๐ Admissions Open | Upcoming Cybersecurity Batches
Enrollment is now open for our upcoming batches:
โข Web Penetration Testing
โข Bug Bounty Hunting
โข Ethical Hacking
โข VAPT (Vulnerability Assessment & Penetration Testing)
What you'll get:
โ Live practical sessions
โ Real-world labs
โ Industry methodology
โ Mentor support
โ Certificate on completion
๐ Student Discount Available (Limited Time)
๐ฉ DM to enroll or visit: http://wa.link/brutsecurity
Enrollment is now open for our upcoming batches:
โข Web Penetration Testing
โข Bug Bounty Hunting
โข Ethical Hacking
โข VAPT (Vulnerability Assessment & Penetration Testing)
What you'll get:
โ Live practical sessions
โ Real-world labs
โ Industry methodology
โ Mentor support
โ Certificate on completion
๐ Student Discount Available (Limited Time)
๐ฉ DM to enroll or visit: http://wa.link/brutsecurity
โค2๐ฅ1
๐ฅ KeyHunter: A fast Rust tool for finding leaked API keys across public GitHub repos.
It supports 45+ providers and can verify which exposed secrets are still active.
GitHub: https://github.com/fadidevv/keyhunter
It supports 45+ providers and can verify which exposed secrets are still active.
GitHub: https://github.com/fadidevv/keyhunter
๐2โค1
dnsx is a fast and multi-purpose DNS toolkit designed for running various probes through the retryabledns library. It supports multiple DNS queries, user supplied resolvers, DNS wildcard filtering like shuffledns etc.
Resource: https://github.com/projectdiscovery/dnsx
Resource: https://github.com/projectdiscovery/dnsx
โค6๐3
10 Free Coupons for New Subscribers - https://topmate.io/saumadip/2187710?coupon_code=BRUT
topmate.io
Bug Bounty Guide 2026 with Saumadip Mandal
Master modern bug bounty hunting with 86 pages, 25 chapter
โค3๐ฅ3๐1๐1
A full-chain exploit dubbed โIonStackโ demonstrates how a single malicious URL click can hand attackers complete control over an Android device
Credit/Source: https://cybersecuritynews.com/android-17-root-1-click
Credit/Source: https://cybersecuritynews.com/android-17-root-1-click
๐4โค2
This media is not supported in your browser
VIEW IN TELEGRAM
๐13โค4๐ซก1
This media is not supported in your browser
VIEW IN TELEGRAM
PenTesting Agent : is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.
red team ops, Automated recon & exploitation, smart task trees, multi-agent collab, and seamless tool chaining like Nmap, Metasploit, SQLMap, Amass etc
https://github.com/GH05TCREW/pentestagent
red team ops, Automated recon & exploitation, smart task trees, multi-agent collab, and seamless tool chaining like Nmap, Metasploit, SQLMap, Amass etc
https://github.com/GH05TCREW/pentestagent
๐ฅ7โค2
This media is not supported in your browser
VIEW IN TELEGRAM
๐งGhostLock (CVE-2026-43499): a 15-year-old Linux kernel vulnerability that affects every distribution. Desktop, server, Android, IoT, embedded. $92,337 Google kernelCTF bounty.
https://github.com/NebuSec/CyberMeowfia/tree/main/IonStack/CVE-2026-43499
A stack-UAF in the rtmutex subsystem. remove_waiter() uses current instead of waiter::task during proxy-lock rollback in futex_requeue(), leaving a dangling pointer to freed kernel stack memory. No special kernel modules needed, only CONFIG_FUTEX_PI which is enabled on every distro.
Nebula Security (NebuSec) turned it into a 97% stable privilege escalation and container escape. The exploit chains a dangling pointer into an arbitrary address write, hijacks a function table for control flow, and achieves root in about 5 seconds. Found by VEGA, their AI vulnerability scanner.
Part of IonStack, the first browser-to-kernel full-chain RCE on Android 17: CVE-2026-10702 (Firefox IonMonkey JIT 0-day, near 100% success rate) chained with GhostLock for kernel LPE.
Present since Linux 2.6.39 (2011). Fixed in Linux 7.1. Full exploit code published on GitHub.
Exploit:
https://github.com/NebuSec/CyberMeowfia/tree/main/IonStack/CVE-2026-43499
โค2๐1๐ฟ1
10 Free Coupons for Bug Bounty Guide https://topmate.io/saumadip/2187710?coupon_code=joomla
10 Free Coupons for Bug Bounty Masterclass https://topmate.io/saumadip/2009859?coupon_code=joomla
10 Free Coupons for Bug Bounty Masterclass https://topmate.io/saumadip/2009859?coupon_code=joomla
topmate.io
Bug Bounty Guide 2026 with Saumadip Mandal
Master modern bug bounty hunting with 86 pages, 25 chapter
๐ข4โค1๐1
This media is not supported in your browser
VIEW IN TELEGRAM
The feeling of relief ๐ฎโ๐จ
โค2๐ณ2๐1
This media is not supported in your browser
VIEW IN TELEGRAM
๐ฅFeroxbuster: A fast recursive content discovery tool written in Rust.
Built for finding hidden files, directories, and endpoints using wordlists, with support for recursion, filters, extensions, headers, proxies, and more.
GitHub: https://github.com/epi052/feroxbuster
Built for finding hidden files, directories, and endpoints using wordlists, with support for recursion, filters, extensions, headers, proxies, and more.
GitHub: https://github.com/epi052/feroxbuster
โค5๐3
Bug Bounty Guide 2026 is now available at 1$
and
5 Free Coupon https://topmate.io/saumadip/2187710?coupon_code=awxea
and
5 Free Coupon https://topmate.io/saumadip/2187710?coupon_code=awxea
topmate.io
Bug Bounty Guide 2026 with Saumadip Mandal
Master modern bug bounty hunting with 86 pages, 25 chapter
โค2๐1
Brut Security pinned ยซBug Bounty Guide 2026 is now available at 1$ and 5 Free Coupon https://topmate.io/saumadip/2187710?coupon_code=awxeaยป
redacted_demo.svg
376.4 KB
This tool demonstrates a privacy issue in Zomato's contact recommendation feature. By syncing a target phone number, the following data can be retrieved without the target's explicit consent (provided they have "Recommend to friends" enabled):
Please open Telegram to view this post
VIEW IN TELEGRAM
โค3
Forwarded from Brut Security 2.0
Cybersecurity Tools Collection (Pentesting โข Recon โข Web Security โข Network Analysis) ๐
Download Link : https://drive.google.com/drive/u/0/mobile/folders/1lGnd9YAzE5-Nes8NAsDDMpd-Aq3GES3p
Download Link : https://drive.google.com/drive/u/0/mobile/folders/1lGnd9YAzE5-Nes8NAsDDMpd-Aq3GES3p
โค2๐2