shubhdhungana

Programmer , Cyber Security Enthusiast

Pinned Repositories

beginner-bugbounty-payloads
Language:PHP2 1 00
Bug-Bounty-Ultimate-Tools
Ultimate List Of Bug Bounty Tools
7 1 02
bug_bounty_checklist
My Notes & Resources Of Bug Bounty Checklists
Language:HTML64 2 015
coolsubh
This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.
Language:Shell27 2 011
google-dorks-bugbounty
10
grep-search-for-secret-private-api-or-other-keys
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_key|cloudinary_api_secret|cloudinary_name|codecov_token|config|conn.login|connectionstring|consumer_key|consumer_secret|credentials|cypress_record_key|database_password|database_schema_test|datadog_api_key|datadog_app_key|db_password|db_server|db_username|dbpasswd|dbpassword|dbuser|deploy_password|digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd|docker_password|dockerhub_password|dockerhubpassword|dot-files|dotfiles|droplet_travis_password|dynamoaccesskeyid|dynamosecretaccesskey|elastica_host|elastica_port|elasticsearch_password|encryption_key|encryption_password|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey)[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z\-_=]{8,64})['\"]
7 1 02
mern-interview-sets-pdf
"A curated collection of interview questions and answers for developers preparing for MERN stack and full-stack web development roles.
12 1 03
nepal-it-mail
Nepal IT Companies Email Addresses
2 1 00
nextjs-travel-website
Language:TypeScript20
reconsubh
This is the automation tool created via bash scripting. I found time consuming to do the recon process so I automated it. It enumerates the subdomains, fetches live subdomains, fetches urls, and filters juicy urls
Language:Shell20

shubhdhungana's Repositories

shubhdhungana/bug_bounty_checklist
My Notes & Resources Of Bug Bounty Checklists
Language:HTML64 2 015
shubhdhungana/coolsubh
This Is The Ultimate Bug Bounty Automation & Web Hacking Tool That I've Created.
Language:Shell27 2 011
shubhdhungana/Bug-Bounty-Ultimate-Tools
Ultimate List Of Bug Bounty Tools
7 1 02
shubhdhungana/grep-search-for-secret-private-api-or-other-keys
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_key|cloudinary_api_secret|cloudinary_name|codecov_token|config|conn.login|connectionstring|consumer_key|consumer_secret|credentials|cypress_record_key|database_password|database_schema_test|datadog_api_key|datadog_app_key|db_password|db_server|db_username|dbpasswd|dbpassword|dbuser|deploy_password|digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd|docker_password|dockerhub_password|dockerhubpassword|dot-files|dotfiles|droplet_travis_password|dynamoaccesskeyid|dynamosecretaccesskey|elastica_host|elastica_port|elasticsearch_password|encryption_key|encryption_password|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey)[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z\-_=]{8,64})['\"]
7 1 02
shubhdhungana/beginner-bugbounty-payloads
Language:PHP2 1 00
shubhdhungana/reconsubh
This is the automation tool created via bash scripting. I found time consuming to do the recon process so I automated it. It enumerates the subdomains, fetches live subdomains, fetches urls, and filters juicy urls
Language:Shell20
shubhdhungana/google-dorks-bugbounty
10
shubhdhungana/Note-Taking-Android-App-Project
This was the note taking android app project done by me. It was built using java programming langauge. It was built via Android Studio. It was really fun to do such android app project.
Language:Java10
shubhdhungana/android-security-awesome
A collection of android security related resources
shubhdhungana/App-Development
shubhdhungana/awesome-bugbounty-tools
A curated list of various bug bounty tools
1
shubhdhungana/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
shubhdhungana/bulletrecon
A very fast recon tool that does recon process (subdomain enumeration, filtering live subdomains, endpoint gathering) in a bullet speed. Fast basic recon needs would be completed by this automation script.
Language:Shell
shubhdhungana/ceh
ceh
shubhdhungana/Data-Structures-and-Algorithms-Notes
It contains all the data structures and computer fundamentals notes I made while preparing for placements.
shubhdhungana/deepersubh
My New Deeper Level Subdomain Enumeration Automation Script Tool That Does Automated Enumeration Upto 4th Level Deep
Language:Shell
shubhdhungana/docker-Related-Cmds
shubhdhungana/ecommercePhp
Language:PHP
shubhdhungana/fifthLevelSubdomainExtracter
This automation script extracts deeper level subdomains from the result of subfinder and findomain using regex and loops. It is useful especially to filter out deeper level subdomains just to check it first. Its fun way to do that.
Language:Shell
shubhdhungana/Gold-Bug-Bounty-Resources-For-All
shubhdhungana/hackerdeepsub.github.io
subdtakeover
Language:HTML
shubhdhungana/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
shubhdhungana/mernDeerwalkProject
shubhdhungana/next14-starter
shubhdhungana/nextjs-blog
Language:JavaScript
shubhdhungana/nextjs-dashboard
Language:TypeScript
shubhdhungana/recon_profile
shubhdhungana/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
shubhdhungana/subh-portfolio-website
Language:JavaScript
shubhdhungana/verticalsubdomain
Language:Shell