28M Telegram userlari menimcha olishga arziydi albatta OSINT va Threat Intellegence bilan shug'ullanadiganlar uchun bu ajyoib topilma bo'ladi. Holbuki barcha bu yo'nalish bilan shug'ullanadiganlarning o'zlari yig'adigan databasa lari bo'ladi va bu yondashuv ish jarayonida juda ham qo'l keladi.
#OSINT #TH #BreachForum #DataLeak
#OSINT #TH #BreachForum #DataLeak
🌚2
SecList for CyberStudents
28M Telegram userlari menimcha olishga arziydi albatta OSINT va Threat Intellegence bilan shug'ullanadiganlar uchun bu ajyoib topilma bo'ladi. Holbuki barcha bu yo'nalish bilan shug'ullanadiganlarning o'zlari yig'adigan databasa lari bo'ladi va bu yondashuv…
Hali o'zim analiz qilmadim. Lekin analiz qilganlarning aytishlaricha 3k dan ortiq uz ga taaluqli telefon raqamlar bor ekan 👀
😐9😁1
🚨 Critical Uber API Vulnerability | UUIDs Are NOT Security ($2,000 Bounty)
Real-world BOLA vulnerability affecting Uber APIs. In this video I explain how missing object-level authorization allowed access to sensitive restaurant analytics using UUID manipulation + Burp Suite.
🎥 https://youtu.be/LLagPYt-cjc
#cybersecurity #bugbounty #api #owasp
Real-world BOLA vulnerability affecting Uber APIs. In this video I explain how missing object-level authorization allowed access to sensitive restaurant analytics using UUID manipulation + Burp Suite.
🎥 https://youtu.be/LLagPYt-cjc
#cybersecurity #bugbounty #api #owasp
YouTube
Critical Uber API Vulnerability | UUIDs Are NOT Security ($2,000 Bounty) | BOLA Vulnerability PoC
🚨 Critical Uber API Vulnerability — UUIDs Are NOT Security ($2,000 Bounty)
In this video, we perform a deep technical analysis of a real-world Uber API vulnerability involving BOLA (Broken Object Level Authorization) — one of the most critical and common…
In this video, we perform a deep technical analysis of a real-world Uber API vulnerability involving BOLA (Broken Object Level Authorization) — one of the most critical and common…
https://t.me/yetimdasturchi/3654 aytganlariday oxiri vazelin bilan tugaydi bu ketishda))
🤣21🗿12💩4😁3🔥2❤1
Source: https://github.com/twintproject/
Twint or use Snscrape For Free
Platforms Supported by snscrape:
Twitter (X)
TikTok
YouTube
Reddit
GitHub
Facebook Pages (limited)
Wikipedia
Instagram (partial support)
Others (if applicable)
#OSINT #Twint #TI #X #CyberSecurity #Snscrape
Twint or use Snscrape For Free
Platforms Supported by snscrape:
Twitter (X)
TikTok
YouTube
GitHub
Facebook Pages (limited)
Wikipedia
Instagram (partial support)
Others (if applicable)
#OSINT #Twint #TI #X #CyberSecurity #Snscrape
❤1🤔1
Qilayotgan ishlaringiz umuman yaxshi emas aslida....
Undan ko'ra haqiqiy proof bo'lishga harakat qilinglar! BF da buni elon qilish sizlarga hech nima bermaydi... Subdomainlarga qarasak men ham hech qachon bularga etibor bermagan ekanim oldinlari. Ko'zdan chetda qolgan subdomainlardan SQLi chiqish ehtimoli juda yuqori bo'ladi. To'g'ri BlackHat tajriba orttirish uchun yaxshidir ammo buni jar solish yaxshi emas, shunchalik info ga qiziqsang o'zing uchun olib qoy bo'ldi.... Aytgancha bu qonunga xilof hisoblanadi,,,,
#BF #DataLeak #SomeSubdomains
Undan ko'ra haqiqiy proof bo'lishga harakat qilinglar! BF da buni elon qilish sizlarga hech nima bermaydi... Subdomainlarga qarasak men ham hech qachon bularga etibor bermagan ekanim oldinlari. Ko'zdan chetda qolgan subdomainlardan SQLi chiqish ehtimoli juda yuqori bo'ladi. To'g'ri BlackHat tajriba orttirish uchun yaxshidir ammo buni jar solish yaxshi emas, shunchalik info ga qiziqsang o'zing uchun olib qoy bo'ldi.... Aytgancha bu qonunga xilof hisoblanadi,,,,
#BF #DataLeak #SomeSubdomains
🔥12🌭5🤣4💯2👍1😁1🍾1😎1👾1
TGPages Atlas (https://tgpages.com/atlas/map/)
An interactive map of Telegram channels that helps you quickly find communities by topic and assess their interests. This is a convenient visual catalog for a basic analysis of the Telegram ecosystem. It's a useful resource for quickly finding similar channels, tracking thematic connections, and understanding audience distribution around a specific topic.
Link to the service (https://tgpages.com/atlas/map/)
#OSINT
An interactive map of Telegram channels that helps you quickly find communities by topic and assess their interests. This is a convenient visual catalog for a basic analysis of the Telegram ecosystem. It's a useful resource for quickly finding similar channels, tracking thematic connections, and understanding audience distribution around a specific topic.
Link to the service (https://tgpages.com/atlas/map/)
#OSINT
❤2
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
https://securityaffairs.com/192209/security/pwn2own-berlin-2026-day-two-385750-more-microsoft-exchange-falls-and-the-running-total-crosses-900k.html
https://securityaffairs.com/192209/security/pwn2own-berlin-2026-day-two-385750-more-microsoft-exchange-falls-and-the-running-total-crosses-900k.html
Security Affairs
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days.
🔥3❤1
🚨 Attackers are buying stolen employee credentials every day and try to attack companies, protect yourself from this threat ...
Xleak.io helps companies monitor leaked corporate credentials across dark web and infostealer logs before they turn into breaches.
Find employees combo (email:pass) for verified business domains and prevent attacks against your customers as well!
Bug bounty hunters could also benefit to look for leaked credentials for their targeted programs and earn bounties
Get your company report immediatly and access now at:
xleak.io
Bonus: Dedicated API access for Enterprises is available!
#bugbountytips #bugbounty #hackerone #CyberSecurity #ThreatIntel #Infostealer #DarkWeb
Xleak.io helps companies monitor leaked corporate credentials across dark web and infostealer logs before they turn into breaches.
Find employees combo (email:pass) for verified business domains and prevent attacks against your customers as well!
Bug bounty hunters could also benefit to look for leaked credentials for their targeted programs and earn bounties
Get your company report immediatly and access now at:
xleak.io
Bonus: Dedicated API access for Enterprises is available!
#bugbountytips #bugbounty #hackerone #CyberSecurity #ThreatIntel #Infostealer #DarkWeb
❤3
Forwarded from Yetim dasturchi kundaligi
Kripto kurslar qancha bo'lyapti ekan bolajonlar?)
Menimcha sizlar meni taniysizlar. Nu menam endi sizlarni tanishni boshladim.
P.S: O'sha nosvoydan chekib yaxshilab o'ylab ko'rganinglar durust. Qariya sifatida maslahat beraman: bilimni boshqa yaxshi ishlar uchunam ishlatsa bo'ladi. Hali ham kech emas.
Menimcha sizlar meni taniysizlar. Nu menam endi sizlarni tanishni boshladim.
P.S: O'sha nosvoydan chekib yaxshilab o'ylab ko'rganinglar durust. Qariya sifatida maslahat beraman: bilimni boshqa yaxshi ishlar uchunam ishlatsa bo'ladi. Hali ham kech emas.
❤3🔥1
Forwarded from infosec
• Судя по всему, кто-то нашел github токен сотрудника Grafana, который предоставил доступ к Grafana Labs на GitHub и позволил выгрузить всю кодовую базу. Однако вместо репорта по программе bug bounty, гений решил потребовать выкуп за удаление скачанных исходников. К слову, выкуп никто не заплатил, а вот что будет с исходниками — пока неясно.
➡️ https://www.kucoin.com/
#Новости
#Новости
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Turan Security
Toshkentda kiberxavfsizlik, sun'iy intellekt va bulutli texnologiyalar bo'yicha xalqaro konferensiya
🗓 21-may | Soat 9:30 da boshlanadi
📍 Uztelecom ofisi, Mo'minov ko'chasi, 4/2
Uztelecom va Code IB ushbu xalqaro konferensiyaga IT va axborot xavfsizligi mutaxassislarini, shuningdek, biznes vakillarini taklif qiladi.
Dastur uchta tematik yo'nalishni o'z ichiga oladi:
🔐 Kiberxavfsizlik
🌐 Sun'iy intellekt
☁️ Bulutli texnologiyalar
📶 Nima uchun ishtirok etish kerak?
— Eng yaxshi amaliyotlar va real hayotdagi holatlar
— Bozor yetakchilari tajribasi
— Biznes barqarorligi va samaradorligi uchun texnologiyalar
— Professionallar bilan aloqalar
🔗 Oldindan ro'yxatdan o'tish bilan ishtirok etish bepul. Joylar cheklangan.
International Conference on Cybersecurity, AI, and Cloud Technologies in Tashkent
🗓 May 21 | Starts at 9:30 AM
📍 Uztelecom Office, 4/2 Muminov Street
Uztelecom and Code IB invite IT and information security specialists, as well as business representatives, to the international conference.
Program includes three thematic tracks:
🔐 Cybersecurity
🌐 Artificial Intelligence
☁️ Cloud Technologies
📶 Why attend?
— Real-world cases
— Experience of market leaders
— Technologies for business sustainability and efficiency
— Networking with professionals
🔗 Free participation with advance registration. Space is limited
@turansecurity | www.turansec.uz | info@turansec.uz
Uztelecom va Code IB ushbu xalqaro konferensiyaga IT va axborot xavfsizligi mutaxassislarini, shuningdek, biznes vakillarini taklif qiladi.
Dastur uchta tematik yo'nalishni o'z ichiga oladi:
— Eng yaxshi amaliyotlar va real hayotdagi holatlar
— Bozor yetakchilari tajribasi
— Biznes barqarorligi va samaradorligi uchun texnologiyalar
— Professionallar bilan aloqalar
International Conference on Cybersecurity, AI, and Cloud Technologies in Tashkent
Uztelecom and Code IB invite IT and information security specialists, as well as business representatives, to the international conference.
Program includes three thematic tracks:
— Real-world cases
— Experience of market leaders
— Technologies for business sustainability and efficiency
— Networking with professionals
@turansecurity | www.turansec.uz | info@turansec.uz
Please open Telegram to view this post
VIEW IN TELEGRAM
🤮4❤🔥3👍2🔥1🤔1