Brut Security
WANT SOME HACKTHEBOX SWAGS? ππ₯ Hereβs your shot at winning exclusive Cyber Apocalypse 2025 swag packs β hoodies, coasters, phone stands, and more! ππ» π Just reshare this post as much as possible! π Top 4 most reshared posts will WIN! Tag your hackerβ¦
Share the post as much as you can, I will do giveaway of HTB 1 SWAG kit to you guys :)
π₯5π2
"If thereβs a flaw in the system, then you have the skill to find it!" -Brut_Security
πΏ18π2π«‘1
Please open Telegram to view this post
VIEW IN TELEGRAM
β€11π10
CVE-2025-27622, -27623, -27624, -27625: Multiple vulnerabilitites in Jenkins, medium ratingβοΈ
The vulnerabilities allow attackers to view encrypted secret values ββand potentially store attacker-controlled content in other users' profiles.
Search at Netlas.io:
π Link: https://nt.ls/SyXh2
π Dork: http.headers.x_jenkins:*
Vendor's advisory: https://www.jenkins.io/security/advisory/2025-03-05/
The vulnerabilities allow attackers to view encrypted secret values ββand potentially store attacker-controlled content in other users' profiles.
Search at Netlas.io:
π Link: https://nt.ls/SyXh2
π Dork: http.headers.x_jenkins:*
Vendor's advisory: https://www.jenkins.io/security/advisory/2025-03-05/
π¨βπ»5π€1
π¨ The Biggest CTF of the Year is HERE! π¨
π₯ Cyber Apocalypse CTF 2025 is coming β and itβs FREE for everyone! Whether youβre a beginner or a seasoned hacker, this is your chance to compete, learn, and win from a massive $90,000 prize pool! π°π»
π οΈ Why Join?
β Open to all skill levels β no prior experience needed!
β Hands-on challenges in web, crypto, forensics, and more!
β Battle it out with the best minds in cybersecurity!
β A chance to grab exclusive HTB swag packs!
π‘ Join the competition now!
π https://hackthebox.com/events/cyber-apocalypse-2025
π₯ Cyber Apocalypse CTF 2025 is coming β and itβs FREE for everyone! Whether youβre a beginner or a seasoned hacker, this is your chance to compete, learn, and win from a massive $90,000 prize pool! π°π»
π οΈ Why Join?
β Open to all skill levels β no prior experience needed!
β Hands-on challenges in web, crypto, forensics, and more!
β Battle it out with the best minds in cybersecurity!
β A chance to grab exclusive HTB swag packs!
π‘ Join the competition now!
π https://hackthebox.com/events/cyber-apocalypse-2025
π±7π1
Forwarded from MR. Z
Hey all Just released New tool Dnsprober v1.0.0 , a tool that helps you for dns reconnaissance and with more concurrent and scalable and easy to install run and ability to make different types of DNS queries efficiently, check it out here:
https://github.com/RevoltSecurities/Dnsprober
https://github.com/RevoltSecurities/Dnsprober
GitHub
GitHub - RevoltSecurities/Dnsprober: dnsprober is a fast and multipurpose DNS reconnaissance tool designed for efficient DNS probingβ¦
dnsprober is a fast and multipurpose DNS reconnaissance tool designed for efficient DNS probing and enumeration. It supports multiple DNS queries, custom resolvers, wildcard filtering, and retryabl...
π₯21
Where is the reactions π§π€¨
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯28π5π2
AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories.
https://github.com/AggressiveUser/AllForOne
https://github.com/AggressiveUser/AllForOne
π₯32β€8π8π6
Please open Telegram to view this post
VIEW IN TELEGRAM
π8π5π₯5
Want to find the origin IP?
1-Hunt for a subdomain with no WAF
2-extract the ASN
2-check it on bgp.he.net
3- grab the IP range, and verify a live IP.
Welcome to their world!
#bugbountytips #BugBounty
1-Hunt for a subdomain with no WAF
2-extract the ASN
2-check it on bgp.he.net
3- grab the IP range, and verify a live IP.
Welcome to their world!
#bugbountytips #BugBounty
π₯29π3π±1
CVE-2025-1661: Path Traversal in The HUSKY WordPress Plugin, 9.8 rating π₯
The vulnerability allows an attacker to execute arbitrary files on the server, including PHP code.
Search at Netlas.io:
π Link: https://nt.ls/OEg7k
π Dork: http.body:"plugins/woocommerce-products-filter"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-products-filter/husky-products-filter-professional-for-woocommerce-1365-unauthenticated-local-file-inclusion
The vulnerability allows an attacker to execute arbitrary files on the server, including PHP code.
Search at Netlas.io:
π Link: https://nt.ls/OEg7k
π Dork: http.body:"plugins/woocommerce-products-filter"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-products-filter/husky-products-filter-professional-for-woocommerce-1365-unauthenticated-local-file-inclusion
π±6π₯4π2π1
CVE-2025-25291, -25292 and other: Multiple vulnerabilitites in GitLab, 8.8 ratingβοΈ
Traditionally, GitLab publishes information about several vulnerabilities at once. These include Interpretation Conflict, DoS, Credentials Disclose, etc.
Search at Netlas.io:
π Link: https://nt.ls/PDxYA
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/
Traditionally, GitLab publishes information about several vulnerabilities at once. These include Interpretation Conflict, DoS, Credentials Disclose, etc.
Search at Netlas.io:
π Link: https://nt.ls/PDxYA
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/
π4π¨βπ»2
Disclosing YouTube Creator Emails for a $20k Bounty
From creator privacy to phishing paradise: How a secret parameter could have exposed the private email addresses of monetized YouTube channels
From creator privacy to phishing paradise: How a secret parameter could have exposed the private email addresses of monetized YouTube channels
brutecat.com
Disclosing YouTube Creator Emails for a $20k Bounty
From creator privacy to phishing paradise: How a secret parameter could have exposed the private email addresses of monetized YouTube channels
π₯10π3πΏ2
π₯9π2
Nightmare
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges.
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges.
guyinatuxedo.github.io
Nightmare - Nightmare
Nightmare: an intro to binary exploitation / reverse engineering course based around CTF challenges.
β€7π1
β€6π1