#android #mindmap
Android Application Penetration Testing Mindmap
https://www.xmind.net/m/paUMuU/
UPD:
https://www.xmind.net/m/GkgaYH/
Android Application Penetration Testing Mindmap
UPD:
https://www.xmind.net/m/GkgaYH/
#tools
Check live webapps from domain list
Check live webapps from domain list
cat subdomains.txt | sed -E 's#https?://##I' | sed -E 's#/.*##' | sed -E 's#^\*\.?##' | sed -E 's#,#\n#g' | tr '[:upper:]' '[:lower:]' | uniq | sed -e 's/^/https:\/\//' | httpx -silent -timeout 2 -threads 100 -status-code -mc 200,302 |anewThis media is not supported in your browser
VIEW IN TELEGRAM
#Tools
#Extension
mitaka: A browser extension for OSINT search
Source code: https://github.com/ninoseki/mitaka
Chrome: https://chrome.google.com/webstore/detail/mitaka/bfjbejmeoibbdpfdbmbacmefcbannnbg
Firefox: https://addons.mozilla.org/en-US/firefox/addon/mitaka/
#Extension
mitaka: A browser extension for OSINT search
Source code: https://github.com/ninoseki/mitaka
Chrome: https://chrome.google.com/webstore/detail/mitaka/bfjbejmeoibbdpfdbmbacmefcbannnbg
Firefox: https://addons.mozilla.org/en-US/firefox/addon/mitaka/
#bugbounty
XSS in AWS console by
@Frichette_n with AngularJS CSP Bypass
https://frichetten.com/blog/xss_in_aws_console/
XSS in AWS console by
@Frichette_n with AngularJS CSP Bypass
https://frichetten.com/blog/xss_in_aws_console/
#bugbounty
#2fa
2FA Bypass Techniques MindMap
https://www.xmind.net/m/8Hkymg/
Google Drive Link:
https://drive.google.com/file/d/11FlzxlVw4GIZ60s5v3I1S5p8kXZHExFT/view?usp=sharing
#2fa
2FA Bypass Techniques MindMap
https://www.xmind.net/m/8Hkymg/
Google Drive Link:
https://drive.google.com/file/d/11FlzxlVw4GIZ60s5v3I1S5p8kXZHExFT/view?usp=sharing
Xmind
2FA Bypass Techniques
A Mind Map about 2FA Bypass Techniques submitted by Harsh Bothra on Jun 5, 2021. Created with Xmind.
#research
ALPACA Attack: Application Layer Protocol Confusion - Analyzing and mitigating Cracks in tls Authentication.
# https://alpaca-attack.com/
# https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html
# https://github.com/RUB-NDS/alpaca-code/
ALPACA Attack: Application Layer Protocol Confusion - Analyzing and mitigating Cracks in tls Authentication.
# https://alpaca-attack.com/
# https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html
# https://github.com/RUB-NDS/alpaca-code/
The Hacker News
New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
ALPACA Attack: A new TLS attack allows attackers to launch cross-protocol attacks against secure sites.
CrimeFlare Bypass Hostname
This tool serves to search for the original IP behind websites that have been protected by CloudFlare, the information generated can be useful for further penetration. The information generated by this tool is as follows.
https://github.com/zidansec/CrimeFlare
#cloudflare #bypass #Tools
This tool serves to search for the original IP behind websites that have been protected by CloudFlare, the information generated can be useful for further penetration. The information generated by this tool is as follows.
https://github.com/zidansec/CrimeFlare
#cloudflare #bypass #Tools
GitHub
zidansec/CrimeFlare
This tool can help you to see the real IP behind CloudFlare protected websites. - zidansec/CrimeFlare
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://github.com/hhlxf/PrintNightmare
#pentest
https://github.com/hhlxf/PrintNightmare
#pentest
🔥🔥🔥
Leveraging PrintNightmare to Abuse RBCD and DCSync the Domain
https://snovvcrash.github.io/2021/06/30/leveraging-printnightmare-to-abuse-rbcd.html
#pentest
Leveraging PrintNightmare to Abuse RBCD and DCSync the Domain
https://snovvcrash.github.io/2021/06/30/leveraging-printnightmare-to-abuse-rbcd.html
#pentest
snovvcrash@gh-pages:~$ _
Leveraging PrintNightmare to Abuse RBCD and DCSync the Domain
A relatively stealthy way to exploit PrintNightmare (CVE-2021-1675 / CVE-2021-34527) by configuring and abusing RBCD on a domain controller.