#tools
Worth its own post :)
Security requirements generator service
https://requirements.whitespots.io/en
Worth its own post :)
Security requirements generator service
https://requirements.whitespots.io/en
#education
Check this out. A free module for developers about limits from whitespots.io
https://appsec-learning.whitespots.io/
Check this out. A free module for developers about limits from whitespots.io
https://appsec-learning.whitespots.io/
#Tools
Divide full port scan results and use it for targeted Nmap runs
https://github.com/snovvcrash/DivideAndScan
Divide full port scan results and use it for targeted Nmap runs
https://github.com/snovvcrash/DivideAndScan
GitHub
GitHub - snovvcrash/DivideAndScan: Divide full port scan results and use it for targeted Nmap runs
Divide full port scan results and use it for targeted Nmap runs - snovvcrash/DivideAndScan
#BugBounty
#Tools
if you're looking for great tool in web recon
check these out
https://github.com/Cyber-Guy1/BlackDragon
#Tools
if you're looking for great tool in web recon
check these out
https://github.com/Cyber-Guy1/BlackDragon
#bugbounty One of the largest security testing checklist
Один из самых больших чеклистов в интернете по тестированию веб-приложений.
Один из самых больших чеклистов в интернете по тестированию веб-приложений.
#android #mindmap
Android Application Penetration Testing Mindmap
https://www.xmind.net/m/paUMuU/
UPD:
https://www.xmind.net/m/GkgaYH/
Android Application Penetration Testing Mindmap
UPD:
https://www.xmind.net/m/GkgaYH/
#tools
Check live webapps from domain list
Check live webapps from domain list
cat subdomains.txt | sed -E 's#https?://##I' | sed -E 's#/.*##' | sed -E 's#^\*\.?##' | sed -E 's#,#\n#g' | tr '[:upper:]' '[:lower:]' | uniq | sed -e 's/^/https:\/\//' | httpx -silent -timeout 2 -threads 100 -status-code -mc 200,302 |anewThis media is not supported in your browser
VIEW IN TELEGRAM
#Tools
#Extension
mitaka: A browser extension for OSINT search
Source code: https://github.com/ninoseki/mitaka
Chrome: https://chrome.google.com/webstore/detail/mitaka/bfjbejmeoibbdpfdbmbacmefcbannnbg
Firefox: https://addons.mozilla.org/en-US/firefox/addon/mitaka/
#Extension
mitaka: A browser extension for OSINT search
Source code: https://github.com/ninoseki/mitaka
Chrome: https://chrome.google.com/webstore/detail/mitaka/bfjbejmeoibbdpfdbmbacmefcbannnbg
Firefox: https://addons.mozilla.org/en-US/firefox/addon/mitaka/
#bugbounty
XSS in AWS console by
@Frichette_n with AngularJS CSP Bypass
https://frichetten.com/blog/xss_in_aws_console/
XSS in AWS console by
@Frichette_n with AngularJS CSP Bypass
https://frichetten.com/blog/xss_in_aws_console/
#bugbounty
#2fa
2FA Bypass Techniques MindMap
https://www.xmind.net/m/8Hkymg/
Google Drive Link:
https://drive.google.com/file/d/11FlzxlVw4GIZ60s5v3I1S5p8kXZHExFT/view?usp=sharing
#2fa
2FA Bypass Techniques MindMap
https://www.xmind.net/m/8Hkymg/
Google Drive Link:
https://drive.google.com/file/d/11FlzxlVw4GIZ60s5v3I1S5p8kXZHExFT/view?usp=sharing
Xmind
2FA Bypass Techniques
A Mind Map about 2FA Bypass Techniques submitted by Harsh Bothra on Jun 5, 2021. Created with Xmind.
#research
ALPACA Attack: Application Layer Protocol Confusion - Analyzing and mitigating Cracks in tls Authentication.
# https://alpaca-attack.com/
# https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html
# https://github.com/RUB-NDS/alpaca-code/
ALPACA Attack: Application Layer Protocol Confusion - Analyzing and mitigating Cracks in tls Authentication.
# https://alpaca-attack.com/
# https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html
# https://github.com/RUB-NDS/alpaca-code/
The Hacker News
New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
ALPACA Attack: A new TLS attack allows attackers to launch cross-protocol attacks against secure sites.