Hey Hunter's,
DarkShadow is hare back again!
Well this is Not releted any POC or Method, This is a burp suite Ai extension which is really really awesome. So don't forget to try it 💀
https://github.com/six2dez/burp-ai-agent
#bugbountytip #tool
DarkShadow is hare back again!
Well this is Not releted any POC or Method, This is a burp suite Ai extension which is really really awesome. So don't forget to try it 💀
https://github.com/six2dez/burp-ai-agent
#bugbountytip #tool
❤19
Xnip2026-02-05_00-59-55.png
643.3 KB
Hey Hunter’s,
DarkShadow is here back again, dropping a SSFR bypass method.
if you ever test SSRF, and there any parameter passing url with a fixed endpoint then try like:
burpcollab.com/anything/endpoint/../../
#ssrf #bugbountytips
DarkShadow is here back again, dropping a SSFR bypass method.
if you ever test SSRF, and there any parameter passing url with a fixed endpoint then try like:
burpcollab.com/anything/endpoint/../../
#ssrf #bugbountytips
❤6🗿3
Media is too big
VIEW IN TELEGRAM
#AD
⭕️ WordPress Testing Tool + Auto Upload (2026)
• Extracts usernames using multiple methods
• Tests ~395 passwords per user with smart patterns
• Intelligent WP detection with multi-login support
• WAF-aware headers
• 100 concurrent threads for fast scanning
• Multi-language support
⚡️ Covers one site completely before moving to the next for maximum results.
🐶 DM: @Mm_fit
⚠️ Limited access for 3 users only
Channel: https://t.me/cve0day
#AD
⭕️ WordPress Testing Tool + Auto Upload (2026)
• Extracts usernames using multiple methods
• Tests ~395 passwords per user with smart patterns
• Intelligent WP detection with multi-login support
• WAF-aware headers
• 100 concurrent threads for fast scanning
• Multi-language support
⚡️ Covers one site completely before moving to the next for maximum results.
🐶 DM: @Mm_fit
⚠️ Limited access for 3 users only
Channel: https://t.me/cve0day
#AD
1🔥9❤4👏3
Hey Hunter's,
DarkShadow is here back again!
OpenCode RCE POC (CVE-2026-22182)
in this CVE the interesting part is, you can execute arbitrary command on the Ai agent but not using any traditional prompting just pure command injection in json💀
So guy's if you really enjoy to read POCs then show your love in react ❤️
#bugbountytips #rce #cve
DarkShadow is here back again!
OpenCode RCE POC (CVE-2026-22182)
in this CVE the interesting part is, you can execute arbitrary command on the Ai agent but not using any traditional prompting just pure command injection in json💀
So guy's if you really enjoy to read POCs then show your love in react ❤️
#bugbountytips #rce #cve
❤11🔥8
This media is not supported in your browser
VIEW IN TELEGRAM
Hey Hunter’s,
DarkShadow is here back again!
Laravel-livewire RCE (CVE-2025-54068) - Video POC
Here is the Exploit Github repo: https://github.com/synacktiv/Livepyre
~credit synacktiv
#bugbountytips #rce
DarkShadow is here back again!
Laravel-livewire RCE (CVE-2025-54068) - Video POC
Here is the Exploit Github repo: https://github.com/synacktiv/Livepyre
~credit synacktiv
#bugbountytips #rce
🔥15❤2
🚨 CVE-2026-24770: RAGFlow RCE (Zip Slip) Weaponized PoC
Critical unauthenticated RCE in RAGFlow’s MinerUParser—attackers can execute arbitrary commands. 3,000+ instances are currently exposed.
🔍 Identify Targets via ZoomEye:
Filter: vul.cve="CVE-2026-24770"
Dork: app="RAGFlow" 👉 ZoomEye Search Link https://www.zoomeye.ai/searchResult?q=dnVsLmN2ZT0iQ1ZFLTIwMjYtMjQ3NzAi&utm_source=twitter&utm_medium=social&utm_campaign=cve_ops_20260209
Critical unauthenticated RCE in RAGFlow’s MinerUParser—attackers can execute arbitrary commands. 3,000+ instances are currently exposed.
🔍 Identify Targets via ZoomEye:
Filter: vul.cve="CVE-2026-24770"
Dork: app="RAGFlow" 👉 ZoomEye Search Link https://www.zoomeye.ai/searchResult?q=dnVsLmN2ZT0iQ1ZFLTIwMjYtMjQ3NzAi&utm_source=twitter&utm_medium=social&utm_campaign=cve_ops_20260209
❤4👍1
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1
Brut Security pinned «👀 Please don’t forget to react to the post and share it. Your reactions motivate us to post more content like this. You can also tap the ⭐️ to show your support. Thanks!»
This media is not supported in your browser
VIEW IN TELEGRAM
🛡️ CVE | Cyber Vulnerabilities Exchange
A professional channel focused on verified CVEs, critical vulnerabilities, exploit research, and technical security analysis.
What you’ll get:
• Newly disclosed vulnerabilities
• Exploit research and PoCs
• Technical breakdowns and mitigation insights
• Offensive and defensive security discussions
• Practical input for pentesters and security professionals
Clear, technical, and research-driven. No noise, no exaggeration.
⚠️ Shared for educational and security awareness purposes only.
Channel: https://t.me/cve0day
A professional channel focused on verified CVEs, critical vulnerabilities, exploit research, and technical security analysis.
What you’ll get:
• Newly disclosed vulnerabilities
• Exploit research and PoCs
• Technical breakdowns and mitigation insights
• Offensive and defensive security discussions
• Practical input for pentesters and security professionals
Clear, technical, and research-driven. No noise, no exaggeration.
⚠️ Shared for educational and security awareness purposes only.
Channel: https://t.me/cve0day
❤10
Please open Telegram to view this post
VIEW IN TELEGRAM
❤13
Brut Security pinned «👉 👉 👉 👉 Please don’t forget to react to the post and share it. Your reactions motivate us to post more content like this. You can also tap the ⭐️ to show your support. Thanks!😋 😋 😋 »