Sorry guys I wasn't able to upload in morning because I was traveling and still traveling😁

I'll upload in night 🌃

100,000$ Worth 😀
Penetration Testing MindMap🔥

Contains all type of aspects

#bugbounty #infosec #hacking

Download Link : https://raw.githubusercontent.com/am0nt31r0/Penetration-Testing-Mind-Map/master/pentest_methodology_and_tools.png

✨ Server Side Template Injection 🔥
by @PwnFunction

#bugbounty #Infosec

✨Recon Guide v1

This will teach you basically how you can Approach a Target

#bugbounty #infosec

Link :
https://infosecwriteups.com/recon-everything-48aafbb8987

Some Interested SSRF Bug Reports v1🌵

• Counter Strike :
http://buer.haus/2016/04/18/esea-server-side-request-forgery-and-querying-aws-meta-data/


• Pivot To Internal Network :
https://seanmelia.files.wordpress.com/2016/07/ssrf-to-pivot-internal-networks.pdf


• SSRF To LFI :
https://seanmelia.wordpress.com/2015/12/23/various-server-side-request-forgery-issues/


• OK Google,
Give Me All Your Internal DNS Information :
https://rcesecurity.com/2017/03/ok-google-give-me-all-your-internal-dns-information/

• Open Redirect into SSRF (Airbnb):
https://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat/


• SSRF Tip - Open Graph Protocol is a good case for Blind SSRF / Extract of Meta Data. My POC: SSRF in Twitter via a Tweet :) - $5,040 { IMG Below 👇 }

• SSRF To RCE:
http://kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html

🧵🔚

2 Voucher of Tryhackme From My Side

🔰 Google Dorks: An Advanced Hacking Tool by @Dheerajydv19

🔗 dheerajydv19.hacklido.com/d/76

- - - # Tags - - -
#EthicalHacking #websecurity #ctf #infosec #bugbountytips #bugbounty

💥 Bug Bounty tips 💥

Credit : @intigriti

#bugbounty #infosec #cybersecurity #hacking

As promised, posting the next lazy write-up, this is how I went from Git to RCE.
Bounty: $3500
#bug #bughunter #bugbounty #bounty
If you enjoy these and want to see more, I will be posting others soon again.

☃️Red Teaming CheatSheets☃️

➡️ Payloads
➡️ Buffer Overflow
➡️ Privilege Escalation

and much more...

#pentesting #activedirectory #bugbounty #hacking #infosec #cybersecurity

Link : https://github.com/0xJs/RedTeaming_CheatSheet

Curated By :
@thebinarybots & @0xJs

Do you guys allow me to upload a POST on :

" Tryhackme subscription purchase " at very cheaper than actual price of Tryhackme subscription.

In the poll I have seen lots of are beginners and intermediate in this group. They really need to practice on this platform

I'll tag the Tryhackme Subscription seller [ Verified by me ].

🔥☝🏻Content Discovery Tools

If not opening:
Download any SVG file opener or convertor from SVG file to png

#bugbounty #infosec #cybersecurity #hacking

XSS in @Harvard

Payload: lookhere’);}</script><img src=x onerror=alert(“XSS”)>

1)the keyword “lookhere” was used to detect all the place the input was reflected

2)The rest is responsible for balancing the payload

#infosec #bugbountytips #xss

Search for all leaked keys/secrets using one regex! 😮

regex: gist.github.com/h4x0r-dz/be69c…

#BugBounty #bugbountytip

Subdomain Enumeration Tools List

As I said
Those who wanted to purchase Tryhackme voucher at very cheap price 👇

💥 Can contact This seller @Infosec_lover

🏷️ Seller [ Verified By Me ] :
Price : Rs 146/- or 1.82$ for 1 month voucher.

You can also purchase 2 month or more according to the your need

It's for today only