Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mrmtwoj/apache-vulnerability-testing: Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024β¦
Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709 - mrmt...
β€10π2
Please open Telegram to view this post
VIEW IN TELEGRAM
β€10π₯4π1
π Dnsbruter - A powerful tool for active subdomain enumeration and discovery.
β¨ Features:
Dnsbruter uses DNS resolution to bruteforce and identify subdomains efficiently. Its multithreading capability allows users to control concurrency for faster and more effective results. Perfect for researchers and pen testers targeting domain reconnaissance.
π https://github.com/RevoltSecurities/Dnsbruter/
β¨ Features:
Dnsbruter uses DNS resolution to bruteforce and identify subdomains efficiently. Its multithreading capability allows users to control concurrency for faster and more effective results. Perfect for researchers and pen testers targeting domain reconnaissance.
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯12π4
Please open Telegram to view this post
VIEW IN TELEGRAM
π11β€3
CVE-2024-38819: Path Traversal in Spring Framework, 7.5 ratingβοΈ
Another Path Traversal vulnerability in the Spring framework. This time there is even a PoC!
Search at Netlas.io:
π Link: https://nt.ls/AzCtg
π Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38819
Another Path Traversal vulnerability in the Spring framework. This time there is even a PoC!
Search at Netlas.io:
π Link: https://nt.ls/AzCtg
π Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38819
π6β€3
Please open Telegram to view this post
VIEW IN TELEGRAM
π³13πΏ8π3π€¨2
π IVRE - The Ultimate Network Reconnaissance Framework
β¨ Key Features:
IVRE allows you to build your self-hosted, fully controlled alternatives to tools like Shodan, ZoomEye, Censys, and GreyNoise.
- Run your Passive DNS service
- Create tailor-made EASM tools
- Collect and analyze network intelligence using Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, and more!
Perfect for security researchers and network analysts.
π Get the tool here: https://github.com/ivre/ivre
β¨ Key Features:
IVRE allows you to build your self-hosted, fully controlled alternatives to tools like Shodan, ZoomEye, Censys, and GreyNoise.
- Run your Passive DNS service
- Create tailor-made EASM tools
- Collect and analyze network intelligence using Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, and more!
Perfect for security researchers and network analysts.
π Get the tool here: https://github.com/ivre/ivre
GitHub
GitHub - ivre/ivre: Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEyeβ¦
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co...
π4
π Wrapping Up an Amazing Year Together! π
Hey Brut Fam! πAs 2024 comes to a close, I want to thank each and every one of you for being part of this amazing journey. This year, weβve shared 1,500+ resources, learned, grown, and built an incredible community of 8,000+ members. Your support and engagement have made Brut Security what it is today. πͺ
If youβve found value in the resources Iβve shared and want to support me in continuing this journey, you can now buy me a coffee β here:
βοΈ https://buymeacoffee.com/saumadip
Itβs not mandatoryβjust a small way to show appreciation if you feel like it.
Wishing you all a early very Merry Christmas π and a Happy New Year π filled with learning, growth, and success! Hereβs to an even bigger and better 2025! π
Stay curious, stay secure. π
Hey Brut Fam! πAs 2024 comes to a close, I want to thank each and every one of you for being part of this amazing journey. This year, weβve shared 1,500+ resources, learned, grown, and built an incredible community of 8,000+ members. Your support and engagement have made Brut Security what it is today. πͺ
If youβve found value in the resources Iβve shared and want to support me in continuing this journey, you can now buy me a coffee β here:
Itβs not mandatoryβjust a small way to show appreciation if you feel like it.
Wishing you all a early very Merry Christmas π and a Happy New Year π filled with learning, growth, and success! Hereβs to an even bigger and better 2025! π
Stay curious, stay secure. π
Please open Telegram to view this post
VIEW IN TELEGRAM
β€3π3π¨βπ»2π₯1π³1
Brut Security pinned Β«π Wrapping Up an Amazing Year Together! π Hey Brut Fam! πAs 2024 comes to a close, I want to thank each and every one of you for being part of this amazing journey. This year, weβve shared 1,500+ resources, learned, grown, and built an incredible communityβ¦Β»
CVE-2024-50379, -54677: RCE and DoS in Apache Tomcat, 5.3 - 9.8 rating π₯
New vulnerabilities allow attackers to upload and execute malicious files disguised as legitimate ones, as well as cause OutOfMemoryError to shut down the server.
Search at Netlas.io:
π Link: https://nt.ls/WHRGO
π Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Read more: https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
New vulnerabilities allow attackers to upload and execute malicious files disguised as legitimate ones, as well as cause OutOfMemoryError to shut down the server.
Search at Netlas.io:
π Link: https://nt.ls/WHRGO
π Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Read more: https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
β€2
π AnalyticsRelationships - Discover related domains and subdomains through Google Analytics IDs!
β¨ How it works:
- Extract Google Analytics IDs from a webpage.
- Query services like BuiltWith and HackerTarget to find domains and subdomains associated with those IDs.
- A simple yet effective tool for OSINT and reconnaissance!
π Get the tool here: https://github.com/Josue87/AnalyticsRelationships
β¨ How it works:
- Extract Google Analytics IDs from a webpage.
- Query services like BuiltWith and HackerTarget to find domains and subdomains associated with those IDs.
- A simple yet effective tool for OSINT and reconnaissance!
π Get the tool here: https://github.com/Josue87/AnalyticsRelationships
π1π₯1
π The Art of Auditing
β¨ What it offers:
The first community-driven resource consolidating thousands of hours of expertise from top industry professionals. Ideal for security auditors, researchers, and enthusiasts, this comprehensive guide is a must-read.
π Explore it here: https://web3-sec.gitbook.io/art-of-auditing
β¨ What it offers:
The first community-driven resource consolidating thousands of hours of expertise from top industry professionals. Ideal for security auditors, researchers, and enthusiasts, this comprehensive guide is a must-read.
π Explore it here: https://web3-sec.gitbook.io/art-of-auditing
web3-sec.gitbook.io
Preface | Art Of Auditing
β€5
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - 0dayhunter/Facebook-BugBounty-Writeups: Collection of Facebook Bug Bounty Writeups
Collection of Facebook Bug Bounty Writeups. Contribute to 0dayhunter/Facebook-BugBounty-Writeups development by creating an account on GitHub.
β€6π1
π¨CVE-2024-50379: Apache Tomcat - RCE via write-enabled default servlet.
πDorks
HUNTER:/product.name="Apache Tomcat"
FOFA:product="APACHE-Tomcat"
SHODAN:product:"Apache Tomcat"
π°https://lnkd.in/g_nmV2MM
πDorks
HUNTER:/product.name="Apache Tomcat"
FOFA:product="APACHE-Tomcat"
SHODAN:product:"Apache Tomcat"
π°https://lnkd.in/g_nmV2MM
β€4
π¨ [CVE-2024-56145] Exploit released! π¨
Details, PoC, and setup instructions:
π https://github.com/Chocapikk/CVE-2024-56145
Learn more:
π https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms
#bugbountytips #BugBounty
Details, PoC, and setup instructions:
π https://github.com/Chocapikk/CVE-2024-56145
Learn more:
π https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms
#bugbountytips #BugBounty
π8