๐ฅMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
โ https://github.com/robotshell/magicRecon
โ https://github.com/robotshell/magicRecon
๐5
โกGoogle Dorks - Cloud Storage: site:https://s3.amazonaws.com "target[.]com" site:https://blob.core.windows.net "target[.]com" site:https://googleapis.com "target[.]com" site:https://drive.google.com "target[.]com"
๐Find buckets and sensitive data.
Combine:
site:https://s3.amazonaws.com | site:https://blob.core.windows.net | site:https://googleapis.com | site:https://drive.google.com "target[.]com"
Add something to narrow the results: "confidentialโ โprivileged" โnot for public releaseโ
โ Credit- Mike Takahashi
๐Find buckets and sensitive data.
Combine:
site:https://s3.amazonaws.com | site:https://blob.core.windows.net | site:https://googleapis.com | site:https://drive.google.com "target[.]com"
Add something to narrow the results: "confidentialโ โprivileged" โnot for public releaseโ
โ Credit- Mike Takahashi
๐ฅ9๐7
This media is not supported in your browser
VIEW IN TELEGRAM
OffSec Train ๐๐
1๐ฟ19๐จโ๐ป4๐ณ2๐ฅ1
Brut Security
โกEthical Hacking Study Guide - 2025 โ
Download -https://topmate.io/saumadip/1391531
Sorry to close the free download for everyone, many spammers are trying to spam by random name, email and phone number. I have to add 1 INR / 0.012$ to avoid spam on my mail. Sorry for the inconvenience!
๐ฟ2
This media is not supported in your browser
VIEW IN TELEGRAM
โกFind Hidden Endpoint:
โ๏ธ https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฟ8โค6๐ฅ3๐ณ1
โกCVE-2024-50603: Aviatrix Controller Unauthenticated Command Injection
๐https://github.com/th3gokul/CVE-2024-50603/
โ Join Telegram- https://t.iss.one/brutsecurity
๐https://github.com/th3gokul/CVE-2024-50603/
โ Join Telegram- https://t.iss.one/brutsecurity
โค9
โจGitleaks: a tool to detect secrets like passwords, API keys, and tokens in git repositories and files.
โ https://t.co/BvaiYNWouP
โ https://t.co/BvaiYNWouP
๐ฅ11โค2๐1
https://seclists.org/oss-sec/2018/q3/142
These are critical and trivial remote code execution bugs in things like ImageMagick, Evince, GIMP, and most other PDF/PS tools.
https://www.exploit-db.com/exploits/45243Please open Telegram to view this post
VIEW IN TELEGRAM
seclists.org
oss-sec: More Ghostscript Issues: Should we disable PS coders in policy.xml by default?
โค1
CVE-2025-22777: Privilege Escalation in GiveWP WordPress Plugin, 9.8 rating ๐ฅ
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
๐ Link: https://nt.ls/amyWM
๐ Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
Unauthenticated PHP Object Injection allows attackers to take control of websites.
Search at Netlas.io:
๐ Link: https://nt.ls/amyWM
๐ Dork: http.body:"plugins/give/assets/dist"
Read more: https://patchstack.com/articles/critical-vulnerability-patched-in-givewp-plugin/
๐6
PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus,etc
github.com/shadowsock5/Poc
github.com/shadowsock5/Poc
โค6๐3