#bugbountytips

⚡️Speed up your subdomain port scanning by querying A records from a list subdomains and removing duplicate IP addresses 🏃‍♀️💨

You can do this easily by chaining subfinder, dnsx, sort and naabu together:

subfinder -d domain.com -silent | dnxs -a -ro silent | sort -u | naabu -silent | tee ports.txt

⛨ Follow : @HackingInsights

httpXXX://147.182.180.78:8081/CraxsRat-Linuxndroid/

#CraxsRAT #CypherRAT

https://secops.group/certifications/certified-cloud-security-practitioner-aws-ccsp-aws/

100% OFF Coupon : CCSP-AWS-VNM-100

Certified Cloud Security Practitioner–AWS(CCSP-AWS) £100.00

AWS-CCSP 100% OFF Exam by The SecOps Group

📢Want a 100% discount code on our newly launched
Certified Cloud Security Practitioner - AWS (CCSP-AWS) exam?

CVE-2023-27524: Apache Superset Auth Bypass


💥 Script to check if an Apache Superset server is running with an insecure default configuration (CVE-2023-27524). The script checks if a Superset server's session cookies are signed with any well-known default Flask SECRET_KEYs.

The --validate flag can be used to validate exploitability by enumerating databases using the Superset API.

requirements:

flask-unsign==1.2.0
requests==2.26.0
Usage:

CVE-2023-27524.py [-h] --url URL [--id ID] [--validate] [--timeout TIMEOUT]

Download: https://system32.ink/news-feed/p/308/

CVE-2023-1671 | Pre-Auth RCE in Sophos Web Appliance


Dorkfofa

(title="Sophos Web Appliance" || app="Sophos-Web-Appliance") && title!="Sophos Web Appliance：错误请求"

ZoomEye

title:"Sophos Web Appliance"-title:"Sophos Web Appliance: Forbidden"-title:"Sophos Web Appliance: Bad Request"

Shodan

title:"Sophos Web Appliance"

Usage:

python CVE-2023-1671-POC.py -u http://www.example.com
python CVE-2023-1671-POC.py -u http://www.example.com -d xxxxxx.dnslog.cn
python CVE-2023-1671-POC.py -f urls.txt
python CVE-2023-1671-POC.py -f urls.txt -d xxxxxx.dnslog.cn

Download: https://system32.ink/news-feed/p/309/

Recover Deleted Data Using PhotoRec Video

Watch: https://system32.ink/news-feed/p/311/

🔥 OWASP TOP 10 🔥

SESSION AT SHARP 9 PM TODAY

BY JOB PROFESSIONALS

AT - @cyberdemonsindiaa

HOPE YOU'LL COME TO LEARN😌

#happyhacking

This movie will open the eyes of millions of Hindu girls.
#TheKeralaStory

Come On Vc https://t.me/cyberdemonsindiaa?videochat=51b2c0986fb99bde74

👨🏻‍💻Top 10 Tools for Bug Bounty Hunters👨🏻‍💻

Bug bounty hunting is a career that is known for the heavy use of security tools.

These tools help the hunters find vulnerabilities in software, web applications and websites, and are an integral part of bounty hunting.

⚡Link : bit.ly/BugBountyTools

Share :: Support :: Learn

A blog on mobile device security and mobile hacking

https://techofide.com/blogs/what-is-mobile-device-security-how-to-hack-a-phone-practical-demo/

Join our group for more such Cyber security content

t.me/ethicalhackingtechofide

𝘽𝙪𝙜 𝙏𝙮𝙥𝙚: No Rate Limit

𝙇𝙞𝙣𝙠: https://youtube.com/shorts/DKHYV6sjYXQ?feature=share

𝙋𝙡𝙚𝙖𝙨𝙚 𝙨𝙪𝙗𝙨𝙘𝙧𝙞𝙗𝙚 𝙩𝙤 𝙤𝙪𝙧 𝙔𝙤𝙪𝙏𝙪𝙗𝙚 𝙘𝙝𝙖𝙣𝙣𝙚𝙡🙏

CVE-2023-29007 | Git Arbitrary Configuration Injection

Download: https://system32.ink/news-feed/p/314/