Unauthorized Data Upload in Alibaba Cloud β PoC by Chirag Artani π₯
A new video is out on our friendβs channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Donβt miss it! π
We also recommend checking out Chirag Artaniβs website and Twitter for more cybersecurity insights:
π Website: 3rag.com
π Twitter: x.com/Chirag99Artani
A new video is out on our friendβs channel, showcasing the discovery of a fresh vulnerability. The video includes an interesting query and a practical example of exploitation. Donβt miss it! π
We also recommend checking out Chirag Artaniβs website and Twitter for more cybersecurity insights:
π Website: 3rag.com
π Twitter: x.com/Chirag99Artani
YouTube
I found 9322 Targets For Unauthorized Data Upload In Alibaba Cloud | POC Exploit Explained Live
Note: do not harm any server, do not upload any malicious files like malware or anything. This is high severity bug which is leading to upload unauthorized data.
I found 9321 targets which are vulnerable for this vulnerability. This is just for learningβ¦
I found 9321 targets which are vulnerable for this vulnerability. This is just for learningβ¦
π7
One-liner to gather and crawl subdomains, then generate a custom wordlist from the target's discovered URLs ππ½
subfinder -d bugcrowd.com -silent | httpx -silent | hakrawler | tr '[:punct:]' '\n' | sort -u
subfinder -d bugcrowd.com -silent | httpx -silent | hakrawler | tr '[:punct:]' '\n' | sort -u
π13β€3
π Brut Security Hits 10K Subscribers! π
Thank you all for being part of this journey! From sharing knowledge and resources to building a strong cybersecurity community, Brut Security has grown beyond expectations.
Your support fuels everything we doβtraining, tools, research, and challenges like Breaking O-Auth. Whether youβre here for bug bounty tips, pentesting insights, or DFIR knowledge, this is just the beginning.
π₯ More exclusive content, live bug hunting, and deep-dive discussions coming soon! Stay tuned, stay curious, and keep hacking ethically.
#BrutSecurity #10KStrong #BugBounty #Cybersecurity
Thank you all for being part of this journey! From sharing knowledge and resources to building a strong cybersecurity community, Brut Security has grown beyond expectations.
Your support fuels everything we doβtraining, tools, research, and challenges like Breaking O-Auth. Whether youβre here for bug bounty tips, pentesting insights, or DFIR knowledge, this is just the beginning.
π₯ More exclusive content, live bug hunting, and deep-dive discussions coming soon! Stay tuned, stay curious, and keep hacking ethically.
#BrutSecurity #10KStrong #BugBounty #Cybersecurity
π₯10β€4
https://portswigger.net/research/top-10-web-hacking-techniques-of-2024
Please open Telegram to view this post
VIEW IN TELEGRAM
PortSwigger Research
Top 10 web hacking techniques of 2024
Welcome to the Top 10 Web Hacking Techniques of 2024, the 18th edition of our annual community-powered effort to identify the most innovative must-read web security research published in the last year
π₯3π2β€1
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯4
This media is not supported in your browser
VIEW IN TELEGRAM
You can chain Subfinder with Shuffledns to enumerate subdomains & resolve only valid ones.
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯18β€6π2π2
Recon Skills and Tips.pptx.pdf
825.4 KB
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯13β€4π3
Cross Site Scripting (XSS) Through File Upload SVG ---> https://t.iss.one/brutsecurity_poc/38
β€15
A threat actor claims to be in possession of login credentials (email and password) for 20 million OpenAI accounts.
Please open Telegram to view this post
VIEW IN TELEGRAM
πΏ25π₯3π±3π1π¨βπ»1
β https://github.com/trap-bytes/gourlex
Please open Telegram to view this post
VIEW IN TELEGRAM
β€13π3π³1
π₯ CRTO Aspirants & Red Teamers β Must-Check Resource!
β‘If you're preparing for the Certified Red Team Operator (CRTO) or want to refine your red teaming skills, this GitHub repo is a goldmine.
https://github.com/h3ll0clar1c3/CRTO
β‘If you're preparing for the Certified Red Team Operator (CRTO) or want to refine your red teaming skills, this GitHub repo is a goldmine.
https://github.com/h3ll0clar1c3/CRTO
π13β€8π₯3
Please open Telegram to view this post
VIEW IN TELEGRAM
β€13π₯7π1πΏ1