My team met developed a Recon Engine with subdomain find, port scan, parameter find, technology detect, information disclosure, git dorking, cve search etc many more features. You guys should check this Recon Engine. If you know anything valid and interesting that missing on the Recon engine you can suggest us by giving link. DM us.
https://freelancermijan.github.io/reconengine/
https://freelancermijan.github.io/reconengine/
👍30❤11🔥7💩5🤝4🥰3
Forwarded from Offensive Security
#Exclusive 🔥
HTB Academy – Bug Bounty Hunter Job Rule Path 2024.11
🔗 Download
Info : https://academy.hackthebox.com/path/preview/bug-bounty-hunter
@offensivesecurity
HTB Academy – Bug Bounty Hunter Job Rule Path 2024.11
🔗 Download
Info : https://academy.hackthebox.com/path/preview/bug-bounty-hunter
@offensivesecurity
❤11👍2
🔖 Here’s a list of 10 Github dorks to find secret and access tokens
"https://target.com" send_keys
"https://target.com" password
"https://target.com" api_key
"https://target.com" apikey
"https://target.com" jira_password
"https://target.com" root_password
"https://target.com" access_token
"https://target.com" config
"https://target.com" client_secret
"https://target.com" user auth
Target
Target : Expect More. Pay Less.
Shop Target online and in-store for everything from groceries and essentials to clothing and electronics. Choose contactless pickup or delivery today.
❤11🔥5👍2
How to Find and Exploit 𝐌𝐢𝐬𝐜𝐨𝐧𝐟𝐢𝐠𝐮𝐫𝐞𝐝 𝐩𝐡𝐩𝐌𝐲𝐀𝐝𝐦𝐢𝐧 | Bug Bounty POC
https://youtu.be/XtIMOsE0554?si=Hq708taLUcVb8nXB
https://youtu.be/XtIMOsE0554?si=Hq708taLUcVb8nXB
YouTube
How to Find and Exploit 𝐌𝐢𝐬𝐜𝐨𝐧𝐟𝐢𝐠𝐮𝐫𝐞𝐝 𝐩𝐡𝐩𝐌𝐲𝐀𝐝𝐦𝐢𝐧 | Bug Bounty POC
"Ready to take your bug bounty skills to the next level? In this video, I’ll show you how to find and exploit misconfigured phpMyAdmin setups in web applications. 🚀
👉 Get Hostinger Discount ➜ https://bit.ly/Hostinger-Coupon-C0de
💥 HOSTINGER COUPON CODE:…
👉 Get Hostinger Discount ➜ https://bit.ly/Hostinger-Coupon-C0de
💥 HOSTINGER COUPON CODE:…
NAS Vulnerability: Command Injection Exploit via Group Parameter | Bug Bounty Tutorial
https://youtu.be/UucbbgsiEoA?si=LZ3l1W7SsRIhaBok
https://youtu.be/UucbbgsiEoA?si=LZ3l1W7SsRIhaBok
YouTube
NAS Vulnerability: Command Injection Exploit via Group Parameter | Bug Bounty Tutorial
🔍 NAS Vulnerability: Command Injection Exploit via Group Parameter | Bug Bounty Tutorial
Welcome back, bug hunters and cybersecurity enthusiasts! 🚀 In this video, we’ll uncover a critical NAS vulnerability involving a command injection exploit through the…
Welcome back, bug hunters and cybersecurity enthusiasts! 🚀 In this video, we’ll uncover a critical NAS vulnerability involving a command injection exploit through the…
👍8
GoogleDorks
Bash
Bash
filetype:ini "password" site:orgfiletype:txt "credentials" site:gov
filetype:yaml "secret_key" -examples
filetype:key "PRIVATE KEY"
filetype:pem "PRIVATE KEY"
filetype:log "debug" "error"
filetype:log "Stack trace" site:edu
filetype:log "unable to connect"
filetype:log "authentication failed"
filetype:json "db_password" -github
filetype:db "database" site:org
filetype:sql "INSERT INTO" "VALUES" site:edu
filetype:dump "database" site:gov
"index of" "backup.sql"
filetype:conf "db_user" site:org
filetype:config "ftp" site:gov
filetype:xml "web.config" site:edu
"index of" "settings.json"
filetype:env "SECRET_KEY"
"index of" "api_key"
filetype:json "api_token"
filetype:txt "api_secret"
"admin login" filetype:php
"index of" "server-status"
filetype:php "mysql_connect" site:gov
"admin dashboard" "login"
filetype:pdf "not for distribution" site:gov
filetype:xlsx "confidential report" site:edu
filetype:doc "salary" "employee"
filetype:docx "restricted access"
filetype:xlsx | filetype:xls "username" "password" site:gov
filetype:xlsx | filetype:xls "username" site:gov
filetype:xlsx | filetype:xls "database" site:gov
filetype:xlsx | filetype:xls "financial" site:gov
filetype:xlsx | filetype:xls "password" site:gov
site:dropbox.com "password"
site:box.com "confidential"
site:drive.google.com "important"
site:onedrive.live.com "restricted"
site:pastebin.com "password"
site:github.com "SECRET_KEY"
site:gitlab.com "PRIVATE_KEY"
site:bitbucket.org "db_password"
👍21🔥14👎1
This is new video find xss/lfi
LFI and XSS Vulnerabilities Explained | Bug Bounty Hunting Made Easy
https://youtu.be/UGDnVb6UPyc?si=hUCxNmf8xJMrjQnj
LFI and XSS Vulnerabilities Explained | Bug Bounty Hunting Made Easy
https://youtu.be/UGDnVb6UPyc?si=hUCxNmf8xJMrjQnj
YouTube
LFI and XSS Vulnerabilities Explained | Bug Bounty Hunting Made Easy
🌟 LFI and XSS Vulnerabilities Explained | Bug Bounty Hunting Made Easy
Welcome to another exciting video on bug bounty hunting and ethical hacking! 🎯 In this tutorial, we break down two critical web vulnerabilities: Local File Inclusion (LFI) and Cross-Site…
Welcome to another exciting video on bug bounty hunting and ethical hacking! 🎯 In this tutorial, we break down two critical web vulnerabilities: Local File Inclusion (LFI) and Cross-Site…
🔥8👍3
CVE-2024-9935.yaml
2.2 KB
body="wp-content/plugins/pdf-generator-addon-for-elementor-page-builder/"
🔥14👍6