SecList for CyberStudents – Telegram

SecList for CyberStudents

@SecListForCyberStudents

240 subscribers

593 photos

24 videos

211 files

903 links

Think outside the box

Download Telegram

About

Blog

Apps

Platform

SecList for CyberStudents

240 subscribers

SecList for CyberStudents

Forwarded from Kiberxavfsizlik markazi

#css2024 #cknews

🦁

CYBERKENT 2.0

2024-yilning 9-10 oktyabr kunlari “Kiberxavfsizlik sammiti – Markaziy Yevroosiyo, CSS 2024” o‘tkazilishi rejalashtirilgan. Dastur doirasida “Cyberkent 2.0” respublika musobaqasi bo‘lib o‘tadi. Shu munosabat bilan, “Kiberxavfsizlik markazi” mazkur tanlovda ishtirok etish istagida bo‘lgan yoshlar uchun saralash bosqichini e’lon qiladi!

Musobaqada quyidagi 3 ta ko‘rinishdan birida ishtirok etish imkoniyati mavjud:

⏺

Blue team (Himoyachi jamoa) – har bir jamoa 3 kishidan 5 kishigacha a’zolardan iborat bo‘ladi. Saralash bosqichi orqali eng yuqori ball to‘plagan 5 ta jamoa tanlab olinadi.

🔴

Red team (Hujumchi jamoa) – har bir jamoa 3 kishidan 5 kishigacha a’zolardan iborat bo‘ladi. Saralash bosqichi orqali eng yuqori ball to‘plagan 10 ta jamoa tanlab olinadi.

🟢

Ochiq topshiriqlar – Yakka tartibda ishtirok etadiganlar uchun alohida yo‘nalish.

2024-yil 27-avgustda Blue Team jamoalari uchun saralash bosqichi o’tkaziladi. Ishtirok etish uchun arizalar 14-avgustdan 24-avgustgacha qabul qilinadi.

2024-yil 17-sentyabrda Red Team jamoalari uchun saralash bosqichi o’tkaziladi. Ishtirok etish uchun arizalar 4-sentyabrdan 14-sentyabrgacha qabul qilinadi.

Saralash musobaqalari ctf.cyberkent.uz sayti orqali onlayn ko‘rinishida bo’lib o’tadi.

❗️Ta’kidlash joizki, bir yo‘nalishda ishtirok eta turib, ikkinchisida parallel ishtirok eta olmaysiz!

“Cyberkent 2.0” g‘oliblari quyidagi tartibda rag‘batlantiriladi:

Blue team (himoyachi)
🥇1-o‘rin –50 mln so‘m
🥈2-o‘rin –30 mln so‘m
🥉3-o‘rin –10 mln so‘m

Red team (hujumchi)
🥇1-o‘rin –50 mln so‘m
🥈2-o‘rin –30 mln so‘m
🥉3-o‘rin –10 mln so‘m

Ochiq topshiriqlar
🥇1-o‘rin –10 mln so‘m
🥈2-o‘rin –6 mln so‘m
🥉3-o‘rin –3 mln so‘m

✅Bundan tashqari, g‘oliblar sertifikat va esdalik sovg‘alar bilan taqdirlanadilar.

Batafsil ma’lumot: (55) 502-10-10
Veb-sayt: www.cyberkent.uz
Telegram bot: https://t.iss.one/CyberKentSupBot

🌐

Website | 📝Telegram | 🌐Facebook |

📹

Please open Telegram to view this post

VIEW IN TELEGRAM

👍3🍌2

58 views18:48

SecList for CyberStudents

Forwarded from Proxy Bar

CVE-2022-24834 Redis
*
Затронуто:
7.0.0 ≤ version < 7.0.12
6.2.0 ≤ version < 6.2.13
2.6.0 ≤ version < 6.0.20
*
Большой разбор + PoC exploit RCE
*
VideoPOC

#redis #rce

🤣3

66 views05:32

SecList for CyberStudents

150+ хакерских поисковых систем и инструментов.

• На хабре была опубликована крутая подборка различных инструментов, которые должны быть в арсенале каждого специалиста в области информационной безопасности и пентестера.

• Подборка разбита на категории и включает в себя следующие пункты:

• Метапоисковики и поисковые комбайны;
• Инструменты для работы с дорками;
• Поиск по электронной почте и логинам;
• Поиск по номерам телефонов;
• Поиск в сети #TOR;
• Поиск по интернету вещей, IP, доменам и поддоменам;
• Поиск данных об уязвимостях и индикаторов компрометации;
• Поиск по исходному коду.

Список инструментов доступен по ссылке: https://habr.com/ru/post/688972/

#ИБ #Пентест

150+ хакерских поисковых систем и инструментов

Все таргетированные хакерские атаки начинаются с разведки. Социальные инженеры, красные команды и отдельные пентестеры также собирают информацию о своих целях перед тем, как перейти к активным...

👍1

91 views06:27

SecList for CyberStudents

ReconSpider by HTB

wget -O ReconSpider.zip https://academy.hackthebox.com/storage/modules/144/ReconSpider.v1.2.zip
unzip ReconSpider.zip
python3 ReconSpider.py https://example.com

#Recon

👍1

71 views17:43

SecList for CyberStudents

10 Essential OSINT CTF Challenges for Every Investigator:

Sakura Room
OhSINT Room
Web OSINT Room
Shodan Room
Las Vegas Challenge
OSINT Dojo Resources
Trace Labs’ Search Party
Geolocating Images Room
Google Dorking Room
S.O.ME.SINT Room

https://medium.com/@ninamaelainine/10-essential-osint-ctf-challenges-for-every-investigator-c573d75dc4cd

👍1

89 views07:06

SecList for CyberStudents

NIST.SP.800-61r2.pdf

#BlueTeam #Incident #Handling

👍1

82 views05:43

SecList for CyberStudents

Top 10 Shodan Dorks

🔖#infosec #cybersecurity #hacking #pentesting #security

👍1

73 views05:35

SecList for CyberStudents

prv8_nuclei_templates.zip

⚡️ 6000+ Private Nuclei Templates ⚡️

#BugBounty #Nuclei_Templates

👍1

72 viewsedited 10:27

SecList for CyberStudents

IDAPro_9.0_Setup_&_Crack.7z

#IDAPro #Reverse_Engineering

👍1

69 views05:47

SecList for CyberStudents

CVE Hunting Made Easy

https://projectblack.io/blog/cve-hunting-at-scale/

Research Blog | Project Black

CVE Hunting Made Easy

In just three Sunday afternoons, I discovered 14 CVEs - and you can too! CVE hunting is more accessible than many realise, and the methodology outlined here requires only a bit of coding knowledge.

👍2

70 views06:15

SecList for CyberStudents

Sql_Injection_Fundamentals_Module_Cheat_Sheet.pdf

#SQL_Injection_Fundamentals_By_HTB

👍1

63 views09:18

SecList for CyberStudents

Useful Google Dorks that bug bounty hunters can leverage to find sensitive information: 👇🏻

1. Discovering Exposed Files:
   - intitle:"index of" "site:target.com"
   - filetype:log inurl:log site:target.com
   - filetype:sql inurl:sql site:target.com
   - filetype:env inurl:.env site:target.com

2. Finding Sensitive Directories:
   - inurl:/phpinfo.php site:target.com
   - inurl:/admin site:target.com
   - inurl:/backup site:target.com
   - inurl:wp- site:target.com

3. Exposed Configuration Files:
   - filetype:config inurl:config site:target.com
   - filetype:ini inurl:wp-config.php site:target.com
   - filetype:json inurl:credentials site:target.com

4. Discovering Usernames and Passwords:
   - intext:"password" filetype:log site:target.com
   - intext:"username" filetype:log site:target.com
   - filetype:sql "password" site:target.com

5. Finding Database Files:
   - filetype:sql inurl:db site:target.com
   - filetype:sql inurl:dump site:target.com
   - filetype:bak inurl:db site:target.com

6. Exposed Git Repositories:
   - inurl:".git" site:target.com
   - inurl:"/.git/config" site:target.com
   - intitle:"index of" ".git" site:target.com

7. Finding Publicly Exposed Emails:
   - intext:"email" site:target.com
   - inurl:"contact" intext:"@target.com" -www.target.com
   - filetype:xls inurl:"email" site:target.com

8. Discovering Vulnerable Web Servers:
   - intitle:"Apache2 Ubuntu Default Page: It works" site:target.com
   - intitle:"Index of /" "Apache Server" site:target.com
   - intitle:"Welcome to nginx" site:target.com

9. Finding API Keys:
   - filetype:env "DB_PASSWORD" site:target.com
   - intext:"api_key" filetype:env site:target.com
   - intext:"AWS_ACCESS_KEY_ID" filetype:env site:target.com

10. Exposed Backup Files:
    - filetype:bak inurl:backup site:target.com
    - filetype:bak inurl:backup site:target.com
    - filetype:zip inurl:backup site:target.com
    - filetype:tgz inurl:backup site:target.com

Replace target.com with the domain or target you are focusing on.

#GoogleDorks
#BugHunting
#OSINT

👍1🔥1

81 views13:18

SecList for CyberStudents

priv8-Nuclei-.zip

👍1

78 views18:18

SecList for CyberStudents

Bypasses for the most popular WAFs.pdf

TOP_100_Vulnerabilities_Step_by_Step_Guide_Handbook.pdf

👍1

71 views05:53

SecList for CyberStudents

Sqlmap_Essentials_Module_Cheat_Sheet.pdf

#sqlmap #CheatSheet #By_HTB

👍2

62 viewsedited 11:27

SecList for CyberStudents

sploitify.haxx.it

Curated list of public server-side exploits. Search by keyword, filter by vulnerability type, service affected and OS. Detailed description for each exploit (with PoC, Nuclei template or Metasploit module).

👍1

69 views14:44

SecList for CyberStudents

https://github.com/epinna/tplmap

👍1

62 views16:24

SecList for CyberStudents

Deep Dive into Discord: OSINT Techniques (by Nina Maelainine)

- Discord Server Directories
- Bot Directories and Resources
- Specialized Tools

https://medium.com/@ninamaelainine/deep-dive-into-discord-osint-techniques-00534bf69371

#osint #socmint

👍1

63 views08:40

SecList for CyberStudents

https://github.com/stamparm/identYwaf

#WAF #Bypass #Tool

GitHub - stamparm/identYwaf: Blind WAF identification tool

Blind WAF identification tool. Contribute to stamparm/identYwaf development by creating an account on GitHub.

👍1

54 views11:27

SecList for CyberStudents

Forwarded from Proxy Bar

This media is not supported in your browser

VIEW IN TELEGRAM

CVE-2024-43044 Jenkins
*
WriteUP
*
POC exploit

#jenkins

👍1

50 views12:46