Hey Hunter's,
DarkShadow here back again, just look at this...
IP Abuse Reports for 127.0.0.1
abuseipdb.com/check/127.0.0.1
DarkShadow here back again, just look at this...
IP Abuse Reports for 127.0.0.1
abuseipdb.com/check/127.0.0.1
π6β€1π€1π«‘1
Hey Hunter's,
DarkShadow here back again, just look at this crazy one! I see someone find this crazy DOSπ₯
Show your love Guy's β€οΈ
DarkShadow here back again, just look at this crazy one! I see someone find this crazy DOSπ₯
Many GraphQL endpoints allow complex queries without auth. If protections like depth limits are missing.
Server will try to resolve it = CPU spike or crash (DOS).
Show your love Guy's β€οΈ
β€11πΏ9π€2
β
To detect Credit & Debit Card Number Leakage use this Nuclei Template - https://github.com/projectdiscovery/nuclei-templates/blob/main/http/miscellaneous/credit-card-number-detect.yaml
1π9π4β€1
Hey Hunter's,
DarkShadow here back again, just dropping a unique XSS method which execute in response header.
XSS in Facebook Response headerπ₯
show your love Guy's β€οΈπ₯
#bugbountytips #xss
DarkShadow here back again, just dropping a unique XSS method which execute in response header.
XSS in Facebook Response headerπ₯
Tip: Always check XSS in redirection parameters.
show your love Guy's β€οΈπ₯
#bugbountytips #xss
β€18π₯6π5πΏ3
Hey Hunter's,
DarkShadow here back again, just dropping a unique method to bypass waf for XSS π₯
Waf Blocked β
javascript:alert()
Waf welcome β
javascript:new Function
#bugbountytips #xss
DarkShadow here back again, just dropping a unique method to bypass waf for XSS π₯
Waf Blocked β
javascript:alert()
Waf welcome β
javascript:new Function
document.body.style.background="red"βοΈ If waf Blocked additional functions then try to change the background colorπ₯
#bugbountytips #xss
π10β€7π4
Shodan.io $5 Lifetime Membership sale is live for the next 24 hours: account.shodan.io/billing/member
Go Grab it Now β¨
Go Grab it Now β¨
π14π1πΏ1
Brut Security pinned Β«Shodan.io $5 Lifetime Membership sale is live for the next 24 hours: account.shodan.io/billing/member Go Grab it Now β¨Β»
Hunter's, DarkShadow here!
One liner for finding files
#bugbountytips
One liner for finding files
subfinder -d domain.com -silent | \
while read host; do \
for path in /config.js /config.json /app/config.js /settings.json /database.json /firebase.json /.env /.env.production /api_keys.json /credentials.json /secrets.json /google-services.json /package.json /package-lock.json /composer.json /pom.xml /docker-compose.yml /manifest.json /service-worker.js; do \
echo "$host$path"; \
done; \
done | httpx -mc 200#bugbountytips
β€29π¨βπ»3πΏ3π₯2
Hunter's, the vulnerability was SSRF loading AWS cloud access.
and effects:
IITE β Institute of Information Technology & Education: Access to confidential student information, assessment data, and internal records.
MUHS β Maharashtra University of Health Sciences: Exposure of examination content, student records, and academic documents.
GSEB β Gujarat Secondary & Higher Secondary Education Board: Exposure of sensitive student records, exam papers, hall tickets, and related educational data.
RGUHS β Rajiv Gandhi University of Health Sciences: Access to examination papers, student records, and other confidential academic information.
And don't forget to follow me ππΌ x.com/darkshadow2bd
#ssrf
and effects:
IITE β Institute of Information Technology & Education: Access to confidential student information, assessment data, and internal records.
MUHS β Maharashtra University of Health Sciences: Exposure of examination content, student records, and academic documents.
GSEB β Gujarat Secondary & Higher Secondary Education Board: Exposure of sensitive student records, exam papers, hall tickets, and related educational data.
RGUHS β Rajiv Gandhi University of Health Sciences: Access to examination papers, student records, and other confidential academic information.
i have a video POC wanna see how i was able exploit this bug!?
And don't forget to follow me ππΌ x.com/darkshadow2bd
#ssrf
π10π3π«‘2π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
β€9π2π1
β¨List of Awesome Red Team / Red Teaming Resources. This list is for anyone wishing to learn about Red Teaming but do not have a starting point.
https://github.com/0xMrNiko/Awesome-Red-Teaming
https://github.com/0xMrNiko/Awesome-Red-Teaming
GitHub
GitHub - 0xMrNiko/Awesome-Red-Teaming: List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learnβ¦
List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. - 0xMrNiko/Awesome-Red-Teaming
β€8π€1
Hey Hunter's,
DarkShadow here back again, just look at this one crazy boolean SQLi.
Sometimes .json files load SQLi. So, it's not necessary that only php file parameters we hunt.
#sqli #bugbountytips
DarkShadow here back again, just look at this one crazy boolean SQLi.
Tip: never forget to test boolean SQLi even it is a .json file parameter
Sometimes .json files load SQLi. So, it's not necessary that only php file parameters we hunt.
#sqli #bugbountytips
π₯12β€6π3πΏ3π€2π³1π¨βπ»1
β€4