Forwarded from Netlas.io
๐ฅ Netlas Private Scanner is Here! ๐ฅ
Now you can perform super fast non-intrusive scan of any attack surface or even single IP address, and analyze up-to-date results ๐
Other improvements:
๐ค Team features (sharing) added to the Discovery and Scanner
๐ Fixed the Discovery Download bug
๐ฅ Some minor updates
๐ Read more: https://docs.netlas.io/easm/scanner/
Now you can perform super fast non-intrusive scan of any attack surface or even single IP address, and analyze up-to-date results ๐
Other improvements:
๐ค Team features (sharing) added to the Discovery and Scanner
๐ Fixed the Discovery Download bug
๐ฅ Some minor updates
๐ Read more: https://docs.netlas.io/easm/scanner/
๐ฅ1
CVE-2024-38816: Path Traversal in Spring Framework, 7.5 ratingโ๏ธ
An attacker can create a malicious HTTP request and use it to gain access to any file accessible by the Spring application process. However, this is easily blocked using the Spring Firewall, so don't forget to enable it.
Search at Netlas.io:
๐ Link: https://nt.ls/jT0JO
๐ Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38816
An attacker can create a malicious HTTP request and use it to gain access to any file accessible by the Spring application process. However, this is easily blocked using the Spring Firewall, so don't forget to enable it.
Search at Netlas.io:
๐ Link: https://nt.ls/jT0JO
๐ Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38816
โค1๐1
๐CVE-2024-23692:Unauthenticated RCE Flaw in Rejetto HTTP File Server
๐ฅNew PoC:https://github.com/verylazytech/CVE-2024-23692
๐Dork:
HUNTER: web.body="HttpFileServer"&&header.server=="HFS 2.3m"
๐ฅNew PoC:https://github.com/verylazytech/CVE-2024-23692
๐Dork:
HUNTER: web.body="HttpFileServer"&&header.server=="HFS 2.3m"
โค4๐3
CVE-2024-38812, -38813: Two vulnerabilities in VMware vCenter, 7.5 - 9.8 rating ๐ฅ
Heap overflow and privilege escalation vulns on unpatched servers allow attackers to easily perform RCE using a specially crafted network packet.
Search at Netlas.io:
๐ Link: https://nt.ls/44tRg
๐ Dork: http.title:"ID_VC_Welcome" OR certificate.issuer.domain_component:"vsphere"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
Heap overflow and privilege escalation vulns on unpatched servers allow attackers to easily perform RCE using a specially crafted network packet.
Search at Netlas.io:
๐ Link: https://nt.ls/44tRg
๐ Dork: http.title:"ID_VC_Welcome" OR certificate.issuer.domain_component:"vsphere"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
๐2
Looking for Active Discord Moderators. Do DM Me With Your Past Experiences. ๐
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฟ5โค4๐ฅ3
https://github.com/pdelteil/scammy-bbp This repository contains a list of all the bug bounty programs that do not value the time and effort of hackers correctly. (Before you hunt on any target it's better to have reviews from other hackers)
GitHub
GitHub - pdelteil/scammy-bbp: Self-hosted bug bounty programs that are "scammy" or unethical
Self-hosted bug bounty programs that are "scammy" or unethical - pdelteil/scammy-bbp
โค10๐1
Brut Security pinned ยซhttps://github.com/pdelteil/scammy-bbp This repository contains a list of all the bug bounty programs that do not value the time and effort of hackers correctly. (Before you hunt on any target it's better to have reviews from other hackers)ยป
Vulnerabilities to look for in complex applications
https://x.com/Rahim7X/status/1800824051340026051?t=XgFB06JWQuTtk4e0M6cJQg&s=19
https://x.com/Rahim7X/status/1800824051340026051?t=XgFB06JWQuTtk4e0M6cJQg&s=19
X (formerly Twitter)
Rahim (@0xRahim_) on X
Few vulnerabilities to look for while testing modern web applications. #bugbounty
1) Access control and IDOR :
pull api routes from javascript files and wayback javascript. documentation and wayback documentation.
1) Access control and IDOR :
pull api routes from javascript files and wayback javascript. documentation and wayback documentation.
๐1
Please open Telegram to view this post
VIEW IN TELEGRAM
Intigriti
Hacking misconfigured Cloudflare R2 buckets: A complete guide
Cloudflare R2 buckets are recently becoming more popular as an alternative to AWS S3 buckets for their simplicity, integration support and zero-egress fees. Customers who opt-in to use Cloudflare R2 a...
๐3โค1
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ8โค1๐1
Please open Telegram to view this post
VIEW IN TELEGRAM
app.netlas.io
Discover, Research and Monitor any Assets Available Online
Internet intelligence apps that provide accurate technical information on IP addresses, domain names, websites, web applications, IoT devices, and other online assets.
Brut Security pinned ยซ๐จ If you're looking for accurate IoT results, then Sign Up On @Netlas ๐ฎโ๐จ https://app.netlas.io/ref/9cc61538/ยป
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ6
Finding Hidden Parameter & Potential XSS with Arjun + KXSS
arjun -q -u target -oT arjun && cat arjun | awk -F'[?&]' '{baseUrl=$1; for(i=2; i<=NF; i++) {split($i, param, "="); print baseUrl "?" param[1] "="}}' | kxssโค13
JS Recon : WaybackURLs & HTTPX
waybackurls url | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} python lazyegg[.]py "{}" --js_urls --domains --ips > urls && cat urls | grep '\.' | sort -u | xargs -I{} httpx -silent -u {} -sc -title -td
๐6โค3