This media is not supported in your browser
VIEW IN TELEGRAM
Found this on twitter. The POC is very informative. What you think?
π₯11π2π€―2
Surprisingly Havij - SQL injection tool helped me to achieve a error based sqli on ferrari π³
π³4
Simple but effective method to narrow down your scope, sometimes it helps to think simple.
waybackurls --dates domain(.)com | grep '?id='
Payload : if(now()=sysdate(),SLEEP(8),0)
By:@ynsmroztas
#bugbountytips #bugbounty
waybackurls --dates domain(.)com | grep '?id='
Payload : if(now()=sysdate(),SLEEP(8),0)
By:@ynsmroztas
#bugbountytips #bugbounty
π₯6π1
Brut Security
π¨CVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server πIt allows remote attackers to execute arbitrary code on affected servers without authentication, potentially leading to data breaches, ransomware attacks, and complete system compromise.β¦
Media is too big
VIEW IN TELEGRAM
Rejetto HTTP File Server - Template injection
π₯5
π¨CVE-2024-29849~29852: Veeamβs Backup Nightmare, Full System Access Exposed
β Veeam Backup Enterprise Manager has been issued 4 critical vulnerabilities, allowing unauthorized access, account takeover, and data exposure.
π₯PoC: https://github.com/sinsinology/CVE-2024-29849
π₯Dorks:
Hunter:/product.name="Veeam Backup Enterprise Manager"
FOFA:app="Veeam-Backup-Enterprise-Manager"
SHODAN:http.title:"Veeam Backup Enterprise Manager"
#Veeam #backup #infosec #infosecurity #Infosys #Vulnerability #bugbounty #bugbountytips
β Veeam Backup Enterprise Manager has been issued 4 critical vulnerabilities, allowing unauthorized access, account takeover, and data exposure.
π₯PoC: https://github.com/sinsinology/CVE-2024-29849
π₯Dorks:
Hunter:/product.name="Veeam Backup Enterprise Manager"
FOFA:app="Veeam-Backup-Enterprise-Manager"
SHODAN:http.title:"Veeam Backup Enterprise Manager"
#Veeam #backup #infosec #infosecurity #Infosys #Vulnerability #bugbounty #bugbountytips
π€―3
ππ΅οΈββοΈOminis: OSINT: Web Hunter ππ΅οΈββοΈ
πIt gathers online information by querying Google with a user-inputted query. The tool then extracts relevant details like titles, URLs, and mentions of the query from the search results.
Targetable and Actionable Results π―
1. Identifying Potential Threats π¨
2. Monitoring Competitors π΅οΈββοΈ
3. Gathering Human Intelligence π₯
4. Detecting Brand Mentions π£
5. Investigating Individuals π
6. Uncovering Financial Insights π°
7. Mapping Digital Footprints πΊοΈ
8. Tracking Online Campaigns π
9. Monitoring Regulatory Compliance π
10. Forecasting Emerging Risks π
11. Google Search Filtering π
πDownload: https://github.com/AnonCatalyst/Ominis-OSINT
πIt gathers online information by querying Google with a user-inputted query. The tool then extracts relevant details like titles, URLs, and mentions of the query from the search results.
Targetable and Actionable Results π―
1. Identifying Potential Threats π¨
2. Monitoring Competitors π΅οΈββοΈ
3. Gathering Human Intelligence π₯
4. Detecting Brand Mentions π£
5. Investigating Individuals π
6. Uncovering Financial Insights π°
7. Mapping Digital Footprints πΊοΈ
8. Tracking Online Campaigns π
9. Monitoring Regulatory Compliance π
10. Forecasting Emerging Risks π
11. Google Search Filtering π
πDownload: https://github.com/AnonCatalyst/Ominis-OSINT
π6
For Tryhackme and Hackthebox Vip+ Vouchers DM me.
Available For India Only. Dm @wtf_yodhha
Available For India Only. Dm @wtf_yodhha
This media is not supported in your browser
VIEW IN TELEGRAM
Keyfinder π± is a tool that let you find keys while surfing the web!
π https://github.com/momenbasel/keyFinder
#bugbountytips #bugbounty
#bugbountytips #bugbounty
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯2β€1
Please open Telegram to view this post
VIEW IN TELEGRAM
π5
Please open Telegram to view this post
VIEW IN TELEGRAM
π1
π¨cloud_enumπ¨
πMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
πhttps://github.com/initstring/cloud_enum
#bugbounty #bugbountytips
πMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
πhttps://github.com/initstring/cloud_enum
#bugbounty #bugbountytips
GitHub
GitHub - initstring/cloud_enum: Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. - initstring/cloud_enum
π2
This media is not supported in your browser
VIEW IN TELEGRAM
Hey everyoneπ£ ,
β οΈ Can you believe it's already June? We've covered six months, but have we really dived into cybersecurity or web penetration testing yet? Have any of us snagged our first bug bounty or made it into a Hall of Fame?
π Let's use the next six months to change that. Dedicate yourself fully to learning and practicing. Imagine where you could be by the end of the yearβskilled, confident, and maybe even recognized in the cybersecurity world.
π₯ Letβs go all in and fight for our freedom through knowledge and skills. Whoβs ready to take on this challenge?
Cheers,
The Brut Security TeamβοΈ
Cheers,
The Brut Security Team
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯10π1π―1πΏ1