π¨βπ³ Damn-Vulnerable-RESTaurant π¨βπ³
β‘οΈAn intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.
β Get: https://github.com/theowni/Damn-Vulnerable-RESTaurant-API-Game
β‘οΈAn intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.
β Get: https://github.com/theowni/Damn-Vulnerable-RESTaurant-API-Game
β€10π₯3
Need to quickly check for exposed backup files? Check out fuzzuli, a simple tool by @musana to quickly check for sensitive files! π€
π github.com/musana/fuzzuli
π github.com/musana/fuzzuli
β€10π₯3πΏ1
π¨New Batch Starting in November! Few seats are left. Hurry Up!
DM to Enroll +918945971332 or wa.link/brutsecurity
DM to Enroll +918945971332 or wa.link/brutsecurity
HUNTER : https://product.name="https://ASP.NET Core"
Please open Telegram to view this post
VIEW IN TELEGRAM
β€12π₯7π3
One of my student in very 1st day of the Advanced Web Pentesing session, just performed a basic automation scan and got sensitive information disclosure.
β If you want to enroll and learn from very beginner level then DM us on https://wa.link/brutsecurity
β If you want to enroll and learn from very beginner level then DM us on https://wa.link/brutsecurity
β€7π5π1
π₯Top 25 Bug Bounty Platform π°
01. Bugcrowd
02. HackerOne
03. Intigriti
04. YesWeHack
05. Synack, Inc.
06. HackenProof | Web3 bug bounty platform
07. Open Bug Bounty
08. Immunefi
09. Cobalt
10. Zerocopter
11. Yogosha
12. SafeHats
13. Vulnerability Research Labs, LLC
14. AntiHACKme Pte Ltd
15. RedStorm Information Security
16. Cyber Army Indonesia
17. Hacktrophy
18. Nordic Defender
19. Capture The Bug
20. Bugbounter
21. Detectify
22. BugBase
23. huntr
24. Pentabug
25. SecureBug
Happy Huntβ€οΈ
01. Bugcrowd
02. HackerOne
03. Intigriti
04. YesWeHack
05. Synack, Inc.
06. HackenProof | Web3 bug bounty platform
07. Open Bug Bounty
08. Immunefi
09. Cobalt
10. Zerocopter
11. Yogosha
12. SafeHats
13. Vulnerability Research Labs, LLC
14. AntiHACKme Pte Ltd
15. RedStorm Information Security
16. Cyber Army Indonesia
17. Hacktrophy
18. Nordic Defender
19. Capture The Bug
20. Bugbounter
21. Detectify
22. BugBase
23. huntr
24. Pentabug
25. SecureBug
Happy Hunt
Please open Telegram to view this post
VIEW IN TELEGRAM
β€26π€¨2πΏ2
π΅οΈββοΈ Hunting for Business Logic Bugs? Try this:
β‘Exploit Flow:
1.Sign up with a new username
2.Activate the account
3.Delete the account
4.Try creating a new account using that same username
π If it stops you β thatβs a Business Logic flaw!
π‘ Usernames from deleted accounts shouldn't stay reserved unless there's a valid reason.
β‘Exploit Flow:
1.Sign up with a new username
2.Activate the account
3.Delete the account
4.Try creating a new account using that same username
π If it stops you β thatβs a Business Logic flaw!
π‘ Usernames from deleted accounts shouldn't stay reserved unless there's a valid reason.
β€12π³6π₯4
This media is not supported in your browser
VIEW IN TELEGRAM
Tired of all the hassle when moving small files around?
Try this absolute gem
cat filename.txt | nc termbin.com 9999
https://termbin.com/abcd β share it, save it, or just keep it for later. No login, no setup. Just pure terminal magic. β¨Perfect for notes, PoCs, or scripts when you're working remotely on a VPS. π»π
#bugbounty #cybersecurity #linuxTips #vps #infosec #hacking #brutsecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
β€18
Tired of switching tabs for OSINT and recon? Just join our Discord and type sudo help to unlock powerful tools in seconds!
β IP & Domain Lookup
β Email & Phone OSINT
β Subdomain Enumeration
β Reverse Image Search
β URL & Virus Scanners
β Temp Email, QR Tools, and more
π You can create and play your own CTF in a minute , right inside Discord!
Try it out now β itβs fast, simple, and all in one chat.
π https://discord.gg/u7uMFV833h
#ctf #bugbounty #osint #cybersecurity #discordtools #infosec
β IP & Domain Lookup
β Email & Phone OSINT
β Subdomain Enumeration
β Reverse Image Search
β URL & Virus Scanners
β Temp Email, QR Tools, and more
π You can create and play your own CTF in a minute , right inside Discord!
Try it out now β itβs fast, simple, and all in one chat.
π https://discord.gg/u7uMFV833h
#ctf #bugbounty #osint #cybersecurity #discordtools #infosec
β€12
JSMap Inspector - A powerful, offline, single-file HTML tool designed for developers and security researchers to inspect and analyze JavaScript Source Map (
https://github.com/ynsmroztas/JSMap-Inspector
.js.map) files.https://github.com/ynsmroztas/JSMap-Inspector
β€16π4π₯2
Please open Telegram to view this post
VIEW IN TELEGRAM
β€20
π¨ CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18.
πDork:
HUNTER : https://product.name="MikroTik RouterOS"||https://product.name="MikroTik SwOS"
πDork:
HUNTER : https://product.name="MikroTik RouterOS"||https://product.name="MikroTik SwOS"
β€7π₯2
CVE-2025-54236: Improper Input Validation in Magento (Adobe Commerce), 9.1 rating π₯
A critical vulnerability disclosed in a recent advisory allows attackers to perform RCE. Exploitation attempts have already been recorded!
Search at Netlas.io:
π Link: https://nt.ls/Edck5
π Dork: tag.name:"magento" AND http.headers.server:"Apache"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb25-88.html
A critical vulnerability disclosed in a recent advisory allows attackers to perform RCE. Exploitation attempts have already been recorded!
Search at Netlas.io:
π Link: https://nt.ls/Edck5
π Dork: tag.name:"magento" AND http.headers.server:"Apache"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb25-88.html
β€3π2πΏ2
Hey Hunters,
DarkShadow here back again, dropping an
interesting XSS input sanitization bypass method.
You might have noticed that most websites currently use input sanitization by blocking certain tags and events, right!? Not really π
Okay, so first, have a look at some example tags that could trigger XSS:
The website blocks these keywords if they appear inside tags like < > or </ > and replaces them with nothing β basically, null or an empty string "".
So, if you try a payload like:
It will be replaced with:
Now, think a bit more deeply β what if you write a payload like this:
In this payload, look at the first part:
Here, <img> is a full image tag, and it will definitely be removed by the sanitization filter. But what about <script<?
You can see the <script> tag isnβt written properly yet β itβs <script followed by <, so it doesnβt match the sanitization logic exactly.
Now, the interesting part is when the <img> tag gets removed from <script <img>>. After that, weβre left with <script>!
That means the transformation is like this:
And finally, we get a valid payload:
So guys, if you really like reading DarkShadowβs methodologies, show your LOVE.
And donβt forget to follow me ππΌ x.com/darkshadow2bd
#bugbountytips #xss
DarkShadow here back again, dropping an
interesting XSS input sanitization bypass method.
You might have noticed that most websites currently use input sanitization by blocking certain tags and events, right!? Not really π
Okay, so first, have a look at some example tags that could trigger XSS:
script, img, a, iframe, object, video, audio, form, meta
The website blocks these keywords if they appear inside tags like < > or </ > and replaces them with nothing β basically, null or an empty string "".
So, if you try a payload like:
<script>alert(1)</script>
It will be replaced with:
alert(1)
Now, think a bit more deeply β what if you write a payload like this:
<script <img>> alert(1) </script </img>>
In this payload, look at the first part:
<script <img>>
Here, <img> is a full image tag, and it will definitely be removed by the sanitization filter. But what about <script<?
You can see the <script> tag isnβt written properly yet β itβs <script followed by <, so it doesnβt match the sanitization logic exactly.
Now, the interesting part is when the <img> tag gets removed from <script <img>>. After that, weβre left with <script>!
That means the transformation is like this:
<script <img>> β remove <img> β <script>
</script </img>> β remove </img> β </script>
And finally, we get a valid payload:
<script>alert(1)</script>
So guys, if you really like reading DarkShadowβs methodologies, show your LOVE.
And donβt forget to follow me ππΌ x.com/darkshadow2bd
#bugbountytips #xss
π16π₯6β€4πΏ4
Extract all endpoints from a JS File and take your bug π
- Method one
- Method two
#infosec #cybersec #bugbountytips
- Method one
waybackurls HOSTS | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?
15*[=: 1\5*[ '\"]?[^'\"]+.js[^'|"> ]*" | awk -F '/'
'{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh
-c "curl -k -s \"%)" | sed \"s/[;}\)>]/\n/g\" | grep -Po \" (L'1|\"](https?: )?[/1{1,2}[^'||l"> 1{5,3)|(\.
(get|post|ajax|load)\s*\(\5*['||\"](https?:)?[/1{1,2}[^'||\"> ]
{5,})\"" | awk -F "['|"]" '{print $2}' sort -fu- Method two
cat JS.txt | grep -aop "(?<=(\"|\'|' ))\/[a-zA-Z0-9?&=\/-#.](?= (\"||'|'))" | sort -u | tee JS.txt#infosec #cybersec #bugbountytips
β€14π1