Media is too big
VIEW IN TELEGRAM
Our bot telegram is FREE but limited access,
even you not used subscription, you still possible do scan by click the adds,
or if u not want to have limit access you can subscription.
for 1 month $10 or 7 days $3
for more detail, you can chat directly with @CMSAssistant_bot
even you not used subscription, you still possible do scan by click the adds,
or if u not want to have limit access you can subscription.
for 1 month $10 or 7 days $3
for more detail, you can chat directly with @CMSAssistant_bot
👍3
New update BOT for 2 modules:
1. SSRF (Server-side request forgery is a web security vulnerability that allows an attacker to cause the server-side application to make requests to an unintended location. In a typical SSRF attack, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure.)
- this module cover with blind ssrf
2. Open Redirect
this bug allows a user to control a redirect or forward to another URL. If the app does not validate untrusted user input, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker’s phishing site.
1. SSRF (Server-side request forgery is a web security vulnerability that allows an attacker to cause the server-side application to make requests to an unintended location. In a typical SSRF attack, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure.)
- this module cover with blind ssrf
2. Open Redirect
this bug allows a user to control a redirect or forward to another URL. If the app does not validate untrusted user input, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker’s phishing site.
❤3
Our bot now support for Brute forcing JWT Weak Signing Key
in these case, if attacker know the secret key will is able to create the valid JWT token then is possible to
escalated bug Insecure Direct Object Reference (IDOR) by manipulate the JWT payload.
as you can see, the sample JWT the payload are cracked also you can changed the role as admin
or you can manipulate the id.
in these case, if attacker know the secret key will is able to create the valid JWT token then is possible to
escalated bug Insecure Direct Object Reference (IDOR) by manipulate the JWT payload.
as you can see, the sample JWT the payload are cracked also you can changed the role as admin
or you can manipulate the id.
👍2
what most feature you used in bot?
Anonymous Poll
41%
sqli
1%
lfi
10%
xss
0%
ssrf
6%
laravel
0%
drupal
0%
magento
19%
wordpress
22%
scanall
We present you our new search engine service lynpawz
Lynpawz is an advanced cyber security search engine,it's dedicated to mapping the cyberspace
also able to scaning vulnerable especially web based with possibility CVE.
https://lynpwn.com
for more detail, you can chat directly with @CMSAssistant_bot
Lynpawz is an advanced cyber security search engine,it's dedicated to mapping the cyberspace
also able to scaning vulnerable especially web based with possibility CVE.
https://lynpwn.com
for more detail, you can chat directly with @CMSAssistant_bot
❤5
We want survey for payment method, what you're prefer ?
Anonymous Poll
39%
Crypto
18%
Paypal
18%
Credit Card
25%
Qris