Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable” by priyanshu shakya https://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448
👍8🔥5
🔥MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
✅https://github.com/robotshell/magicRecon
✅https://github.com/robotshell/magicRecon
👍5
⚡Google Dorks - Cloud Storage: site:https://s3.amazonaws.com "target[.]com" site:https://blob.core.windows.net "target[.]com" site:https://googleapis.com "target[.]com" site:https://drive.google.com "target[.]com"
👉Find buckets and sensitive data.
Combine:
site:https://s3.amazonaws.com | site:https://blob.core.windows.net | site:https://googleapis.com | site:https://drive.google.com "target[.]com"
Add something to narrow the results: "confidential” “privileged" “not for public release”
✅Credit- Mike Takahashi
👉Find buckets and sensitive data.
Combine:
site:https://s3.amazonaws.com | site:https://blob.core.windows.net | site:https://googleapis.com | site:https://drive.google.com "target[.]com"
Add something to narrow the results: "confidential” “privileged" “not for public release”
✅Credit- Mike Takahashi
🔥9👍7
Brut Security
⚡Ethical Hacking Study Guide - 2025 ✅Download -https://topmate.io/saumadip/1391531
Sorry to close the free download for everyone, many spammers are trying to spam by random name, email and phone number. I have to add 1 INR / 0.012$ to avoid spam on my mail. Sorry for the inconvenience!
🗿2
This media is not supported in your browser
VIEW IN TELEGRAM
⚡Find Hidden Endpoint:
☄️ https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt
Please open Telegram to view this post
VIEW IN TELEGRAM
🗿8❤6🔥3🐳1
⚡CVE-2024-50603: Aviatrix Controller Unauthenticated Command Injection
👉https://github.com/th3gokul/CVE-2024-50603/
✅Join Telegram- https://t.iss.one/brutsecurity
👉https://github.com/th3gokul/CVE-2024-50603/
✅Join Telegram- https://t.iss.one/brutsecurity
❤9
✨Gitleaks: a tool to detect secrets like passwords, API keys, and tokens in git repositories and files.
✅https://t.co/BvaiYNWouP
✅https://t.co/BvaiYNWouP
🔥11❤2👍1
https://seclists.org/oss-sec/2018/q3/142
These are critical and trivial remote code execution bugs in things like ImageMagick, Evince, GIMP, and most other PDF/PS tools.
https://www.exploit-db.com/exploits/45243Please open Telegram to view this post
VIEW IN TELEGRAM
seclists.org
oss-sec: More Ghostscript Issues: Should we disable PS coders in policy.xml by default?
❤1
CVE-2025-22777: Privilege Escalation in GiveWP WordPress Plugin, 9.8 rating 🔥
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
👉 Link: https://nt.ls/amyWM
👉 Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
👉 Link: https://nt.ls/amyWM
👉 Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
👍6
PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus,etc
github.com/shadowsock5/Poc
github.com/shadowsock5/Poc
❤6👍3