Please open Telegram to view this post
VIEW IN TELEGRAM
HackerOne
AWS Security Configuration Review and Best Practices | HackerOne
Learn the ins and outs of AWS security configuration testing and why community-driven PTaaS is the best method.
CVE-2025-0282, -0283: Two vulnerabilities in Ivanti Connect Secure, 7.0 - 9.0 rating 🔥
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/WMQwN
👉 Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
Stack-based buffer overflow caused potential RCE and privilege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/WMQwN
👉 Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
👍4
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable” by priyanshu shakya https://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448
👍8🔥5
🔥MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
✅https://github.com/robotshell/magicRecon
✅https://github.com/robotshell/magicRecon
👍5
⚡Google Dorks - Cloud Storage: site:http://s3.amazonaws.com "target[.]com" site:http://blob.core.windows.net "target[.]com" site:http://googleapis.com "target[.]com" site:http://drive.google.com "target[.]com"
👉Find buckets and sensitive data.
Combine:
site:http://s3.amazonaws.com | site:http://blob.core.windows.net | site:http://googleapis.com | site:http://drive.google.com "target[.]com"
Add something to narrow the results: "confidential” “privileged" “not for public release”
✅Credit- Mike Takahashi
👉Find buckets and sensitive data.
Combine:
site:http://s3.amazonaws.com | site:http://blob.core.windows.net | site:http://googleapis.com | site:http://drive.google.com "target[.]com"
Add something to narrow the results: "confidential” “privileged" “not for public release”
✅Credit- Mike Takahashi
🔥9👍7
Brut Security
⚡Ethical Hacking Study Guide - 2025 ✅Download -https://topmate.io/saumadip/1391531
Sorry to close the free download for everyone, many spammers are trying to spam by random name, email and phone number. I have to add 1 INR / 0.012$ to avoid spam on my mail. Sorry for the inconvenience!
🗿2
This media is not supported in your browser
VIEW IN TELEGRAM
⚡Find Hidden Endpoint:
☄️ https://raw.githubusercontent.com/sinaayeganeh/Find-Hidden-Endpoint/refs/heads/main/js.txt
Please open Telegram to view this post
VIEW IN TELEGRAM
🗿8❤6🔥3🐳1
⚡CVE-2024-50603: Aviatrix Controller Unauthenticated Command Injection
👉https://github.com/th3gokul/CVE-2024-50603/
✅Join Telegram- https://t.me/brutsecurity
👉https://github.com/th3gokul/CVE-2024-50603/
✅Join Telegram- https://t.me/brutsecurity
❤9