DomLoggerpp by @kevin_mizu is a simple web extension that helps you identify JavaScript DOM sinks that could lead to DOM-based vulnerabilities (such as XSS)! ๐
Check it out! ๐
๐ https://github.com/kevin-mizu/domloggerpp
Check it out! ๐
๐ https://github.com/kevin-mizu/domloggerpp
๐ฅ7๐1
This media is not supported in your browser
VIEW IN TELEGRAM
How to manually check for CL.TE Request Smuggling Vulnerabilities:
1๏ธโฃ See if a GET request accepts POST
2๏ธโฃ See if it accepts HTTP/1
3๏ธโฃ Disable "Update Content-Length"
4๏ธโฃ Send with CL & TE headers:
POST / HTTP/1.1
Host: <HOST-URL>
Content-Length: 6
Transfer-Encoding: chunked
0
G
5๏ธโฃ Send request twice.
If you receive a response like "Unrecognized method GPOST", you've just confirmed a CL.TE vulnerability!
Try this out for yourself in our CL.TE lab: https://portswigger.net/web-security/request-smuggling/lab-basic-cl-te
1๏ธโฃ See if a GET request accepts POST
2๏ธโฃ See if it accepts HTTP/1
3๏ธโฃ Disable "Update Content-Length"
4๏ธโฃ Send with CL & TE headers:
POST / HTTP/1.1
Host: <HOST-URL>
Content-Length: 6
Transfer-Encoding: chunked
0
G
5๏ธโฃ Send request twice.
If you receive a response like "Unrecognized method GPOST", you've just confirmed a CL.TE vulnerability!
Try this out for yourself in our CL.TE lab: https://portswigger.net/web-security/request-smuggling/lab-basic-cl-te
๐19โค8๐3๐ณ1
CVE-2025-7384: Critical PHP Object Injection in WordPress Plugin
A critical vulnerability has been found in the Database for Contact Form 7, WPForms, and Elementor forms WordPress plugin. Since this is a backend-only plugin, it is not directly detectable through standard search dorks. Supported frontend plugins could help determine the scope. However, only about 1% of hosts identified this way are actually vulnerable.
๐ Netlas: https://nt.ls/Be3g6
โน๏ธ Advisory: https://nt.ls/RoI8t
A critical vulnerability has been found in the Database for Contact Form 7, WPForms, and Elementor forms WordPress plugin. Since this is a backend-only plugin, it is not directly detectable through standard search dorks. Supported frontend plugins could help determine the scope. However, only about 1% of hosts identified this way are actually vulnerable.
๐ Netlas: https://nt.ls/Be3g6
โน๏ธ Advisory: https://nt.ls/RoI8t
๐5
๐ฅ Exclusive ZoomEye Offer for Brut Security Members
โ ZoomEye is giving Brut Security members 5% off any membership plan โ monthly or yearly โ through our special link.
๐ How it works:
โฆ Click our link: https://www.zoomeye.ai/pricing?aff=INVITE-2SW2-FC96
โฆ Get instant 5% discount on your purchase
๐ก Perfect for bug bounty hunters, pentesters, and researchers who rely on fast, deep internet asset scanning.
#bugbounty #pentesting #osint #cybersecurity #tools
โ ZoomEye is giving Brut Security members 5% off any membership plan โ monthly or yearly โ through our special link.
๐ How it works:
โฆ Click our link: https://www.zoomeye.ai/pricing?aff=INVITE-2SW2-FC96
โฆ Get instant 5% discount on your purchase
๐ก Perfect for bug bounty hunters, pentesters, and researchers who rely on fast, deep internet asset scanning.
#bugbounty #pentesting #osint #cybersecurity #tools
ZoomEye
Search Engine of Internet-Connected Devices. Create a Free Account to Get Started.
๐ฅ3โค1
Brut Security pinned ยซ๐ฅ Exclusive ZoomEye Offer for Brut Security Members โ
ZoomEye is giving Brut Security members 5% off any membership plan โ monthly or yearly โ through our special link. ๐ How it works: โฆ Click our link: https://www.zoomeye.ai/pricing?aff=INVITE-2SW2-FC96โฆยป
Hey Hunter's,
DarkShadow here back again, just look at this...
IP Abuse Reports for 127.0.0.1
abuseipdb.com/check/127.0.0.1
DarkShadow here back again, just look at this...
IP Abuse Reports for 127.0.0.1
abuseipdb.com/check/127.0.0.1
๐6โค1๐ค1๐ซก1
Hey Hunter's,
DarkShadow here back again, just look at this crazy one! I see someone find this crazy DOS๐ฅ
Show your love Guy's โค๏ธ
DarkShadow here back again, just look at this crazy one! I see someone find this crazy DOS๐ฅ
Many GraphQL endpoints allow complex queries without auth. If protections like depth limits are missing.
Server will try to resolve it = CPU spike or crash (DOS).
Show your love Guy's โค๏ธ
โค11๐ฟ9๐ค2
โ
To detect Credit & Debit Card Number Leakage use this Nuclei Template - https://github.com/projectdiscovery/nuclei-templates/blob/main/http/miscellaneous/credit-card-number-detect.yaml
1๐9๐4โค1
Hey Hunter's,
DarkShadow here back again, just dropping a unique XSS method which execute in response header.
XSS in Facebook Response header๐ฅ
show your love Guy's โค๏ธ๐ฅ
#bugbountytips #xss
DarkShadow here back again, just dropping a unique XSS method which execute in response header.
XSS in Facebook Response header๐ฅ
Tip: Always check XSS in redirection parameters.
show your love Guy's โค๏ธ๐ฅ
#bugbountytips #xss
โค18๐ฅ6๐5๐ฟ3
Hey Hunter's,
DarkShadow here back again, just dropping a unique method to bypass waf for XSS ๐ฅ
Waf Blocked โ
javascript:alert()
Waf welcome โ
javascript:new Function
#bugbountytips #xss
DarkShadow here back again, just dropping a unique method to bypass waf for XSS ๐ฅ
Waf Blocked โ
javascript:alert()
Waf welcome โ
javascript:new Function
document.body.style.background="red"โ๏ธ If waf Blocked additional functions then try to change the background color๐ฅ
#bugbountytips #xss
๐10โค7๐4
Shodan.io $5 Lifetime Membership sale is live for the next 24 hours: account.shodan.io/billing/member
Go Grab it Now โจ
Go Grab it Now โจ
๐14๐1๐ฟ1
Brut Security pinned ยซShodan.io $5 Lifetime Membership sale is live for the next 24 hours: account.shodan.io/billing/member Go Grab it Now โจยป
Hunter's, DarkShadow here!
One liner for finding files
#bugbountytips
One liner for finding files
subfinder -d domain.com -silent | \
while read host; do \
for path in /config.js /config.json /app/config.js /settings.json /database.json /firebase.json /.env /.env.production /api_keys.json /credentials.json /secrets.json /google-services.json /package.json /package-lock.json /composer.json /pom.xml /docker-compose.yml /manifest.json /service-worker.js; do \
echo "$host$path"; \
done; \
done | httpx -mc 200#bugbountytips
โค29๐จโ๐ป3๐ฟ3๐ฅ2