tenten.online business logic BUG POC ---> https://t.iss.one/brutsecurity_poc/23
π10π3
Where is the reactions π₯
Please open Telegram to view this post
VIEW IN TELEGRAM
πΏ13π4π³3π2
π‘Blackbird is a powerful OSINT tool designed for fast and efficient searches of user accounts by username or email across multiple platforms, streamlining digital investigations.
https://github.com/p1ngul1n0/blackbird
https://github.com/p1ngul1n0/blackbird
π₯10π5π€2
This media is not supported in your browser
VIEW IN TELEGRAM
π€£15π1π1
Ninjasworkout:-- Vulnerable NodeJS Web Application.
ADDED BUGS:-
Prototype Pollution β 1
No SQL Injection β 2
Cross site Scripting β 3
Broken Access Control β 4
Broken Session Management β 5
Weak Regex Implementation β 6
Race Condition β 7
CSRF -Cross Site Request Forgery β 8
Weak Bruteforce Protection β 9
User Enumeration β 10
Reset Password token leaking in Referrer β 11
Reset Password bugs β 12
Sensitive Data Exposure β 13
Unicode Case Mapping Collision β 14
File Upload β 15
SSRF β 16
XXE
Open Redirection β 17
Directory Traversal β 18
Insecure Deserilization => Remote Code Execution β 19
https://github.com/effortlessdevsec/ninjasworkout
ADDED BUGS:-
Prototype Pollution β 1
No SQL Injection β 2
Cross site Scripting β 3
Broken Access Control β 4
Broken Session Management β 5
Weak Regex Implementation β 6
Race Condition β 7
CSRF -Cross Site Request Forgery β 8
Weak Bruteforce Protection β 9
User Enumeration β 10
Reset Password token leaking in Referrer β 11
Reset Password bugs β 12
Sensitive Data Exposure β 13
Unicode Case Mapping Collision β 14
File Upload β 15
SSRF β 16
XXE
Open Redirection β 17
Directory Traversal β 18
Insecure Deserilization => Remote Code Execution β 19
https://github.com/effortlessdevsec/ninjasworkout
β€17π3
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - akr3ch/BugBountyBooks: A collection of PDF/books about the modern web application security and bug bounty.
A collection of PDF/books about the modern web application security and bug bounty. - akr3ch/BugBountyBooks
π₯8β€5π2
Github subdomain takeover
Reward: $200
Program: Public
dev[.]to: https://dev.to/c4ng4c31r0/github-subdomain-takeover-3j6k
Reward: $200
Program: Public
dev[.]to: https://dev.to/c4ng4c31r0/github-subdomain-takeover-3j6k
DEV Community
Github subdomain takeover
reward: 200$ Description A subdomain takeover is when a misconfigured Domain Name...
π₯9π1
Price Tampering & Store XSS Bug poc _ Price Manipulation _ CodePrefer ---> https://t.iss.one/brutsecurity_poc/24
π₯8π€¨3πΏ2π1
Please open Telegram to view this post
VIEW IN TELEGRAM
1π₯6π3
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯8β€4
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯14π2
β‘Awesome Cyber Security University
β https://brootware.github.io/awesome-cyber-security-university/
β https://brootware.github.io/awesome-cyber-security-university/
π₯21β€6π4
Don't forget to give reactionsπ₯·
Please open Telegram to view this post
VIEW IN TELEGRAM
β€25π1
CVE-2024-11187, -12705: Vulnerabilities in BIND DNS Software, 7.5 ratingβοΈ
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
π Link: https://nt.ls/bGSFv
π Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
Two vulnerabilities in BIND allow DoS against DNS servers, which can be a preparatory step before the main attacks.
Search at Netlas.io:
π Link: https://nt.ls/bGSFv
π Dork: dns.banner:"BIND" OR dns_tcp.banner:"BIND"
Read more: https://kb.isc.org/docs/cve-2024-12705
β€7
ProjectSend IDOR ---> https://t.iss.one/brutsecurity_poc/29
β€3π3π³1
This media is not supported in your browser
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯19π6β€1