Forwarded from BlackEye๐ฅท
10+ PK government websites h*-cked.
A perfect payback to pk from #indiancybertroops
https://cmdu.gob(.pk)/
https://forensic.sindhpolice.gov (.pk)/index.php
https://mppbeta.sindhpolice.gov (.pk)/
https://legal.sindhpolice.gov (.pk)/
https://demo.cmdu.gob (.pk)/
https://pphi.cmdu.gob (.pk)/
https://ekacheri.cmdu.gob (.pk)/
https://hubportal.cmdu.gob (.pk)/
https://rds.cmdu.gob (.pk)/
https://test.cmdu.gob (.pk)/
https://expl.kp.gov (.pk)/
A perfect payback to pk from #indiancybertroops
https://cmdu.gob(.pk)/
https://forensic.sindhpolice.gov (.pk)/index.php
https://mppbeta.sindhpolice.gov (.pk)/
https://legal.sindhpolice.gov (.pk)/
https://demo.cmdu.gob (.pk)/
https://pphi.cmdu.gob (.pk)/
https://ekacheri.cmdu.gob (.pk)/
https://hubportal.cmdu.gob (.pk)/
https://rds.cmdu.gob (.pk)/
https://test.cmdu.gob (.pk)/
https://expl.kp.gov (.pk)/
โค2
A new blog on Advance Snort Introduction Detection and Prevention System
https://techofide.com/blogs/mastering-snort-an-intrusion-detection-and-prevention-system-step-by-step-guide/
Join our group for more cyber security content.
t.me/ethicalhackingtechofide
https://techofide.com/blogs/mastering-snort-an-intrusion-detection-and-prevention-system-step-by-step-guide/
Join our group for more cyber security content.
t.me/ethicalhackingtechofide
๐2
MagSpoof
A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card "wirelessly", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy.
A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card "wirelessly", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy.
๐ด How to Become a RED TEAM HACKER ๐ด
โคท A red team hacker is an authorized individual or group that performs simulated cyberattacks to identify vulnerabilities in an organization's systems and help improve its security.
โ Link: bit.ly/RedTeamer
Share & Support โค๏ธ
โคท A red team hacker is an authorized individual or group that performs simulated cyberattacks to identify vulnerabilities in an organization's systems and help improve its security.
โ Link: bit.ly/RedTeamer
Share & Support โค๏ธ
๐ฝ๐ช๐ ๐๐ฎ๐ฅ๐: DOM based XSS
Link: https://youtu.be/gQ_gmgjEbJ0
Please Share your Views ๐๐ปโบ๏ธ & Subscribe to our YouTube channel for more Videos.
Really Thank you for your Support๐๐
Link: https://youtu.be/gQ_gmgjEbJ0
Please Share your Views ๐๐ปโบ๏ธ & Subscribe to our YouTube channel for more Videos.
Really Thank you for your Support๐๐
YouTube
07 DOM XSS
๐ด BE MY FRIEND
๐๐๐ฃ๐จ๐ฉ๐๐๐ง๐๐ข (thecybertix): https://www.instagram.com/thecybertix
๐๐๐ฌ๐๐ฉ๐ฉ๐๐ง: https://twitter.com/thecybertix
๐๐๐๐ฃ๐ ๐๐๐๐ฃ: https://www.linkedin.com/company/cybertix/
๐๐๐๐๐จ๐๐ฉ๐: https://cybertix.in
๐ด RESOURCES
๐๐๐ค๐ช๐ง๐๐ & ๐๐๐ฃ๐ ๐๐๐จ๐ฉ: https://โฆ
๐๐๐ฃ๐จ๐ฉ๐๐๐ง๐๐ข (thecybertix): https://www.instagram.com/thecybertix
๐๐๐ฌ๐๐ฉ๐ฉ๐๐ง: https://twitter.com/thecybertix
๐๐๐๐ฃ๐ ๐๐๐๐ฃ: https://www.linkedin.com/company/cybertix/
๐๐๐๐๐จ๐๐ฉ๐: https://cybertix.in
๐ด RESOURCES
๐๐๐ค๐ช๐ง๐๐ & ๐๐๐ฃ๐ ๐๐๐จ๐ฉ: https://โฆ
๐1
WebSocket Pentration Testing
@crackcodes
HTML5 has introduced many new powerful APIs, one of the more interesting components being websockets. These highlight a trend in web application development to remove or reduce the overhead of HTTP. Websockets are a direct TCP connection between the client browser and the webserver.
Read Article: https://bit.ly/WebSocket_PentrationTesting@crackcodes
XSS where you can inject the payload within the image file name and alert!.
๐๐๐ฃ๐ :
https://twitter.com/thecybertix/status/1658343842943496192?t=oDKM3yzg1SgmXFxPjIoLGA&s=19
๐๐๐ฃ๐ :
https://twitter.com/thecybertix/status/1658343842943496192?t=oDKM3yzg1SgmXFxPjIoLGA&s=19
X (formerly Twitter)
Cybertix (@thecybertix) on X
XSS where you can inject the payload within the image file name and alert!.
Payload: 12345-abc-1-23456<scr<script>ipt>alert(document.cookie)<%2Fscr<script>ipt>.img
Subscribe to our YouTube Channel:
https://t.co/c6zTMaPxRT
#bugbountytips #XSS #Securityโฆ
Payload: 12345-abc-1-23456<scr<script>ipt>alert(document.cookie)<%2Fscr<script>ipt>.img
Subscribe to our YouTube Channel:
https://t.co/c6zTMaPxRT
#bugbountytips #XSS #Securityโฆ
โค1
๐ฅNETGEAR Routers: A Playground for Hackers?
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
Content:
๐พ Summary
๐พ Advisories
๐พ Vulnerabilities
๐ฝ Telnet
๐ PSV-2023-0008 โ Telnet Default Account Privilege Escalation Breakout
๐ฝ Web Application
๐ PSV-2022-???? โ JSON Response Stack Data Leak
๐ฝ SOAP Service
๐ PSV-2023-0009 โ Write HTTP Response Stack Pointer Leak
๐ PSV-2022-???? โ SOAPAction Stack Buffer Overflow
๐ PSV-2023-0010 โ HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
๐ PSV-2023-0011 โ HTTP Protocol Stack Buffer Overflow
๐ PSV-2023-0012 โ SOAP Parameters Stack Buffer Overflow
๐พ Conclusion
Overall, the security posture of custom binaries built by NETGEAR contained many vulnerabilities, largely due to the widespread usage of insecure C functions such as
strcpy, strcat, sprintf, or from off-by-one errors. However, the majority of the binaries on the NETGEAR router were compiled with many protections in place, including stack canaries, non-executable stack (NX), position-independent code (PIE) and address layout randomization (ASLR) enabled. These protections made many of the vulnerabilities identified difficult to exploit on their own.Content:
๐พ Summary
๐พ Advisories
๐พ Vulnerabilities
๐ฝ Telnet
๐ PSV-2023-0008 โ Telnet Default Account Privilege Escalation Breakout
๐ฝ Web Application
๐ PSV-2022-???? โ JSON Response Stack Data Leak
๐ฝ SOAP Service
๐ PSV-2023-0009 โ Write HTTP Response Stack Pointer Leak
๐ PSV-2022-???? โ SOAPAction Stack Buffer Overflow
๐ PSV-2023-0010 โ HTTP Body Off-By-One NULL Terminator Stack Canary Corruption
๐ PSV-2023-0011 โ HTTP Protocol Stack Buffer Overflow
๐ PSV-2023-0012 โ SOAP Parameters Stack Buffer Overflow
๐พ Conclusion
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
โก1๐1
๐ Web Pentesting Roadmap for Success ๐
Web pentesting is a process of finding and exploiting security vulnerabilities in web applications or websites to ensure their security. It involves gathering information about the target, identifying weaknesses, and providing recommendations for improvement.
๐Link: bit.ly/Web-Pentesting-Roadmap
Share with Love๐
Web pentesting is a process of finding and exploiting security vulnerabilities in web applications or websites to ensure their security. It involves gathering information about the target, identifying weaknesses, and providing recommendations for improvement.
๐Link: bit.ly/Web-Pentesting-Roadmap
Share with Love๐
๐1
Forwarded from Tสษชแดแดส Pแดษดษขแดษชษด ( trickypenguin.ink )
Malware is a type of software that is designed to cause harm to a computer or its users. It can be used to steal personal information, damage files, or even take control of a computer.
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
#malware #botnets #torjan
Read Full Article
https://trickypenguin.ink/what-is-malware-and-how-to-protect-against-malware-attacks/
#malware #botnets #torjan
โค5
Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ๐ฉ (๐๐ง๐ค๐ฉ๐ค๐๐ค๐ก ๐๐๐๐ )
CSO
Hackers exploit WordPress vulnerability within hours of PoC exploit release
The exploitation of the vulnerability leads to a cross-site scripting (XSS) attack in which a threat actor can inject malicious scripts, redirects, advertisements, and other forms of URL manipulation into a victim site.
๐ฅ PoC for CVE-2023-32233(tested under Ubuntu 23.04)
Once the PoC is started on a vulnerable system, it may leave that system in an unstable state with corrupted kernel memory. We strongly recommend to test the PoC on a dedicated system to avoid potential data corruptions.
Download: https://system32.ink/news-feed/p/367/
Once the PoC is started on a vulnerable system, it may leave that system in an unstable state with corrupted kernel memory. We strongly recommend to test the PoC on a dedicated system to avoid potential data corruptions.
Download: https://system32.ink/news-feed/p/367/
โค3
Especially when it comes to Bug Bounty hunting, reconnaissance is one of the most valuable things to do. There are still "easy winsโ out there which can be found, if you have a good strategy when it comes to reconnaissance.
In this Blogpost I want to explain, how I am normally performing reconnaissance during Pentests and for Bug Bounties.
Read Full Article
In this Blogpost I want to explain, how I am normally performing reconnaissance during Pentests and for Bug Bounties.
Read Full Article
โคโ๐ฅ3
Media is too big
VIEW IN TELEGRAM
How to save all post in private from public channel
Using bot
Post credit @its_me_dollar
@Deadlymalwarexpbot
Using bot
Post credit @its_me_dollar
@Deadlymalwarexpbot
โค1
g's hacker's ( its a bad day for me but โโค๏ธ
โผ๏ธHere we go again
Microsoft is scanning the inside of password-protected zip files for malware
read_more
#hacker_bano_chutiya_nhe ๐ค
#fuck_Microsoft ๐
โผ๏ธHere we go again
Microsoft is scanning the inside of password-protected zip files for malware
read_more
#hacker_bano_chutiya_nhe ๐ค
#fuck_Microsoft ๐
Forwarded from Tสษชแดแดส Pแดษดษขแดษชษด ( trickypenguin.ink )
Best Online MD5 Encryption & Decryption Tools
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
โค4
This media is not supported in your browser
VIEW IN TELEGRAM
โค10โคโ๐ฅ2๐1
๐ฝ๐ช๐ ๐๐ฎ๐ฅ๐ : Reflected XSS
๐๐๐ฃ๐ : https://youtube.com/shorts/Mw9tXoozrKo?feature=share
๐๐๐ฃ๐ : https://youtube.com/shorts/Mw9tXoozrKo?feature=share
YouTube
Reflected XSS
๐ฝ๐ช๐ ๐๐ฎ๐ฅ๐: Reflected XSS๐ฟ๐๐จ๐๐ง๐๐ฅ๐ฉ๐๐ค๐ฃ: Reflected XSS vulnerability happens when a website fails to validate user input, allowing malicious cod...
๐Google Dorks: Learn to Hack Anyone's Account with Google๐
โ What you'll learn?
โข Complete understanding of Google Dorks
โข How to find Vulnerabilities
โข How to find anyone's Username & Password
โข How to do Google search like a Hacker
๐Link: http://bit.ly/GoogleDorksForHacking
Share with Love๐
โ What you'll learn?
โข Complete understanding of Google Dorks
โข How to find Vulnerabilities
โข How to find anyone's Username & Password
โข How to do Google search like a Hacker
๐Link: http://bit.ly/GoogleDorksForHacking
Share with Love๐
web2shell
A Python program used to automate converting webshells into reverse shells. If you regularly do CTF, HTB, or red teaming you've probably spent a good chunk of time testing payloads to convert a webshell into a reverse shell. This tool aims to simplify this process.
A Python program used to automate converting webshells into reverse shells. If you regularly do CTF, HTB, or red teaming you've probably spent a good chunk of time testing payloads to convert a webshell into a reverse shell. This tool aims to simplify this process.