😈 [ hackinarticles, Hacking Articles ]

Active Directory Penetration Testing

https://t.co/D4pKsnC9Yk

#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities #bugbounty

🔗 https://www.hackingarticles.in/red-teaming/

🐥 [ tweet ]

😈 [ NandanLohitaksh, Lohitaksh Nandan ]

Best ever Tools 🔧 for Bug Bounty Hunters...

→Amass
→Sublister
→Gauplus
→HTTPX
→Gf tool
→Kxss
→Sqlmap
→Commix
→Tplmap
→HYDRA
→John the ripper
→Burpsuite
→Arjun
→Paramspider
→NoSQLmap
→NMAP
→Nikto
→FFUF
→403-Bypass
→Gobuster

#bugbounty #cybersecurity

🐥 [ tweet ]

😈 [ clintgibler, Clint Gibler ]

🗒️ Awesome RCE Techniques

A list of techniques to achieve Remote Code Execution on various apps

Including:

CMS - Joomla, Wordpress

LMS - Moodle

Frameworks - JBoss, Tomcat

Other - GiTea, Jenkins

By @podalirius_

#bugbounty #bugbountytips

https://t.co/9kOdw4ammT

🔗 https://github.com/p0dalirius/Awesome-RCE-techniques

🐥 [ tweet ]

😈 [ podalirius_, Podalirius ]

I published a tool to #bruteforce the key of @CodeIgniter's session #cookies, in order to sign arbitrary attacker-controlled cookies🍪

I wrote this tool for a use case encountered in #bugbounty recently, but we can find this in #pentest too.

https://t.co/7JIiYQskoG

🔗 https://github.com/p0dalirius/CodeIgniter-session-unsign

🐥 [ tweet ]

😈 [ ReconOne_, ReconOne ]

Shodan Dork in Manual mode - Part 1

Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇

Credits: @securitytrails

#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity

🐥 [ tweet ]

😈 [ ReconOne_, ReconOne ]

Have you ever looked for Open Redirects? Try this 👇 💣

#recontips #AttackSurface #bugbountytips #bugbounty #openredirect #recon #httpx

🐥 [ tweet ]

😈 [ pdiscoveryio, ProjectDiscovery.io ]

A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers by @pry0cc / @hakluke

https://t.co/E25vgmyCN4

#hackwithautomation #security #bugbounty

🔗 https://blog.projectdiscovery.io/guide-to-dns-takeovers/

🐥 [ tweet ]

😈 [ HackerGautam, Frooti ]

Not only crawling but you can do Subdomain Enumeration using Wayback.

⬇️
curl --insecure --silent "https://web.archive.org/cdx/search/cdx" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u

#bugbounty #hacking #infosec

🐥 [ tweet ]

😈 [ pdiscoveryio, ProjectDiscovery.io ]

The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris

https://t.co/2GY3QZlTft

#hackwithautomation #cybersecurity #infosec #bugbounty

🔗 https://blog.projectdiscovery.io/ultimate-nuclei-guide/

🐥 [ tweet ]

😈 [ 0x0SojalSec, Md Ismail Šojal ]

The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside ⛶ indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
get more detail about this👇

🔗 https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075

#bugbountyTips #bugbounty

🐥 [ tweet ]

😈 [ hetmehtaa, Het Mehta ]

Firefox Add-ons For Penetration Testers 🦊

#Infosec #Firefox #Bugbounty #TheSecureEdge

🐥 [ tweet ]

😈 [ 0x0SojalSec, Md Ismail Šojal ]

just scan for subdomain without downloding the tools:

curl -s -L https://github.com/cihanmehmet/sub.sh/raw/master/sub.sh | bash -s webscantest.com

#infosec #bugbounty #cybersec

🐥 [ tweet ]

😈 [ securekomodo, Bryan Smith ]

Here is my python-based scanner to find #Citrix RCE. Leverages several fingerprinting techniques to accurately identify a remote Citrix servers version and detect if vulnerable to CVE-2023-3467. This is not an exploit PoC. Happy #bugbounty hunting :)

🔗 https://github.com/securekomodo/citrixInspector/

🐥 [ tweet ]