j: Trickest Workflow for discovering log4j vulnerabilities and gathering the...

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads. - trickest/log4j

github.com

0

56

178

Trickest

@trick3st

10 months

New addition to our Scanner tools: Introducing "Socialhunter" 🎯 This tool scans websites and finds broken social media links that can be hijacked. Try it on your automation workflow on Trickest! 🤖

GitHub - utkusen/socialhunter: crawls the website and finds broken social media links that can be...

crawls the website and finds broken social media links that can be hijacked - utkusen/socialhunter

github.com

5

37

162

Trickest

@trick3st

2 years

What CVEs are hackers reporting to bug bounty programs? You can find out using a simple GitHub search on the trickest/cve repository 👇

1

41

154

Trickest

@trick3st

2 years

Are you a security researcher or pentester looking for quick access to CVE proof-of-concepts? Check out this repository! In a nutshell, here's how it can be useful to you 🧵👇

GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.

Gather and update all available and newest CVEs with their PoC. - trickest/cve

github.com

6

51

153

Trickest

@trick3st

2 years

7 projects that will improve your subdomain enumeration game today ⚒️

4

44

142

Trickest

@trick3st

2 years

Did you know that the subdomain and parameter wordlists available here are actually based on real data we've enumerated as part of our inventory workflows?

3

42

140

Trickest

@trick3st

2 years

Level up your subdomain brute-force game by not just checking for the usual suspects like - - But also - -

2

27

131

Trickest

@trick3st

2 years

When it comes to generating subdomain permutations, we turn to gotator, mksub, and dsieve 90% of the time. These tools are reliable and useful, but don't forget to use their lesser-known flags ⚒️ Quick thread on one standout feature of each tool 🧵

1

22

134

Trickest

@trick3st

1 year

Discover the fascinating story of uncovering hundreds of SSRF vulnerabilities on AWS! 🔓 Dive into the investigation of methods to reveal IP addresses of webpages protected by Cloudflare 🌐 Read more:

0

37

129

Trickest

@trick3st

3 years

We are excited to announce our collaboration with awesome @Six2dez1 ! Automated @trick3st workflow will structure all of the available fuzzing wordlists! Send us PRs for new source repositories. The workflow will pick 'em up.

0

56

132

Trickest

@trick3st

2 years

Are you looking to shake things up in your subdomain, endpoint, and parameter discovery processes? Consider trying out some new wordlists! The Wordlists project features 4 types of wordlists 👇

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

3

31

130

Trickest

@trick3st

2 years

We designed a workflow that constantly scans popular CMS systems for new paths, and adds them to the associated wordlists. Perrrrrfect for brute forcing! Here are the results 👇

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

2

35

131

Trickest

@trick3st

2 years

You’ve heard of subdomain permutations, now get ready for subdomain levels!

1

34

129

Trickest

@trick3st

2 years

🚨 Attention bug bounty hunters 🚨 Here is excellent recon data for all public bug bounty programs. It is updated regularly, automatically. ✅ Subdomains ✅ URLs ✅ Web servers (and response details) ✅ Cloud assets ✅ More Go squash some bugs! 🐛🔫

trickest/inventory

Asset inventory of over 800 public bug bounty programs. - trickest/inventory

github.com

4

42

126

Trickest

@trick3st

2 years

📃 New wordlists 📃 We've added Laravel to the list of technologies that the Wordlists workflow enumerates. Find the new lists here What wordlist would you like to get next?

3

31

124

Trickest

@trick3st

2 years

Try it out 🤖

21

23

123

Trickest

@trick3st

1 year

Bug bounty hunters! 🥳Celebrate the Trickest community with us and win 1 of 5 monthly PRO licenses! 🎁 #GIVEAWAY To win: ✅ Like, retweet, and follow @trick3st ✅Tag 2 of your best bug bounty buddies in the comment 👇 Winners will be randomly selected in 24 hours. Good luck!🤞

43

63

111

Trickest

@trick3st

1 year

Ever wished to scale 403 endpoint bypass tests? 🚀 Dive into our latest blog post with @remonsec to learn how to automate these methods using Trickest workflows!

Bypassing 403 Endpoints Using Workflows | Trickest

Learn how to bypass HTTP 403 errors using Trickest's automated workflows, combining creative techniques and tools for effective cybersecurity testing.

trickest.com

2

24

110

Trickest

@trick3st

2 years

Did you know that you can find out what CVEs have been submitted to @Hacker0x01 's bug bounty programs by searching the trickest/cve GitHub repository?

1

19

113

Trickest

@trick3st

2 years

Generate thousands of URL path combos in seconds, perfect for generating brute-force wordlists 🚀

1

35

103

Trickest

@trick3st

2 years

Bug bounty hunters, take note! If you are currently participating or planning to participate in any of these companies' bug bounty programs, be sure to review their datasets on the trickest/inventory GitHub repository and save yourself some valuable time ✨

2

15

106

Trickest

@trick3st

2 years

How it started vs how it's going

4

9

104

Trickest

@trick3st

2 years

Today - we are featuring dsieve! This tools allow you to enrich your existing lists of subdomains by guessing what other subdomains are likely to exist. 🤪 It's easier to explain with an image! 👇

6

31

104

Trickest

@trick3st

1 year

Fresh wordlists alert 🚨 The trickest/wordlists repo got updated with ~80 new lists for a bunch of technologies. Fingerprint your targets, pick the right wordlist, and find hidden content and vulnerabilities 🚀 #bugbounty #pentesting #wordlists

0

28

102

Trickest

@trick3st

2 years

If you're participating in any of these companies' bug bounty programs, check out their dataset on Inventory 🚀

2

9

96

Trickest

@trick3st

1 year

📜 New wordlists alert 📜 We've seen great results from subdomain levels enumeration, so we're taking it a step further. Introducing our latest wordlists generated from the trickest/cloud dataset! More useful resources in the thread 🧵👇"

1

36

96

Trickest

@trick3st

2 years

You’d think that generating so many subdomain combinations would take longer

3

20

94

Trickest

@trick3st

1 year

Finding Hundreds of SSRF Vulnerabilities on AWS

1

27

95

Trickest

@trick3st

2 years

Got a new exploit and need a big enough dataset of web servers to test it legally (while netting some bounties)? Inventory’s got you covered!

1

22

84

Trickest

@trick3st

2 years

Releasing find-gh-poc, the centerpiece of trickest/cve 🚀 Find-gh-poc can help you: 👉search GitHub for a CVE’s PoCs/exploits 👉build an archive of PoCs (like we did!) 👉find all PoCs of a specific off-the-shelf piece of software

GitHub - trickest/find-gh-poc: Find CVE PoCs on GitHub

Find CVE PoCs on GitHub. Contribute to trickest/find-gh-poc development by creating an account on GitHub.

github.com

1

35

87

Trickest

@trick3st

2 years

Gather a list of 2.5 MILLION hostnames belonging to public bug bounty programs from Inventory 🤹

3

21

80

Trickest

@trick3st

2 years

We've just tested Katana. It is ✨amazing✨

ProjectDiscovery.io

@pdiscoveryio

2 years

[NEW-PROJECT] 🥳🥳 Katana –– A next-generation crawling and spidering framework. → Standard / Headless → Customizable Config → Scope control → Output Filters GitHub Project –– #hackwithautomation #cybersecurity #crawler #opensource #bugbounty

78

566

2K

1

11

77

Trickest

@trick3st

2 years

Bug bounty hunters 🔊 We maintain a public GitHub repository with heaps of recon data from over 60 programs. Free for you to use and updated regularly 👇

1

22

75

Trickest

@trick3st

9 months

🚀 Big News! Trickest launches Community Edition 🌐 with Self-Hosted Execution, welcomes cybersecurity guru @NahamSec to the team, and introduces 24/7 open access! Explore state-of-the-art security orchestration. Made for bug bounty hunters, educators & researchers. More info:

0

27

82

Trickest

@trick3st

2 years

The Robots workflow: 1️⃣ Takes the top 100, 1000 and 10,000 websites from the Top 10M domains. 2️⃣ Uses @tomnomnom 's #meg tool to fetch their robots.txt files. 3️⃣ Cleans the paths and pushes them to this #wordlists #repository . Check out the results👇

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

4

32

78

Trickest

@trick3st

2 years

A quick automation workflow using mostly @pdiscoveryio tools, created in < 30 minutes. 🚀 Subfinder to get subdomains 🚀 DNSx to pull DNS records 🚀 HTTPx to get HTTP server details 🚀 WAFw00f to detect WAFs 🚀 Nuclei for vuln scanning Blog coming soon!

2

11

74

Trickest

@trick3st

1 year

Need to find CVE proof-of-concepts for specific vulnerabilities? You're in luck! We've enumerated the PoCs of every CVE from 1999 to 2023 in this repository #cve #poc

GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.

Gather and update all available and newest CVEs with their PoC. - trickest/cve

github.com

0

24

78

Trickest

@trick3st

2 years

📜 New wordlists alert 📜 You've probably noticed how much we talk about going the extra mile and brute-forcing subdomains *multiple levels deep* So we wanted to make this more effective for everyone by publishing these tailored ✨level-specific wordlists✨ Quick thread 🧵👇

2

16

77

Trickest

@trick3st

2 years

Blacklisting IP addresses does NOT work for SSRF mitigation. Here are a few ways to represent 127.0.0.1 that might bypass the blacklist 😈 127.0.1 127.1 0 0x7f000001 2130706433 017700000001

2

13

77

Trickest

@trick3st

2 years

It has been 🖐 five months since log4shell dropped. Since then, we've found some pretty interesting ways of exploiting it. In this blog post, we cover "How to find Log4j Vulnerabilities in Every Possible Way". Read on, hackers! 👇

1

31

77

Trickest

@trick3st

2 years

We have a repository with the details (and POCs) of almost every publicly available CVE! We just added a 🔥 Hottest CVEs 🔥 table to our CVEs repository that shows the most viewed CVEs according to our analytics, and it is updated regularly! Check it 👉

0

16

77

Trickest

@trick3st

1 year

Cloudflare bypass - Discover IP addresses of Web servers in AWS

Cloudflare bypass | Trickest

Learn about an easy, automated, and new technique to bypass cloudflare and discover the original IP addres

trickest.com

0

14

74

Trickest

@trick3st

2 years

Afraid of leaking your company’s sensitive data? Employees are more likely to expose secrets than official brand accounts. Trickest Insiders workflow collects the data of over 450 companies! #infosec #recon #bugbountytips #redteam

GitHub - trickest/insiders: Archive of Potential Insider Threats

Archive of Potential Insider Threats. Contribute to trickest/insiders development by creating an account on GitHub.

github.com

1

30

72

Trickest

@trick3st

2 years

This is how we collect _almost_ every publicly available CVE PoC 🐞

0

5

74

Trickest

@trick3st

2 years

Set up a continuous security scanning process in 10 minutes ⏳

GitHub - trickest/recon-and-vulnerability-scanner-template: Create your own recon & vulnerability...

Create your own recon & vulnerability scanner with Trickest and GitHub - trickest/recon-and-vulnerability-scanner-template

github.com

1

22

72

Trickest

@trick3st

2 years

What recon tool are you thankful for, and why?

20

13

72

Trickest

@trick3st

2 years

It’s always a good idea to customize your content discovery wordlist for your target 📜 One part of this is using technology-specific wordlists, like the ones here

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

0

26

72

Trickest

@trick3st

2 years

Bug bounty hunters 👋 Just a quick note to let you all know we've got a public GitHub repo with a ton of recon data for these programs on trickest/inventory

4

15

72

Trickest

@trick3st

2 years

We help teams build and automate workflows for: ⏰External Attack Surface Management 🥷Red Team engagements 💻Penetration tests 🧭 SecOps management 🪲Bug bounty hunting 🔗Container security scans Get Access today -

6

26

64

Trickest

@trick3st

10 months

⚒️ New tool alert ⚒️ We've released our Elasticsearch client. Now you can import/export the attack surface and vulnerability data discovered by Trickest workflows into Elasticsearch for analysis, just like we do!

GitHub - trickest/elasticsearch_index: Manage attack surface data on Elasticsearch

Manage attack surface data on Elasticsearch. Contribute to trickest/elasticsearch_index development by creating an account on GitHub.

github.com

2

12

69

Trickest

@trick3st

2 years

Being able to write your own @pdnuclei templates is a superpower 🦸 1️⃣ Find a 1day web exploit that doesn’t have a public template yet 2️⃣ Create a template 3️⃣ Collect bug bounty program hosts 4️⃣ Run nuclei 5️⃣ ??? 6️⃣ Profit

1

17

67

Trickest

@trick3st

1 year

Our DMs have been buzzing: "Which workflows does Eric @codecancare use on Trickest?" 🤔 Well, here are his current faves: 🔍 Levels-deep Subdomain Enumeration 📜 Enumerate AWS SSL Certificates 🔗 Resolve and port scan a list of hosts 🖥 Inventory 2.0 - Web Servers... 👇

2

5

65

Trickest

@trick3st

2 years

We scanned the Internet's most popular domains for security.txt files 🙂 Check out the results, including a statistics breakdown, and details on exactly how we did it 👇

1

11

64

Trickest

@trick3st

2 years

mksub, but make it for content discovery ⚒️

3

12

64

Trickest

@trick3st

7 months

🎉 Welcoming Sourcemapper to our 300+ tools club! 🛠️ A Golang gem, Sourcemapper parses sourcemaps from webpack, revealing the original JavaScript files and source tree. For eep-diving into JS file structures 👌 Try Sourcemapper in your next workflow!

GitHub - denandz/sourcemapper: Extract JavaScript source trees from Sourcemap files

Extract JavaScript source trees from Sourcemap files - denandz/sourcemapper

github.com

1

16

63

Trickest

@trick3st

1 year

We've recently added jsluice by @bishopfox to our library, a great tool for uncovering URLs, paths, secrets and more from JavaScript with ease. Have you used it before? Reply about your experience 🗣️

GitHub - BishopFox/jsluice: Extract URLs, paths, secrets, and other interesting bits from JavaScript

Extract URLs, paths, secrets, and other interesting bits from JavaScript - BishopFox/jsluice

github.com

0

17

63

Trickest

@trick3st

2 years

Here is a quick and dirty way to download all of the web servers in Trickest Inventory 🔎 Happy hacking!

1

14

64

Trickest

@trick3st

2 years

💡 Did you know that you can generate custom subdomain enumeration wordlists by scraping SSL certificates? Here's how to do it 🧵

1

13

63

Trickest

@trick3st

2 years

Take your subdomain enumeration process to the next level with filtering and level-based permutations 🪆

GitHub - trickest/dsieve: Filter and enrich a list of subdomains by level

Filter and enrich a list of subdomains by level. Contribute to trickest/dsieve development by creating an account on GitHub.

github.com

0

14

60

Trickest

@trick3st

2 years

When you run @owaspamass like this, you're not making the best use of this amazing tool ``` amass enum -d ```` 5 tips to improve your usage of `amass enum` 🧵👇

1

18

60

Trickest

@trick3st

1 year

Celebrating Trickest 2.0 and the lightening-fast ⚡️ new workflow engine with a #giveaway ! 🥳 We're giving away 5 monthly PRO licenses! Here's how to enter: 1️⃣Like & retweet this post 2️⃣Follow @trick3st 3️⃣Tag 2 fellow #bugbounty hunters in comments ⏰ 7 days to enter!

33

30

60

Trickest

@trick3st

1 year

We want to help bug bounty hunters quickly tackle new programs & empower security teams with improved asset visibility. 🛡️💨 Dive into our updated Inventory repo, keeping an eye on 800+ companies' assets! 🌐👁️

trickest/inventory

Asset inventory of over 800 public bug bounty programs. - trickest/inventory

github.com

0

16

58

Trickest

@trick3st

2 years

📜 New wordlist alert 📜 We've just released version 1 of the Inventory *parameters* wordlist 🚀 70 targets -> 350 domains -> 250k URLs -> 2500 unique parameters

2

10

58

Trickest

@trick3st

2 years

If your subdomain enumeration wordlist has 100 entries, then you can brute-force for a maximum of 100 subdomains, right? Wrong!

3

11

60

Trickest

@trick3st

2 years

This is how we collect _almost_ every publicly available CVE PoC 👇

1

10

53

Trickest

@trick3st

2 years

If you're looking to improve your subdomain, endpoint, and parameter discovery workflows, consider trying out some new wordlists 📜

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

1

14

57

Trickest

@trick3st

2 years

10 minutes ⏱️ That’s how long it takes to set up your own recon/scanning pipeline

GitHub - trickest/recon-and-vulnerability-scanner-template: Create your own recon & vulnerability...

Create your own recon & vulnerability scanner with Trickest and GitHub - trickest/recon-and-vulnerability-scanner-template

github.com

3

18

57

Trickest

@trick3st

2 years

Fuzz smarter, not harder ⚒️ While fuzzing for hidden parameters, you can use gau to grab a list of URLs, run them through unfurl to extract parameters, sort them by popularity, and now you have a custom wordlist and a much bigger chance of getting a hit ✨ #bugbountytips

2

14

61

Trickest

@trick3st

2 years

What's your go-to note-taking method when you are hacking? 🤔 Notion? 🤔 Obsidian? 🤔 Plain text files? 🤔 Xmind? 🤔 Pen and paper? 🤔 Something else? Let us know 👇

40

3

57

Trickest

@trick3st

2 years

Quickly collect potential cloud assets belonging to over 60 public bug bounty programs 🌩️

1

16

55

Trickest

@trick3st

1 year

Get secrets from WayBack HTTP responses 🕵️‍♂️ 👀 Exposed credentials, API keys and private company data could be leaked in HTTP responses. Find all of the URLs for specified hostnames and search for strings with high entropy🔍👇

1

24

56

Trickest

@trick3st

2 years

Happy holidays from the Trickest team 🥳🎊🙌

6

0

55

Trickest

@trick3st

2 years

You don't have to spend precious time finding web servers for your research. Inventory provides a constantly updated dataset 🦾

1

10

53

Trickest

@trick3st

2 years

Finding vulnerabilities and assets has never been so easy 🍰 Using 🔥GitHub and Trickest🔥 build your own #Recon & #VulnerabilityScanner workflow and the automation will do the work for you 🤖

1

22

52

Trickest

@trick3st

2 years

How trickest/inventory finds hostnames 🔦 👀 Amass and Subfinder for passive results 🤙🏼 dsieve to get environments 🙃 mksub to generate custom environment wordlists 🤜🏼 Puredns and Trickest Resolvers for active brute-force 🎱 Gotator for permutations 👉🏼 Merge all results Links👇🏼

2

16

55

Trickest

@trick3st

2 years

Here is a list of >21k validated DNS resolvers, which you can pass to your subdomain brute force tool 🚀

GitHub - trickest/resolvers: The most exhaustive list of reliable DNS resolvers.

The most exhaustive list of reliable DNS resolvers. - trickest/resolvers

github.com

0

15

51

Trickest

@trick3st

2 years

You’d think that generating so many subdomain combination would take longer than 0.67 seconds 🚀

3

5

50

Trickest

@trick3st

2 years

Hacking is an art.

2

4

49

Trickest

@trick3st

2 years

How to use mksub: Beyond the basics 🔎 mksub is a simple tool. It generates subdomains by combining words from a wordlist with a target domain. But why settle for just the basics? Let's explore ways to create more combinations and find more hidden subdomains! Thread 🧵

2

15

50

Trickest

@trick3st

2 years

🔎 ffuf can be used to FUZZ headers 🔎 Here are two interesting techniques which use the `header` parameter and some suggested wordlists 🧵 👇

4

7

50

Trickest

@trick3st

2 years

Scan your web apps 🔍🐜 Discover and scan for SQL injection, XSS, SSRF, and more with our easy-to-setup workflow.

2

13

47

Trickest

@trick3st

1 year

Here's what @codecancare , #1 Bug Bounty Hunter on Hackerone and Bugcrowd, has to say about Trickest: "The platform was able to find assets others miss, quickly, with amazing support and genuinely kind and skilled team." 🚀

1

2

52

Trickest

@trick3st

1 year

Level up your #infosec game with our Wordlists repo! 🚀 It houses real-world #wordlists , updated daily to give you an edge in your #pentesting or #bugbounty hunting, and features 4 types of wordlists 👇

GitHub - trickest/wordlists: Real-world infosec wordlists, updated regularly

Real-world infosec wordlists, updated regularly. Contribute to trickest/wordlists development by creating an account on GitHub.

github.com

1

21

48

Trickest

@trick3st

2 years

For each subdomain you discover, there may be an opportunity for another round of brute-force to find even more subdomains one level deeper 🪆

1

6

45

Trickest

@trick3st

2 years

Today we are featuring a quality-of-life tool that allows you to easily list the repositories associated with one or more GitHub usernames. It's called enumrepo. Super handy for automating searching for secrets 🕵️‍♂️ in GitHub repositories belonging to your target. 👇🧵

2

13

49

Trickest

@trick3st

2 years

10 minutes is all it takes to set up your own recon and vulnerability database/workflows on GitHub ⏳

GitHub - trickest/recon-and-vulnerability-scanner-template: Create your own recon & vulnerability...

Create your own recon & vulnerability scanner with Trickest and GitHub - trickest/recon-and-vulnerability-scanner-template

github.com

1

10

47

Trickest

@trick3st

2 years

Shell script repositories are extra juicy when it comes to finding leaked secrets 🦪 Environment variables, http requests, and command authentication (things you’d find in an average dotfiles repo) are opportunities for things to go wrong.

1

9

48

Trickest

@trick3st

2 years

Penetration testers and bug bounty hunters 📡 After you set up this repository, you can simply `git commit` any new assets you find, and your Trickest workflows will take care of scanning them and updating your recon/vulnerabilities database 🤖

GitHub - trickest/recon-and-vulnerability-scanner-template: Create your own recon & vulnerability...

Create your own recon & vulnerability scanner with Trickest and GitHub - trickest/recon-and-vulnerability-scanner-template

github.com

0

12

47