๐ Tip: Always inspect main.js files for exposed keys.
#bugbountytip #bugbounty #infosec #hacking #hacker
Please open Telegram to view this post
VIEW IN TELEGRAM
โค13๐7๐ฅ3
CTF Search with 24k+ CTF writeups, covering everything from web exploitation to reverse engineering. Check it out!
- ctfsearch.hackmap.win
#infosec #cybersec #bugbountytips
- ctfsearch.hackmap.win
#infosec #cybersec #bugbountytips
20๐ฅ22โค6๐2
โ๏ธwappalyzer-next - wappalyzer alternative based on wappalyzer browser extension.
โก๏ธ โก๏ธ โก๏ธ โก๏ธ 170+ new technologies added in the latest update of wappalyzer, grab it!
โจ๏ธ https://github.com/s0md3v/wappalyzer-next
Please open Telegram to view this post
VIEW IN TELEGRAM
๐12โค4๐ฅ3๐ค1
1. Akokonunes
2. Emadshanab
3. BoobooHQ
4. SirBugs
5. Linuxadi
6. 0xKayala
7. Bhataasim1
8. H0tak88r
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ28๐3๐ณ2๐ฟ2
Want to learn more about Oauth bugs?
Here's a detailed writeup by @Doyensec on Oauth vulns like:
- Redirect Scheme Hijacking
- Scope Upgrade
- Client Confusion
- Mutable Claims
https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html
#bugbounty #bugbountytips
Here's a detailed writeup by @Doyensec on Oauth vulns like:
- Redirect Scheme Hijacking
- Scope Upgrade
- Client Confusion
- Mutable Claims
https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html
#bugbounty #bugbountytips
๐12โค3
Bypassing File Upload Restrictions on Xiaomi Using
Method _BUG BOUNTY POC_
https://t.iss.one/brutsecurity_poc/40
.extensions./%00.png
Method _BUG BOUNTY POC_
๐7๐ณ2๐ฟ2
Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.
-> GitHub.com/VFA250/Morgan
-> GitHub.com/VFA250/Morgan
๐ฅ11โค4๐3
- https://nitinyadav00.github.io/Bug-Bounty-Search-Engine/
Please open Telegram to view this post
VIEW IN TELEGRAM
๐16๐ฅ5๐ค3
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ14๐5๐ฑ3
Start solving and share your writeup with our community members in discussions group. https://t.iss.one/brutsec
Telegram
Discussion
Community Discussion
curl -s URL | grep -Po "(\/)((?:[a-zA-Z\-_\:\.0-9\{\}]+))(\/)*((?:[a-zA-Z\-_\:\.0-9\{\}]+))(\/)((?:[a-zA-Z\-_\/\:\.0-9\{\}]+))" | sort -uPlease open Telegram to view this post
VIEW IN TELEGRAM
โค19๐ฅ5๐ฟ4๐2๐2๐ณ2
๐ฃ๐ฎ๐๐น๐ผ๐ฎ๐ฑ ๐ช๐ถ๐๐ฎ๐ฟ๐ฑ ๐ค - AI assistant that utilizes GPT-3.5 and GPT-4 language models to interpret and generate cybersecurity payloads.
๐ payload-wizard.vercel.app
๐ payload-wizard.vercel.app
๐11๐ฅ4
CVE-2025-0376 and other: Multiple vulnerabilitites in GitLab, 4.2 - 8.7 ratingโ๏ธ
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
๐10๐ฅ2โค1
Please open Telegram to view this post
VIEW IN TELEGRAM
โค36๐คฃ25๐ข4๐1๐จโ๐ป1