Brut Security 2.0
4.51K subscribers
115 photos
42 videos
8 files
142 links
Bringing you Bug Bounty Video POCs from top hunters around the globe!
Download Telegram
These two are my own findings from 2024
👍11👏2
I'll upload more if I get 30 reaction
57🔥4
This media is not supported in your browser
VIEW IN TELEGRAM
Grammarly Account Takeover Via SAML Misconfiguration (Requires User Interaction) [Triaged as high] & still unfixed
🔥27🤯6👍2
This media is not supported in your browser
VIEW IN TELEGRAM
RCE via Image File Upload Bug Bounty PoC
🔥468👍7
This media is not supported in your browser
VIEW IN TELEGRAM
Cross Site Scripting (XSS) Through File Upload SVG
🔥266👍2
This media is not supported in your browser
VIEW IN TELEGRAM
User information Leak Vulnerability in GitHub P1 Bug Bounty live __ POC
🔥34🗿5👌4🤯3
This media is not supported in your browser
VIEW IN TELEGRAM
Bypassing File Upload Restrictions on Xiaomi Using .extensions./%00.png Method _BUG BOUNTY POC_
🔥36👍5🗿31
Media is too big
VIEW IN TELEGRAM
Schlix CMS 2.2.7-2 Arbitrary File Upload - POC
🔥22👍2🐳2
This media is not supported in your browser
VIEW IN TELEGRAM
Lenovo XSS via Unrestricted File Upload PoC
🔥55👌5👍43
⭐️⭐️NEW BUG BOUNTY PLATFORM https://www.hackprove.com/
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥75🤔207👏6👍4🗿4🤯2
dON'T fORGET tO gIVE rEACTIONS
40👍4🔥4
This media is not supported in your browser
VIEW IN TELEGRAM
👻CVE-2025-24071: Windows Explorer initiates an SMB authentication request upon extracting a .library-ms file from a .rar archive, exposing NTLM hashes. Extraction alone triggers the vulnerability.

⭐️POC: https://github.com/0x6rss/CVE-2025-24071_PoC
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥23👍63🤯1👌1
Forwarded from Brut Security
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥123
Please open Telegram to view this post
VIEW IN TELEGRAM
11🔥3👍2🐳2
▶️New bug bounty target! Check out https://investaxes.com/.well-known/security.txt for details on their vulnerability disclosure program. Happy hunting! 👑
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥1911👌1
dON'T fORGET tO gIVE rEACTIONS
🔥18🤯21🤔1
⚡️Browse and search bug bounty programs from various platforms.
☄️https://menaxa.xyz/programs
❗️For Queries @brutsecurity_bot
Please open Telegram to view this post
VIEW IN TELEGRAM
8🔥1
Please open Telegram to view this post
VIEW IN TELEGRAM
👍52🔥1
Forwarded from Brut Security (DarkShadow ShellSec)
Hey Hunter's,
DarkShadow here back again, just dropping a simple dork that find every VDP in worl wide 😎

(body="/responsible-disclosure" || body="/.well-known/security.txt") && port="443"



#bugbountytips #infosec #dork
🔥93🤯1
Forwarded from Brut Security
🚨Introducing BrutDroid – The Ultimate Android Emulator Automation Toolkit🚨

Root, Bypass, Intercept — all in just a few clicks.
Powered by Frida, Magisk & Burp. Designed for Hackers.
💥Automate your mobile testing workflow.
💥Clean UI, real power, zero hassle.

▶️See BrutDroid in Action: https://youtu.be/8iYf5lJOmXo
➡️GitHub: https://github.com/Brut-Security/BrutDroid/

#BrutDroid #AndroidHacking #BugBounty #Frida #BurpSuite #Pentesting #AutomationTools #BrutSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
15👍2🔥1