#Mobile_Security #Owasp
@InfoSecTube

📊 در جدول فوق مشاهده می کنیم که هکرها یا نفوذگران برای بدست آوردن یا شکستنرمز عبور شما چه میزان زمان نیاز دارد.
🛎@Infosectube

#Mobile_Security #book
@InfoSecTube

#Bug_Bounty_Tips_22
🛡BugBounty_Tips
🌀 Top 25 remote code execution (RCE) parameters
Here are the top 25 parameters that could be vulnerable to code injection and similar RCE vulnerabilities:

?cmd={payload}
?exec={payload}
?command={payload}
?execute{payload}
?ping={payload}
?query={payload}
?jump={payload}
?code={payload}
?reg={payload}
?do={payload}
?func={payload}
?arg={payload}
?option={payload}
?load={payload}
?process={payload}
?step={payload}
?read={payload}
?function={payload}
?req={payload}
?feature={payload}
?exe={payload}
?module={payload}
?payload={payload}
?run={payload}
?print={payload}

Take notice anytime you see any of these parameters. Chances are that you may be able to inject code in them in some way.

☣️@InfoSecTube

📡Link
📌 @Infosectube

pass: 311138

Burpsuite Pro
README inside, plz read it before run BS.

Happy Hacking!

📡 @Infosectube

🌀Let’s remind ourselves what SSRF vulnerabilities are and what can we do with them. In general, SSRF allows us to:
1️⃣Access services on the loopback interface running on the remote server
2️⃣Scan internal network an potentially interact with the discovered services
3️⃣Read local files on the server using file:// protocol handler
4️⃣Move laterally / pivoting into the internal environment

How to find SSRF? When the target web application allows us to access external resources, e.g. a profile image loaded from external URL (running on a 3rd party website), we can try to load internal resources accessible by the vulnerable web application. For example:
1️⃣We discover that the following URL works:

https://example.com:8000/page?user=&link=https://127.0.0.1:8000

2️⃣We can then run Intruder attack (Burp Suite) trying different ports, effectively doing a port scan of the host
3️⃣We can also try to scan private IPs such as 192.168.x.x and discover alive IPs in the internal network

☣️@InfoSecTube
‍‍‍

📡Link
📌 @Infosectube

#Bug_Bounty_Tips_24
🛡BugBounty_Tips
🌀 Bypassing Captcha Tips
☣️@InfoSecTube

🌀 Find subdomains using RapidDNS
📡Add this small function into your .bash_profile to quickly find subdomains using RapidDNS API:

rapiddns(){
curl -s "https://rapiddns.io/subdomain/$1?full=1" \
 | grep -oP '_blank">\K[^<]*' \
 | grep -v http \
 | sort -u
}

We can then use it like this:
rapiddns target.com
☣️@InfoSecTube
‍‍‍

#Bug_Bounty_Tips_26
🛡BugBounty_Tips
🌀 Top 25 remote code execution (RCE) parameters
Here’s list of top 25 parameters that could be vulnerable to local file inclusion (LFI) vulnerabilities:

?cat={payload}
?dir={payload}
?action={payload}
?board={payload}
?date={payload}
?detail={payload}
?file={payload}
?download={payload}
?path={payload}
?folder={payload}
?prefix={payload}
?include={payload}
?page={payload}
?inc={payload}
?locate={payload}
?show={payload}
?doc={payload}
?site={payload}
?type={payload}
?view={payload}
?content={payload}
?document={payload}
?layout={payload}
?mod={payload}
?conf={payload}

Take notice anytime you see any of these parameters. Chances are that you may find LFI vulnerabilities.
☣️@InfoSecTube

#Red_Team #BOOK
Physical Red Team Operations

☣@infosectube

📡Link
📌 @Infosectube

📡Link
📌 @Infosectube