带参数的PHP扩展
site:example.com ext:php inurl:?
已披露的XsS和开放重定向
site:openbugbounty.org inurl:reports intext:"example.com"
Juicy 的扩展
site:"example[.jcom" ext: log | ext:txt | ext: conf | ext:cnf | ext:ini | ext:eny ext:sh | ext: bak ext:backupext:swp | ext:old | ext:~|ext:git | ext:svn | ext:htpasswd | ext:htaccess
易发生XSS的参数
inurl:q= | inurl:s=| inurl:search= | inurl:query= | inurl:keyword= | inurl:lang= inurl:& site:example.com
打开易于重定向的参数
inurl:url= | inurl:return= | inurl:next= | inurt:redirect=| inurl:redir= | inurl:ret= inurl:r2= | inurl:page= inur.:&inurl:http site:example.com
SQLi Prone参数
inurl:id=|inurl:pid=|inurl:category= | inurt:cat= | inurl:action=| inurl:sid= | inurl:dir= inur!:&site:example.com
Parameters
inurl:http l inurl:url= | inur!:path= | inurl:dest= | inurl:html= inur!:data= | inurl:domain= | inurl;page= inur.:&site:example.com
LFlProne参数
inurl:include l inurl:dir l inur:detail= | inurl:file=| inurl:folder= | inurl:inc= | inur!:locate=l inurl:doc=inurl:conf= inurl:& site:example.com
RCE倾向参数
inurl:cmd | inur!:exec= | inurl:query= | inurl:code= | inur:do= | inurl:run= | inur!:reed=/infd;ping= fpy &ssite:example.com
浙公网安备 33010602011771号