Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - initstring/cloud_enum: Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. - initstring/cloud_enum
👏1
If you're into generating subdomains quickly 🚀
check out this website: husseinphp.github.io/subdomain/
#bugbountytips #bugbountytip #BugBounty
check out this website: husseinphp.github.io/subdomain/
#bugbountytips #bugbountytip #BugBounty
❤6
Which One Applies To You?
Anonymous Poll
39%
Red Teamer 🍓
5%
Blue Teamer 🧊
3%
Purple Teamer 🍇
35%
Bug Hunter 🤓
3%
Forensic 💻
15%
Beginner 🍌
Thank You All Who Wished Me A Happy Teacher's Day 🙌
Please open Telegram to view this post
VIEW IN TELEGRAM
❤4
Some of the BEST Extensions for Burp Suite,
1. Autorize
2. Turbo Intruder
3. JS Link Finder
4. SQLiPy Sqlmap Integration
5. Burp NoSQLi Scanner
6. InQL Scanner
7. Logger++
8. Param Miner
9. Upload Scanner
10. Auto Repeater
1. Autorize
2. Turbo Intruder
3. JS Link Finder
4. SQLiPy Sqlmap Integration
5. Burp NoSQLi Scanner
6. InQL Scanner
7. Logger++
8. Param Miner
9. Upload Scanner
10. Auto Repeater
👍6❤4
CVE-2024-44000: Unauthenticated Account Takeover in LiteSpeed Cache plugin for WordPress, 9.8 rating 🔥
A vulnerability in the debug log allows attackers to gain access to user sessions, potentially leading to complete control over a website.
Search at Netlas.io:
👉 Link: https://nt.ls/syLAy
👉 Dork: http.body:"plugins/litespeed-cache"
Read more: https://securityonline.info/cve-2024-44000-cvss-9-8-litespeed-cache-flaw-exposes-millions-of-wordpress-sites-to-takeover-attacks/
A vulnerability in the debug log allows attackers to gain access to user sessions, potentially leading to complete control over a website.
Search at Netlas.io:
👉 Link: https://nt.ls/syLAy
👉 Dork: http.body:"plugins/litespeed-cache"
Read more: https://securityonline.info/cve-2024-44000-cvss-9-8-litespeed-cache-flaw-exposes-millions-of-wordpress-sites-to-takeover-attacks/
👍4
🚨 Breaking O-Auth: 2 Days Challenge 🚨
Are you ready to dive into the world of OAuth attacks? Join us for an intense 2-day challenge where you'll master the art of breaking OAuth through hands-on practicals and solid theory!
💡 What’s in store?
🔍 Day 1: Learn the fundamentals of OAuth and how it's implemented across applications. We’ll cover OAuth flows, token types, scopes, and common pitfalls.
🛠️ Day 2: Get your hands dirty with real-world OAuth vulnerabilities. Experience first-hand how attackers exploit misconfigurations and weaknesses, and learn how to patch them!
This challenge is for hackers and security professionals looking to level up their skills in OAuth security. Whether you’re a beginner or a pro, this challenge will help you understand the inner workings of OAuth and its vulnerabilities.
👩💻 Practical + Theory: Each day is a balanced mix of hands-on exercises and deep-dive discussions to help you truly understand OAuth’s attack surface.
📍 Where: https://nas.io/brutsecurity/challenges/breaking-oauth-4-days-challenge-copy
Don’t miss out on this opportunity to learn and conquer OAuth!
Are you ready to dive into the world of OAuth attacks? Join us for an intense 2-day challenge where you'll master the art of breaking OAuth through hands-on practicals and solid theory!
💡 What’s in store?
🔍 Day 1: Learn the fundamentals of OAuth and how it's implemented across applications. We’ll cover OAuth flows, token types, scopes, and common pitfalls.
🛠️ Day 2: Get your hands dirty with real-world OAuth vulnerabilities. Experience first-hand how attackers exploit misconfigurations and weaknesses, and learn how to patch them!
This challenge is for hackers and security professionals looking to level up their skills in OAuth security. Whether you’re a beginner or a pro, this challenge will help you understand the inner workings of OAuth and its vulnerabilities.
👩💻 Practical + Theory: Each day is a balanced mix of hands-on exercises and deep-dive discussions to help you truly understand OAuth’s attack surface.
📍 Where: https://nas.io/brutsecurity/challenges/breaking-oauth-4-days-challenge-copy
Don’t miss out on this opportunity to learn and conquer OAuth!
nas.io
Breaking O-Auth : 2 Days Challenge
2 days • Challenge by Rahim7x
Brut Security pinned «🚨 Breaking O-Auth: 2 Days Challenge 🚨 Are you ready to dive into the world of OAuth attacks? Join us for an intense 2-day challenge where you'll master the art of breaking OAuth through hands-on practicals and solid theory! 💡 What’s in store? 🔍 Day 1: Learn…»
Filed another report explaining the root cause in detail. If we get 200 members in the O-auth challenge I'll disclose the report exclusively here
❤1
📮 NetScan CLI is a command-line tool for retrieving and analyzing IP address information. It provides detailed subnet and organization data for given IP addresses using various online services.
🔗https://github.com/nullenc0de/netscan
🔗https://github.com/nullenc0de/netscan
🔥6❤1
Top 50 Google Dorks for #BugBounty and #Responsible #Disclosure Programs For Beginners
inurl:"/bug bounty"
inurl:"/responsible disclosure"
inurl:"/security.txt"
inurl:"/responsible-disclosure/reward"
inurl:"/responsible-disclosure/swag"
"submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone"
site:.gov. "responsible disclosure"
intext:"we take security very seriously"
.com"powered by bugcrowd" -site
report vulnerabilitysite:*.edu intext
" -hackerone -bugcrowd -synack -openbugbountyinurl:"/.well-known/security ext
inurl:"security report reward"
intext:"responsible disclosure" university
" "contact"inurl:"/security ext
inurl:"vulnerability-disclosure-policy" reward
intext:"report security vulnerability"
inurl:"/security-report"
inurl:"/vulnerability-report"
inurl:"/responsible-disclosure" ext
inurl:"/bug-bounty-program"
inurl:"/bounty-program"
inurl:"/security-researchers"
.cominurl:"/security-ext" -site
"inurl:"/vulnerability ext
inurl:"/security-response"
site:*.org "responsible disclosure"
site:*.gov "submit vulnerability"
intext:"vulnerability submission program"
"inurl:"/bounty ext
"inurl:"/bug-bounty ext
inurl:"security-reporting"
inurl:"security policy reward"
inurl:"responsible disclosure" reward
"inurl:"/responsible-disclosure ext
"inurl:"/responsible-disclosure ext
"inurl:"/bug-bounty ext
"inurl:"/vulnerability-report ext
inurl:"security report bug reward"
inurl:"vulnerability-reward-program"
inurl:"/bounty-policy"
inurl:"/bug-report"
inurl:"security vulnerability report reward"
site:*.edu "bug bounty"
"inurl:"/vuln ext
"inurl:"/security ext
inurl:"security vulnerability report"
"inurl:"/bug-bounty ext
"inurl:"/responsible-disclosure ext
inurl:"bug bounty" filetype
site:*.gov intext:"submit a vulnerability"
inurl:"/bug bounty"
inurl:"/responsible disclosure"
inurl:"/security.txt"
inurl:"/responsible-disclosure/reward"
inurl:"/responsible-disclosure/swag"
"submit vulnerability report" | "powered by bugcrowd" | "powered by hackerone"
site:.gov. "responsible disclosure"
intext:"we take security very seriously"
.com"powered by bugcrowd" -site
report vulnerabilitysite:*.edu intext
" -hackerone -bugcrowd -synack -openbugbountyinurl:"/.well-known/security ext
inurl:"security report reward"
intext:"responsible disclosure" university
" "contact"inurl:"/security ext
inurl:"vulnerability-disclosure-policy" reward
intext:"report security vulnerability"
inurl:"/security-report"
inurl:"/vulnerability-report"
inurl:"/responsible-disclosure" ext
inurl:"/bug-bounty-program"
inurl:"/bounty-program"
inurl:"/security-researchers"
.cominurl:"/security-ext" -site
"inurl:"/vulnerability ext
inurl:"/security-response"
site:*.org "responsible disclosure"
site:*.gov "submit vulnerability"
intext:"vulnerability submission program"
"inurl:"/bounty ext
"inurl:"/bug-bounty ext
inurl:"security-reporting"
inurl:"security policy reward"
inurl:"responsible disclosure" reward
"inurl:"/responsible-disclosure ext
"inurl:"/responsible-disclosure ext
"inurl:"/bug-bounty ext
"inurl:"/vulnerability-report ext
inurl:"security report bug reward"
inurl:"vulnerability-reward-program"
inurl:"/bounty-policy"
inurl:"/bug-report"
inurl:"security vulnerability report reward"
site:*.edu "bug bounty"
"inurl:"/vuln ext
"inurl:"/security ext
inurl:"security vulnerability report"
"inurl:"/bug-bounty ext
"inurl:"/responsible-disclosure ext
inurl:"bug bounty" filetype
site:*.gov intext:"submit a vulnerability"
👍4🔥4❤3