Brut Security
15.9K subscribers
1.06K photos
92 videos
300 files
1.14K links
DM: @wtf_brut
🛃WhatsApp: https://wa.link/brutsecurity
🈴Training: https://brutsecurity.com
📨Mail: info@brutsec.com
Download Telegram
This media is not supported in your browser
VIEW IN TELEGRAM
The feeling of relief 😮‍💨
2🐳2😁1
This media is not supported in your browser
VIEW IN TELEGRAM
💥Feroxbuster: A fast recursive content discovery tool written in Rust.

Built for finding hidden files, directories, and endpoints using wordlists, with support for recursion, filters, extensions, headers, proxies, and more.

GitHub: https://github.com/epi052/feroxbuster
5👍3
Brut Security pinned «Bug Bounty Guide 2026 is now available at 1$ and 5 Free Coupon https://topmate.io/saumadip/2187710?coupon_code=awxea»
5
redacted_demo.svg
376.4 KB
🚨Zomato Contact Recommendation Data Exposure (PoC)

This tool demonstrates a privacy issue in Zomato's contact recommendation feature. By syncing a target phone number, the following data can be retrieved without the target's explicit consent (provided they have "Recommend to friends" enabled):

😮https://github.com/jatin-dot-py/zomato-intelligence
Please open Telegram to view this post
VIEW IN TELEGRAM
3
Forwarded from Brut Security 2.0
Cybersecurity Tools Collection (Pentesting • Recon • Web Security • Network Analysis) 💀

Download Link : https://drive.google.com/drive/u/0/mobile/folders/1lGnd9YAzE5-Nes8NAsDDMpd-Aq3GES3p
2👍2
Media is too big
VIEW IN TELEGRAM
‼️ CVE-2025-26529: Moodle XSS to RCE Exploit

GitHub: https://github.com/Astroo18/PoC-CVE-2025-26529
2👍1
Media is too big
VIEW IN TELEGRAM
Hey Hunter's,
DarkShadow is here back again!

(Sorry for the long delay, I was really too busy with my projects)

you can find vulnerabilities in chrome extensions!


All of your Chrome extensions are downloaded to your local storage. You can analyze them to find various vulnerabilities, and sometimes they contain sensitive API keys and tokens.


even you can use this dork to find you target company extensions:

site:chromewebstore.google.com "nasa.gov"

replace the nasa.gov to your target domain.


so guy's if you really love to read my methods follow me x.com/darkshadow2bd

#bugbountytips
4🔥2👍1