Exploit AWS metadata & user data access in Bug Bounty & CTF challenges!
π https://github.com/Lu3ky13/Unauthorized-Access-to-Metadata-and-User-Data-like-CTF
#BugBounty #bugbountytip
π https://github.com/Lu3ky13/Unauthorized-Access-to-Metadata-and-User-Data-like-CTF
#BugBounty #bugbountytip
π9
πEx-param - an automated tool designed for finding reflected parameters for XSS vulnerabilities
β https://github.com/rootDR/ex-param
β https://github.com/rootDR/ex-param
β€7π3πΏ1
This media is not supported in your browser
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯14π6β€5π€¨1
Please open Telegram to view this post
VIEW IN TELEGRAM
π12π₯4π³2
Please open Telegram to view this post
VIEW IN TELEGRAM
β€6π₯4π1
πMorpheus IOC Scanner - A powerful tool for detecting and analyzing suspicious files, including ransomware and Indicators of Compromise (IOCs). With custom-built rules and advanced integrations, it offers detailed insights to identify sophisticated threats and bolster your defense against cyber risks.
πhttps://github.com/phantom0004/morpheus_IOC_scanner
πhttps://github.com/phantom0004/morpheus_IOC_scanner
π20π₯5
Do give reaction on the post guys, it helped me to stay motivated and to post content like this.π₯Έ
Please open Telegram to view this post
VIEW IN TELEGRAM
π41β€5π₯2
CVE-2024-8672: Code Injection in Widget Options WordPress Plugin, 9.9 rating π₯
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
π Link: https://nt.ls/xOEZp
π Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
π Link: https://nt.ls/xOEZp
π Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
β€5π5
ππ¦ FAVICORN - A versatile tool to search websites using favicons!
πHow it works:
Simply input a favicon, and Favicorn fetches search result links across 10+ platforms, making it a handy tool for researchers and testers alike.
πhttps://github.com/sharsil/favicorn
πHow it works:
Simply input a favicon, and Favicorn fetches search result links across 10+ platforms, making it a handy tool for researchers and testers alike.
πhttps://github.com/sharsil/favicorn
π14β€1
https://x.com/wtf_brut/status/1863893133379150234
Do Follow Me Onπ£
Have Shared Almost 2000+ Bug Bounty Tips.π± π·πΊ πΊπΈ
Do Follow Me On
Have Shared Almost 2000+ Bug Bounty Tips.
Please open Telegram to view this post
VIEW IN TELEGRAM
What Browser Do You Use?
Anonymous Poll
37%
Chrome
52%
FireFox
2%
Arc
28%
Brave
3%
Safari
3%
Opera GX
π7β€2
π Unlock That 20% Pro Labs Discount! π
Alright, hackers, hereβs the deal: Hack The Box Pro Labs just got REAL! π₯ If youβre ready to leave the beginner stuff in the dust and dive into legit red team missions, Iβve got an exclusive 20% off waiting for you. But hereβs the catch β only 100 of you can snag this deal. π
π₯ Use code:
at checkout for 20% off the annual Pro Labs subscription! Itβs high-level hacking in real enterprise environments. Ready to go pro? πΆοΈ
πCheckout Here - https://hackthebox.com/hacker/pro-labs
Jump on this quick β or you might miss the boat. π€π¨ #HackTheBox #LevelUp #ProLabs
Alright, hackers, hereβs the deal: Hack The Box Pro Labs just got REAL! π₯ If youβre ready to leave the beginner stuff in the dust and dive into legit red team missions, Iβve got an exclusive 20% off waiting for you. But hereβs the catch β only 100 of you can snag this deal. π
π₯ Use code:
brutsecurityprolabs20
πCheckout Here - https://hackthebox.com/hacker/pro-labs
Jump on this quick β or you might miss the boat. π€π¨ #HackTheBox #LevelUp #ProLabs
π5β€1
This media is not supported in your browser
VIEW IN TELEGRAM
π gitlab-subdomains - A Go-based tool to uncover subdomains via GitLab searches.
πhttps://github.com/gwen001/gitlab-subdomains
πhttps://github.com/gwen001/gitlab-subdomains
β€7π2
Zzl scans IP ranges and extracts subdomains from SSL certificates, making it an essential tool for thorough reconnaissance and security research.
Please open Telegram to view this post
VIEW IN TELEGRAM
1β€13
By @ofjaaah
echo "tesla.com" | waybackurls | httpx -silent -timeout 2 -threads 100 | gf redirect | anew
1. Collect all URLs of the target domain from the Wayback Machine
2. Attempt to download all the URLs quickly in 100 parallel threads in order to identify working URLs
3. For all working URLs, match any potentially vulnerable parameters to open redirect
4. Print out only unique, potentially vulnerable URLs
Please open Telegram to view this post
VIEW IN TELEGRAM
β€13π4π₯2
β€12π4π₯3
It's a request to everyone, do give reaction on the post, it helped me to stay motivated and to post content like this.π₯Έ
For queries do reach me out from channel bio. Thanks Everyone!π«
For queries do reach me out from channel bio. Thanks Everyone!
Please open Telegram to view this post
VIEW IN TELEGRAM
π36β€11π₯8