๐จ CVE-2025-0133 - medium ๐จ
PAN-OS - Reflected Cross-Site Scripting
> A reflected cross-site scripting (XSS) vulnerability in the GlobalProtectโข gateway
๐พ https://t.co/pk8n5FJa8K
PAN-OS - Reflected Cross-Site Scripting
> A reflected cross-site scripting (XSS) vulnerability in the GlobalProtectโข gateway
๐พ https://t.co/pk8n5FJa8K
cloud.projectdiscovery.io
PAN-OS - Reflected Cross-Site Scripting
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtectโข gateway and portal features of Palo Alto Networks PAN-OSยฎ software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when theyโฆ
โค11
Get a 15-day free ZoomEye membership โ just follow https://x.com/zoomeye_team and DM โ
Brut Securityโ to claim, no payment needed!X (formerly Twitter)
ZoomEye (@zoomeye_team) on X
A cyberspace search engine built for security researcher
Daily Tricks || Latest Vulnerability Updates
Email: [email protected]
https://t.co/AUq5jNpKkl
Daily Tricks || Latest Vulnerability Updates
Email: [email protected]
https://t.co/AUq5jNpKkl
๐8โค1
CVE-2025-4278, -5121, 2254 and other: Multiple vulnerabilities in GitLab, 3.7 - 8.7 ratingโ๏ธ
In recent patch notes, GitLab reported ten vulnerabilities, including HTML injection, XSS, DoS, and more.
Search at Netlas.io:
๐ Link: https://nt.ls/dq6qU
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/06/11/patch-release-gitlab-18-0-2-released/#cve-2025-5121---missing-authorization-issue-impacts-gitlab-ultimate-ee
In recent patch notes, GitLab reported ten vulnerabilities, including HTML injection, XSS, DoS, and more.
Search at Netlas.io:
๐ Link: https://nt.ls/dq6qU
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/06/11/patch-release-gitlab-18-0-2-released/#cve-2025-5121---missing-authorization-issue-impacts-gitlab-ultimate-ee
โค9
CF-Hero is a simple tool that helps you discover the origin IP of Cloudflare-protected servers using multiple sources! ๐
๐ github.com/musana/CF-Hero
๐ github.com/musana/CF-Hero
GitHub
GitHub - musana/CF-Hero: CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses ofโฆ
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications - musana/CF-Hero
๐ฅ10โค4๐ฟ1
๐ฎ๐ณ Operation CyberShakti
Independence Day Special Batch
Only for Beginners
๐ป Ethical Hacking & Web Pentesting
๐ Duration: 2 Months (Live Classes)
๐ฅ 10 Students Per Batch
๐ฐ โน3999
๐ https://brutsec.com/CyberShakti.pdf
๐ฉ Join / Ask Queries
Telegram: @wtf_brut
WhatsApp: wa.link/brutsecurity
https://wa.me/+918945971332
No experience? No problem.
Learn from scratch. Build real skills.
Only at Brut Security.
#OperationCyberShakti #BrutSecurity #EthicalHacking #BugBounty #Cybersecurity #BeginnersOnly
Independence Day Special Batch
Only for Beginners
๐ป Ethical Hacking & Web Pentesting
๐ Duration: 2 Months (Live Classes)
๐ฅ 10 Students Per Batch
๐ฐ โน3999
๐ https://brutsec.com/CyberShakti.pdf
๐ฉ Join / Ask Queries
Telegram: @wtf_brut
WhatsApp: wa.link/brutsecurity
https://wa.me/+918945971332
No experience? No problem.
Learn from scratch. Build real skills.
Only at Brut Security.
#OperationCyberShakti #BrutSecurity #EthicalHacking #BugBounty #Cybersecurity #BeginnersOnly
1โค12๐ฅ2๐ค1
This media is not supported in your browser
VIEW IN TELEGRAM
๐ต๏ธโโ๏ธ Bug Bounty Tip - Extract JavaScript File URLs from Any Page!
Forget opening DevTools - use this bookmarklet to instantly extract all .js file URLs and download them in a .txt file.
๐ Why this matters:
Quickly collect all linked JavaScript files
Use them for static analysis (LinkFinder, SecretFinder, etc.)
Great for recon, endpoint discovery & auth bypasses
๐ Bookmarklet Code:
๐ก How to use:
Create a new bookmark in your browser.
Paste the above code into the URL field.
Visit a target site and click the bookmark.
A javascript_urls.txt file will be downloaded with all .js links.
๐ฅ Now you can feed that into:
LinkFinder
SecretFinder
JSParser
Or manual analysis!
Forget opening DevTools - use this bookmarklet to instantly extract all .js file URLs and download them in a .txt file.
๐ Why this matters:
Quickly collect all linked JavaScript files
Use them for static analysis (LinkFinder, SecretFinder, etc.)
Great for recon, endpoint discovery & auth bypasses
๐ Bookmarklet Code:
javascript:(function(){let urls=[];document.querySelectorAll('*').forEach(e=>{urls.push(e.src,e.href,e.url)});urls=[...new Set(urls)].filter(u=>u&&u.endsWith('.js')).join('\n');let blob=new Blob([urls],{type:'text/plain'});let a=document.createElement('a');a.href=URL.createObjectURL(blob);a.download='javascript_urls.txt';a.click();})();๐ก How to use:
Create a new bookmark in your browser.
Paste the above code into the URL field.
Visit a target site and click the bookmark.
A javascript_urls.txt file will be downloaded with all .js links.
๐ฅ Now you can feed that into:
LinkFinder
SecretFinder
JSParser
Or manual analysis!
๐ฅ30โค21๐2๐2๐ณ1๐ค1
โกDependency Confusion via JS Miner
@GodfatherOrwa just landed a clean P1 by leveraging JS Miner in Burp Suite ๐ฅ
Hereโs how it went down ๐
๐งฉ After crawling all endpoints, he went to:
Target โ Extensions โ JS Miner โ Run All Passive Scans
๐ฅ Thatโs when he spotted: [JS Miner] Dependency Confusion
The vulnerable package was unclaimed on NPM ๐
๐ฆ Next steps he followed:
After claiming the package, he injected an RCE payload via
๐งช Full POC: github.com/orwagodfather/NPM-RCE
๐ฃ Result? A solid P1 vulnerability and a perfect example of how effective Dependency Confusion still is.
Props to @GodfatherOrwa for consistently dropping fire techniques ๐ฅ
@GodfatherOrwa just landed a clean P1 by leveraging JS Miner in Burp Suite ๐ฅ
Hereโs how it went down ๐
๐งฉ After crawling all endpoints, he went to:
Target โ Extensions โ JS Miner โ Run All Passive Scans
๐ฅ Thatโs when he spotted: [JS Miner] Dependency Confusion
The vulnerable package was unclaimed on NPM ๐
๐ฆ Next steps he followed:
npm login
mkdir <package-name> && cd <package-name>
npm init -y
npm publish --access public
After claiming the package, he injected an RCE payload via
package.json๐งช Full POC: github.com/orwagodfather/NPM-RCE
๐ฃ Result? A solid P1 vulnerability and a perfect example of how effective Dependency Confusion still is.
Props to @GodfatherOrwa for consistently dropping fire techniques ๐ฅ
GitHub
GitHub - orwagodfather/NPM-RCE: the POC of package.json RCE
the POC of package.json RCE. Contribute to orwagodfather/NPM-RCE development by creating an account on GitHub.
๐ฅ16โค8๐ฟ4๐1
๐ Bug Bounty Web Checklist
โ Track your web pentesting progress by checking each subcategory.
๐https://nemocyberworld.github.io/BugBountyCheckList/
โ Track your web pentesting progress by checking each subcategory.
๐https://nemocyberworld.github.io/BugBountyCheckList/
โค24๐9
BBRecon Masterflow - 2025.pdf
30.4 KB
๐ Bug Bounty Recon Masterflow โ 2025 Edition ๐
๐9โค6๐4๐จโ๐ป3
Grab all the GF Patterns from different Repositories at one shot !! ๐ฅ
*Link* : https://github.com/thecybertix/GF-Patterns
*Link* : https://github.com/thecybertix/GF-Patterns
GitHub
GitHub - thecybertix/GF-Patterns: This repository contains all the GF-Patterns Repositories. All we have to do is just to run theโฆ
This repository contains all the GF-Patterns Repositories. All we have to do is just to run the given Shell File and it's Done !! - thecybertix/GF-Patterns
๐7๐ฅ2โค1
โ๏ธ Nuclei forge: free tool that helps you visually create Nuclei YAML templates !๐ฅ
created by @payloadartist ! ๐
https://forge.bugbountyhunting.com
created by @payloadartist ! ๐
https://forge.bugbountyhunting.com
๐16โค7
๐ Wayback Subdomain Enumeration via Bash
Want to uncover hidden subdomains archived over time? This handy Bash function pulls subdomains from the Wayback Machine and helps with deep reconnaissance.
โ Add this to your ~/.bashrc:
๐งช Usage:
It filters subdomains from archived URLs and sorts them uniquely.
Want to uncover hidden subdomains archived over time? This handy Bash function pulls subdomains from the Wayback Machine and helps with deep reconnaissance.
โ Add this to your ~/.bashrc:
function wayback() {
curl -sk "https://web.archive.org/cdx/search/cdx?url=*.$1&output=txt&fl=original&collapse=urlkey&page=" | awk -F/ '{gsub(/:.*/, "", $3); print $3}' | sort -u
}๐งช Usage:
wayback target.comIt filters subdomains from archived URLs and sorts them uniquely.
๐ฅ18โค11๐8
โ
shosubgo - Small tool to Grab subdomains using Shodan API
โกhttps://github.com/incogbyte/shosubgo
โกhttps://github.com/incogbyte/shosubgo
โค12๐ฟ5๐1
โ
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
โกhttps://github.com/midoxnet/mapperplus
โกhttps://github.com/midoxnet/mapperplus
โค15๐2๐ฅ1