✨Recon Guide v1
This will teach you basically how you can Approach a Target
#bugbounty #infosec
Link :
https://infosecwriteups.com/recon-everything-48aafbb8987
This will teach you basically how you can Approach a Target
#bugbounty #infosec
Link :
https://infosecwriteups.com/recon-everything-48aafbb8987
🔥8👍4🤩3👏1
This Cheatsheet provides various tips for using Netcat for both Linux and Unix 🔥🌿🌿🌱☘️🌼🍀
All Syntex is designed for the original netcat
Here is Netcat 🌿Cheatsheet 🔥
All Syntex is designed for the original netcat
Here is Netcat 🌿Cheatsheet 🔥
❤🔥4🔥1👏1😱1🤩1
Some Interested SSRF Bug Reports v1🌵
• Counter Strike :
http://buer.haus/2016/04/18/esea-server-side-request-forgery-and-querying-aws-meta-data/
• Pivot To Internal Network :
https://seanmelia.files.wordpress.com/2016/07/ssrf-to-pivot-internal-networks.pdf
• SSRF To LFI :
https://seanmelia.wordpress.com/2015/12/23/various-server-side-request-forgery-issues/
• OK Google,
Give Me All Your Internal DNS Information :
https://rcesecurity.com/2017/03/ok-google-give-me-all-your-internal-dns-information/
• Open Redirect into SSRF (Airbnb):
https://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat/
• SSRF Tip - Open Graph Protocol is a good case for Blind SSRF / Extract of Meta Data. My POC: SSRF in Twitter via a Tweet :) - $5,040 { IMG Below 👇 }
• SSRF To RCE:
http://kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html
🧵🔚
• Counter Strike :
http://buer.haus/2016/04/18/esea-server-side-request-forgery-and-querying-aws-meta-data/
• Pivot To Internal Network :
https://seanmelia.files.wordpress.com/2016/07/ssrf-to-pivot-internal-networks.pdf
• SSRF To LFI :
https://seanmelia.wordpress.com/2015/12/23/various-server-side-request-forgery-issues/
• OK Google,
Give Me All Your Internal DNS Information :
https://rcesecurity.com/2017/03/ok-google-give-me-all-your-internal-dns-information/
• Open Redirect into SSRF (Airbnb):
https://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat/
• SSRF Tip - Open Graph Protocol is a good case for Blind SSRF / Extract of Meta Data. My POC: SSRF in Twitter via a Tweet :) - $5,040 { IMG Below 👇 }
• SSRF To RCE:
http://kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html
🧵🔚
👏3🤩2😱1
🔰 Google Dorks: An Advanced Hacking Tool by @Dheerajydv19
🔗 dheerajydv19.hacklido.com/d/76
- - - # Tags - - -
#EthicalHacking #websecurity #ctf #infosec #bugbountytips #bugbounty
🔗 dheerajydv19.hacklido.com/d/76
- - - # Tags - - -
#EthicalHacking #websecurity #ctf #infosec #bugbountytips #bugbounty
❤4🔥1🤩1
As promised, posting the next lazy write-up, this is how I went from Git to RCE.
Bounty: $3500
#bug #bughunter #bugbounty #bounty
If you enjoy these and want to see more, I will be posting others soon again.
Bounty: $3500
#bug #bughunter #bugbounty #bounty
If you enjoy these and want to see more, I will be posting others soon again.
❤16👏8😱1
☃️Red Teaming CheatSheets☃️
➡️ Payloads
➡️ Buffer Overflow
➡️ Privilege Escalation
and much more...
#pentesting #activedirectory #bugbounty #hacking #infosec #cybersecurity
Link : https://github.com/0xJs/RedTeaming_CheatSheet
Curated By :
@thebinarybots & @0xJs
➡️ Payloads
➡️ Buffer Overflow
➡️ Privilege Escalation
and much more...
#pentesting #activedirectory #bugbounty #hacking #infosec #cybersecurity
Link : https://github.com/0xJs/RedTeaming_CheatSheet
Curated By :
@thebinarybots & @0xJs
👏7🔥1
Do you guys allow me to upload a POST on :
" Tryhackme subscription purchase " at very cheaper than actual price of Tryhackme subscription.
In the poll I have seen lots of are beginners and intermediate in this group. They really need to practice on this platform
I'll tag the Tryhackme Subscription seller [ Verified by me ].
" Tryhackme subscription purchase " at very cheaper than actual price of Tryhackme subscription.
In the poll I have seen lots of are beginners and intermediate in this group. They really need to practice on this platform
I'll tag the Tryhackme Subscription seller [ Verified by me ].
❤10👍4😁1
Content Discovery.svg
1.9 MB
🔥☝🏻Content Discovery Tools
If not opening:
Download any SVG file opener or convertor from SVG file to png
#bugbounty #infosec #cybersecurity #hacking
If not opening:
Download any SVG file opener or convertor from SVG file to png
#bugbounty #infosec #cybersecurity #hacking
👍3😍1
XSS in @Harvard
Payload: lookhere’);}</script><img src=x onerror=alert(“XSS”)>
1)the keyword “lookhere” was used to detect all the place the input was reflected
2)The rest is responsible for balancing the payload
#infosec #bugbountytips #xss
Payload: lookhere’);}</script><img src=x onerror=alert(“XSS”)>
1)the keyword “lookhere” was used to detect all the place the input was reflected
2)The rest is responsible for balancing the payload
#infosec #bugbountytips #xss
👍13🔥6❤4
Search for all leaked keys/secrets using one regex! 😮
regex: gist.github.com/h4x0r-dz/be69c…
#BugBounty #bugbountytip
regex: gist.github.com/h4x0r-dz/be69c…
#BugBounty #bugbountytip
😱8👍4❤1
As I said
Those who wanted to purchase Tryhackme voucher at very cheap price 👇
💥 Can contact This seller @Infosec_lover
🏷️ Seller [ Verified By Me ] :
Price : Rs 146/- or 1.82$ for 1 month voucher.
You can also purchase 2 month or more according to the your need
It's for today only
Those who wanted to purchase Tryhackme voucher at very cheap price 👇
💥 Can contact This seller @Infosec_lover
🏷️ Seller [ Verified By Me ] :
Price : Rs 146/- or 1.82$ for 1 month voucher.
You can also purchase 2 month or more according to the your need
It's for today only
👍7❤3👏1