Global Brand Database
#OSINT
Глобальная база брендов.
Можно искать по названию, по части названия, по фото, по правообладателю и по стране.
Ссылка на сервис
#OSINT
Глобальная база брендов.
Можно искать по названию, по части названия, по фото, по правообладателю и по стране.
Ссылка на сервис
Soap Spoofing Attack for 'find admin password' via SQLi
for wsdl structe have burp extention called wsdler in a Burp App Store
HTB preparation for CBBH
Useful information: https://www.soapui.org/docs/soap-and-wsdl/tips-tricks/web-service-hacking/
#BugBounty #Pentest #SOAP
for wsdl structe have burp extention called wsdler in a Burp App Store
HTB preparation for CBBH
Useful information: https://www.soapui.org/docs/soap-and-wsdl/tips-tricks/web-service-hacking/
#BugBounty #Pentest #SOAP
Catalogue of research databases
180+ countries.
Business, intellectual property and land registries, government databases, national media and more.
id.occrp.org/databases/
#osint #geoint
180+ countries.
Business, intellectual property and land registries, government databases, national media and more.
id.occrp.org/databases/
#osint #geoint
👍2
Search by 1.6 billion subdomains scrapped from multiple public (and private) sources.
https://dash.pugrecon.celes.in/
#PassiveRecon #BugBounty
https://dash.pugrecon.celes.in/
#PassiveRecon #BugBounty
👨💻1
Blue Team Level 1 consists of two elements, the training, and the practical assessment. When you purchase BTL1 you will get access to the following:
4 months of on-demand training access
300 lessons, quizzes, and activities
16 browser-based labs and 120 hours of lab time
Certification exam voucher
Certification exam re-sit voucher
Physical rewards when you have passed, including a BTL1 challenge coin!
This training covers 6 domains;
Security Fundamentals
Phishing Analysis
Threat Intelligence
Digital Forensics
Security Information and Event Management
Incident Response
#BlueTeam #BTL1
4 months of on-demand training access
300 lessons, quizzes, and activities
16 browser-based labs and 120 hours of lab time
Certification exam voucher
Certification exam re-sit voucher
Physical rewards when you have passed, including a BTL1 challenge coin!
This training covers 6 domains;
Security Fundamentals
Phishing Analysis
Threat Intelligence
Digital Forensics
Security Information and Event Management
Incident Response
#BlueTeam #BTL1
Mastering BTL1: Journey, Tips, and Insights for Cyber Defenders
https://infosecwriteups.com/blue-team-level-1-btl1-training-course-exam-review-and-tips-march-2023-7bb00597b5ad?source=rss----7b722bfd1b8d---4
Medium
Mastering BTL1: Journey, Tips, and Insights for Cyber Defenders
Discover the BTL1 certification journey, learn valuable tips, and gain insights into the cybersecurity training course and exam.
https://infosecwriteups.com/blue-team-level-1-btl1-training-course-exam-review-and-tips-march-2023-7bb00597b5ad?source=rss----7b722bfd1b8d---4
Medium
Mastering BTL1: Journey, Tips, and Insights for Cyber Defenders
Discover the BTL1 certification journey, learn valuable tips, and gain insights into the cybersecurity training course and exam.
Medium
Mastering BTL1: Journey, Tips, and Insights for Cyber Defenders
Discover the BTL1 certification journey, learn valuable tips, and gain insights into the cybersecurity training course and exam.
👍1
Forwarded from Ralf Hacker Channel (Ralf Hacker)
CVE-2024-43468: ConfigMgr/SCCM 2403 Unauth SQLi to RCE
PATCHED: Oct 8, 2024
Exploit: https://github.com/synacktiv/CVE-2024-43468
Blog: https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
#git #exploit #ad #rce #sccm #pentest #redteam
PATCHED: Oct 8, 2024
Exploit: https://github.com/synacktiv/CVE-2024-43468
Blog: https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
#git #exploit #ad #rce #sccm #pentest #redteam
GitHub
GitHub - synacktiv/CVE-2024-43468
Contribute to synacktiv/CVE-2024-43468 development by creating an account on GitHub.
👍1
https://docs.sysreptor.com/assets/reports/HTB-CBBH-Report.pdf
Example for Good Report For BugBounty Hunters
#BugBounty #Report
Example for Good Report For BugBounty Hunters
#BugBounty #Report
🔥2👍1
Forwarded from CyberSecurityTechnologies (-CST-)
exploits_2024.tgz
167.6 MB
This media is not supported in your browser
VIEW IN TELEGRAM
Универсальный набор инструментов для брутфорс-атак
Kraken предлагает разнообразные инструменты для перебора (brute force), включая сетевые: FTP, Kubernetes, LDAP, VOIP, SSH, Telnet, WiFi и WPA3, а также для веб-приложений: CPanel, Drupal, Joomla, Magento, Office365, Prestashop, OpenCart, WooCommerce и WordPress.
Дополнительно доступны инструменты для поиска административных панелей, директорий и поддоменов.
#BugBountyTips #Pentest #BruteForce
Kraken предлагает разнообразные инструменты для перебора (brute force), включая сетевые: FTP, Kubernetes, LDAP, VOIP, SSH, Telnet, WiFi и WPA3, а также для веб-приложений: CPanel, Drupal, Joomla, Magento, Office365, Prestashop, OpenCart, WooCommerce и WordPress.
Дополнительно доступны инструменты для поиска административных панелей, директорий и поддоменов.
#BugBountyTips #Pentest #BruteForce
🔥2👍1
At a very (simplistic) high level, an AD structure may look as follows:
#ActiveDirectory
INLANEFREIGHT.LOCAL/
├── ADMIN.INLANEFREIGHT.LOCAL
│ ├── GPOs
│ └── OU
│ └── EMPLOYEES
│ ├── COMPUTERS
│ │ └── FILE01
│ ├── GROUPS
│ │ └── HQ Staff
│ └── USERS
│ └── barbara.jones
├── CORP.INLANEFREIGHT.LOCAL
└── DEV.INLANEFREIGHT.LOCAL
#ActiveDirectory
👍1🔥1