Brut Security
15.1K subscribers
960 photos
76 videos
290 files
1.01K links
βœ…DM: @wtf_brut
πŸ›ƒWhatsApp: https://wa.link/brutsecurity
🈴Training: https://brutsecurity.com
πŸ“¨Mail: [email protected]
Download Telegram
Brut Security pinned Β«πŸ’­Everyone’s journey in bug bounty is unique. What worked for one hacker may not work for you, and that’s okay. Your growth isn’t defined by someone else’s timeline. You have your own challenges to face, your own lessons to learn, and your own way of mastering…»
⚑Linkook - An OSINT tool for discovering linked social accounts and associated emails across multiple platforms using a single username.

βœ…https://github.com/JackJuly/linkook
πŸ‘13🫑3❀2
Complete Bug Bounty Cheat Sheet.pdf
131.3 KB
❀9πŸ‘3πŸ”₯1🀣1
CVE-2024-47051: RCE in Mautic, 9.1 rating πŸ”₯

The vulnerability allows an attacker to conduct RCE through asset loading, as well as manipulate the file deletion process to delete arbitrary files.

Search at Netlas.io:
πŸ‘‰ Link: https://nt.ls/odIOX
πŸ‘‰ Dork: http.favicon.hash_sha256:67a5904d731636c114513a7df90d4d6bff7a3f690f305ef3487ac84844a5874e

Vendor's advisory: https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2
πŸ‘7😱3
πŸ‘»πŸ‘»πŸ‘»brainstorm - A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery.

πŸ›‘πŸ›‘https://github.com/Invicti-Security/brainstorm
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ‘15πŸ”₯5
πŸ”–Bug Bounty Tip

When you test a Django, Rails, or NodeJs web app try the following payloads in the "Accept:" header.
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ‘27❀18
A Huge Collection of Cybersecurity Tools and Resources!πŸ›‘οΈ
πŸ”—inventory.raw.pm/resources.html
πŸ—Ώ10πŸ‘4😒1
Old but Gold
🀣74😁5πŸ—Ώ5πŸ‘1
πŸ‘»πŸ‘»shosubgo - Small tool to Grab subdomains using Shodan api.
πŸ›‘πŸ›‘https://github.com/incogbyte/shosubgo
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ”₯16πŸ‘3πŸ‘3
πŸ”₯12πŸ—Ώ7πŸ‘¨β€πŸ’»4πŸ‘1
This media is not supported in your browser
VIEW IN TELEGRAM
πŸ”₯πŸ”₯ZeusLeak – Real-time detection for API keys & tokensβ€”no need to dig through JS files manually.
🀍https://github.com/zeusvlun/zeusleak
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ”₯18😱12❀7πŸ‘6
⚠️CVE-2025-1723: Zoho Patches Account Takeover Vulnerability in ADSelfService Plus

πŸ”½Dorks:
HUNTER :
https://product.name="ManageEngine ADSelfService Plus"
FOFA : product="ManageEngine-ADSelfService-Plus"
SHODAN : title:"ADSelfService Plus"

πŸ–₯Refer:https://securityonline.info/cve-2025-1723-zoho-patches-account-takeover-vulnerability-in-adselfservice-plus/
https://manageengine.com/products/self-service-password/advisory/CVE-2025-1723.html

#hunterhow #infosec #infosecurity #OSINT #Vulnerability
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ‘12πŸ”₯10❀2🐳1
⭐️⭐️NEW BOUNTY PLATFORM https://t.iss.one/brutsecurity_poc/43
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ€”21πŸ‘6❀2
dON'T fORGET tO gIVE rEACTIONSπŸ‘€πŸ‘€
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ”₯32❀12🀝3
🚨 CVE-2025-25012 (CVSS 9.9): Critical Code Execution Vulnerability Patched in Elastic Kibana

πŸ‘‡Dorks:
HUNTER : https://product.name="Elastic Kibana"
FOFA : product="Kibana"

πŸ“°Refer:https://securityonline.info/cve-2025-25012-cvss-9-9-critical-code-execution-vulnerability-patched-in-elastic-kibana/

#Kibana#hunterhow #infosec #infosecurity #OSINT #Vulnerability
πŸ”₯5❀3😱3
Please open Telegram to view this post
VIEW IN TELEGRAM
🫑7πŸ‘3😱2
πŸ‘»πŸ‘»πŸ‘»Penetration Testing Notes

πŸ›‘πŸ›‘https://github.com/0xDigimon/PenetrationTesting_Notes-
Please open Telegram to view this post
VIEW IN TELEGRAM
🀝14πŸ‘6❀3πŸ‘3
πŸ”Ž Search for Default Passwords !

pip3 install defaultcreds-cheat-sheet
πŸ‘21πŸ”₯8
πŸ‘»πŸ‘»Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking.

⚠️https://github.com/nicholasaleks/Damn-Vulnerable-Drone
Please open Telegram to view this post
VIEW IN TELEGRAM
πŸ”₯11❀6🫑4πŸ‘2
WANT SOME HACKTHEBOX SWAGS? 🎁πŸ”₯

Here’s your shot at winning exclusive Cyber Apocalypse 2025 swag packs – hoodies, coasters, phone stands, and more! πŸ’€πŸ’»

πŸ” Just
reshare this post as much as possible!
πŸ† Top 4 most reshared posts will WIN!

Tag your hacker buddies and spread the word! Let’s grab that HTB loot! πŸš€πŸ”₯

βœ…
https://x.com/wtf_brut/status/1898032895970922523

#CyberApocalypse2025 #HackTheBox #CTF
πŸ”₯9πŸ€”4πŸ‘3