Forwarded from Brut Security (DarkShadow ShellSec)
Hey Hunter's,
DarkShadow here back again, just dropping a simple dork that find every VDP in worl wide 😎
#bugbountytips #infosec #dork
DarkShadow here back again, just dropping a simple dork that find every VDP in worl wide 😎
(body="/responsible-disclosure" || body="/.well-known/security.txt") && port="443"
#bugbountytips #infosec #dork
🔥9❤3🤯1
Forwarded from Brut Security
#BrutDroid #AndroidHacking #BugBounty #Frida #BurpSuite #Pentesting #AutomationTools #BrutSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
YouTube
Android SSL Pinning Bypass | Magisk, Frida & Burp Suite Configuration for Android Studio | BrutDroid
🚀 BrutDroid v1.0.0 is here — your all-in-one Android emulator pentesting toolkit for pentesters, red teamers & bug bounty hunters!
⚡ Automate Frida server setup, root Android emulators with Magisk + rootAVD, install Burp certs system-wide, and bypass SSL…
⚡ Automate Frida server setup, root Android emulators with Magisk + rootAVD, install Burp certs system-wide, and bypass SSL…
❤15👍2🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
✅Hackerone target HTML injection in search 🔍
Full credit & POC shared by 👉🏼 @d3rk_xc
#fans_sharePOC #bugbountytips
Full credit & POC shared by 👉🏼 @d3rk_xc
#fans_sharePOC #bugbountytips
👍18❤7🔥4👌4👏1
Please open Telegram to view this post
VIEW IN TELEGRAM
❤8🔥3
New Bug Bounty Platform for 2025 - https://hckrt.com/Invite?referral=yodhha
❤23🔥2
BB Program-
https://recur-club.webflow.io/bug-bounty-programrecur-club.webflow.io
Bug Bounty Program
Recur Club enables you to invest in recurring revenue streams of trusted companies as a tradable asset class.
❤11🔥1
Forwarded from Brut Security
🚨CVE-2025-5777 (CitrixBleed 2) - Critical memory leak vulnerability affecting Citrix NetScaler ADC and Gateway devices
🎯Severity: CRITICAL ⚠️
✅PoC: https://github.com/win3zz/CVE-2025-5777
🎯Severity: CRITICAL ⚠️
✅PoC: https://github.com/win3zz/CVE-2025-5777
❤6🔥4
Forwarded from Brut Security
🚨Multi-target unauthenticated RCE scanner for CVE-2025-34085 affecting WordPress Simple File List plugin. Uploads, renames, and triggers PHP webshells across large target sets.
✅https://github.com/ill-deed/CVE-2025-34085-Multi-target
✅https://github.com/ill-deed/CVE-2025-34085-Multi-target
❤11🔥3
Forwarded from Brut Security
⚡BrutDroid 2.0 is a powerful, Windows-optimized toolkit designed specifically for Android Studio, streamlining the setup of a mobile penetration testing lab. Built to make Android pentesting effortless, it automates emulator creation, rooting, Frida server setup, and Burp Suite certificate installation. With a vibrant new UI and support for custom Frida scripts, BrutDroid empowers security researchers to focus on testing, not setup. Linux support is coming soon!
✅https://github.com/Brut-Security/BrutDroid
⭐Don't forget to leave a star :)
✅https://github.com/Brut-Security/BrutDroid
⭐Don't forget to leave a star :)
❤20⚡5👍2🗿1
Asset inventory of over 800 public bug bounty programs.
https://github.com/trickest/inventory
❤11🙏3
BB Target-
https://www.nooks.ai/responsible-disclosure-processwww.nooks.ai
Responsible Disclosure Process
❤4
Forwarded from Brut Security
🚨CVE-2025-0133 : Payload + Template
Payload:
Write-up: https://codewithvamp.medium.com/cve-2025-0133-reflected-xss-vulnerability-in-palo-alto-globalprotect-gateway-portal-028128f2f5b9
Template: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0133.yaml
Payload:
%3Csvg%20xmlns%3D%22http%3A%2F%http://2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Cscript%3Eprompt%28%22XSS%22%29%3C%2Fscript%3E%3C%2Fsvg%3EWrite-up: https://codewithvamp.medium.com/cve-2025-0133-reflected-xss-vulnerability-in-palo-alto-globalprotect-gateway-portal-028128f2f5b9
Template: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0133.yaml
❤12👍2👏1