3264
Talk and help about bugbounty
can i ask is these vuln to sspp? serverside prototype pollution?
Читать полностью…
Stop Selling Courses Here!
I'll kick you out of the group without warning.
🔒🚨 Breaking News! Something Sinister Lurks in the Shadows 🚨🔒
😱 Unveiling the Dark Web's Darkest Secret... 100K+ ChatGPT Accounts Compromised! 😱
Are your private conversations at risk?
⚠️ Don't wait! Take a peek behind the veil of darkness and learn how cybercriminals are preying on unsuspecting ChatGPT users. Your online safety is at stake!
link : https://lnkd.in/dKYtkC3j
hello guys,
Who have any references include videos, books, and forums for network+
https://desiteck.in/10-reasons-why-cybersecurity-course-is-important/
Читать полностью…
1. view source / js files
2. default/weak/staff credentials
3. find a registration form
4. sql/nosql Injection
5. auth bypass functions (response manipulation)
6. search/fuzz for interesting endpoints
Brothers any one know how to I can see http requests of website not a browser
Читать полностью…
📚 Free Course for OSCP Enthusiasts and Network Penetration Testers 🎯
I have been creating a free course in video and text formats for OSCP enthusiasts and network penetration testers. The course covers topics from Nmap to Active Directory exploitation, focusing on various red team tasks.
With over 5 years of experience and holding certifications like OSEP, OSWE, and OSCP, I have designed this course.
Feel free to connect for queries and improvements.
📖 Course Progress:
Module 1 - Network Enumeration:
1️⃣ Nmap:
- Practical demonstration of Nmap scanning and identifying open ports and services, including Wireshark usage.
- Access the chapter playlist: Nmap Playlist
- Read the GitBook: Nmap GitBook
2️⃣ Enumeration All The Things:
- Covering post-scanning enumeration techniques for network services and ports, explaining over 20 different tools and their use cases.
- Access the chapter playlist: Enumeration Playlist
- Read the GitBook: Enumeration GitBook
3️⃣ Metasploit All The Things:
- Deep dive into Metasploit, exploring its internal structure and various features.
- Perfect for those who want to utilize Metasploit to its full potential.
- Access the chapter playlist: Metasploit Playlist
- Read the GitBook: Metasploit GitBook
4️⃣ Web4Shell:
- Ongoing module showcasing web vulnerabilities that can be exploited for initial access (RCE).
- Covers topics like SQL injection to RCE, LFI to RCE, and more.
- Access the chapter playlist: Web4Shell Playlist
- Read the GitBook: Web4Shell GitBook
Feel free to dive into the course materials and enhance your knowledge in penetration testing! 🚀
Thank you, guys, for the overwhelming response. Whoever sends a resume, I will review it and get back to you. I have received a lot of resumes, so it will take a while.
Читать полностью…
🤔Did you know❓
combining SQL Injection with LFI can lead to Remote Command Execution ☠️❓
⬇️Here's how..
SQL database (Mysql) can write file through into outfile and into dumpfile which can be used to write a small file in a temp directory. The written file may contain command to execute which will be evaluated by LFI and results RCE.
🙂You can watch todays live for a visual understanding against the same at 10PM IST.
https://youtu.be/OnxUnZv4v1s
Check this out
https://link.medium.com/eZQMPMklPAb
где ты вообще нашел этот payload, тут "не хватает", где у тебя %с определенно?
Читать полностью…
Hello, I'm stuck on the sanitization of brackets, and it's not clear how to get around it, if all the encodings, asii, html, base, hex, entity, are perceived simply as a set of characters, I can't get out of the tag, the same with quotes, I don't I can get out of the condition, and therefore my entire payload is just plain text, help with advice?🙂
Читать полностью…
I'm planing to start a security pentest and It services company. Anybody wants work as part time or like partner, if anyone interested, please ping me.
Читать полностью…
https://rashahacks.com/bypassing-okta-sso-https-http/
Читать полностью…
What do you test for , for a login page like this
Читать полностью…
Does anyone know of a telegram or site that can download the latest version of ida64 crack?
Help me
I don't create account in site so don't is my data
Читать полностью…