Pentester – Telegram

Pentester

2.94K subscribers

120 photos

3 videos

163 files

2.77K links

- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security

Download Telegram

About

Blog

Apps

Platform

2.94K subscribers

https://medium.com/@bilalmerokhel/recon-to-network-takeover-688309b17721

Recon To Network Takeover

96 views09:01

Hacking-Security-Ebooks : Top 100 Hacking & Security E-Books (Free Download) : https://t.co/HeTqAK6Eyk

yeahhub/Hacking-Security-Ebooks

Top 100 Hacking & Security E-Books (Free Download) - Powered by Yeahhub.com - yeahhub/Hacking-Security-Ebooks

121 views05:46

https://frida.re/news/2019/09/18/frida-12-7-released/

Frida • A world-class dynamic instrumentation toolkit

Frida 12.7 Released

Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX

137 views12:01

https://anee.me/droidcon-sec-t-ctf-2019-d796be91bb3f

DroidCon, SEC-T CTF 2019

The ‘Night City’ blackmarket is powered by ‘Droidcoin’. An anonymous crypto-currency. The rogue androids seem to have hacked the ‘Nighty…

169 views14:31

https://m.youtube.com/watch?feature=youtu.be&v=6p5Qviusskk

Reversing CrackMe with Ghidra (Part 1)

Reverse Engineer CrackMe0x00.exe with me using Ghidra! Fix .text functions names in Ghidra: https://youtu.be/WENXr6iDu8A Download CrackMe0x00 at: https://git...

154 views09:35

https://github.com/secrary/Andromeda

GitHub - secrary/Andromeda: Andromeda - Interactive Reverse Engineering Tool for Android Applications

Andromeda - Interactive Reverse Engineering Tool for Android Applications - secrary/Andromeda

126 views10:25

Better API Penetration Testing with Postman:-

Part 1:-
https://t.co/Xeb5rT0pYW

Part 2:-
https://t.co/IXKVcK8HjY

Part 3:-
https://t.co/uUsDxNlsFi

Part 4:-
https://t.co/O0zlGzEF9v

115 views18:15

https://medium.com/@ryanwendel/https-medium-com-ryan-wendel-burp-suite-tips-volume-1-3a37f49f8931

Burp Suite Tips — Volume 1

Compilation of basic Burp Suite tips to utilize when assessing the security posture of web applications.

109 views19:56

More C# utility. WMI utility allow you to run WMI query directly in C#. Can be used with execute-assembly.

https://t.co/dU4XzZxGTS

Mr-Un1k0d3r/RedTeamCSharpScripts

C# Script used for Red Team. Contribute to Mr-Un1k0d3r/RedTeamCSharpScripts development by creating an account on GitHub.

103 views06:03

https://www.bleepingcomputer.com/news/security/vbulletin-zero-day-exploited-for-years-gets-unofficial-patch/

BleepingComputer

vBulletin Zero-Day Exploited for Years, Gets Unofficial Patch

A zero-day exploit for the vBulletin forum platform was publicly disclosed and quickly used to attack affected versions of the forum software. It turns out, though, that this exploit has been known, utilized, and sold by researchers and attackers for years.

98 views12:36

https://github.com/Team-Firebugs/Burp-LFI-tests

GitHub - Team-Firebugs/Burp-LFI-tests: Fuzzing for LFI using Burpsuite

Fuzzing for LFI using Burpsuite. Contribute to Team-Firebugs/Burp-LFI-tests development by creating an account on GitHub.

96 views04:05

http://verneet.com/fuzzing-77-till-p1/

Fuzzing {{7*7}} Till {{P1}} | {err0rr}

In this methodology I've specified a way to exploit SSTI where traditional methods of exploitation failed.

93 views04:06

SSRF(Server Side Request Forgery) writeups:-

https://t.co/RQrtL8ls2L
https://t.co/mbK0sW69m8
https://t.co/XAhD0T5DEe
https://t.co/HucqY77XyQ
https://t.co/jCWXUIuAHi
https://t.co/458Z62gsOb
https://t.co/guRJy9rKwD
https://t.co/D0BsTYiupz https://t.co/7pUpI4aozV

SSRF(Server Side Request Forgery)

Server Side Request Forgery (SSRF) is a type of attack that can be carried out to compromise a server. The exploitation of an SSRF…

101 views04:07

https://vavkamil.cz/2019/09/15/how-to-bypass-android-certificate-pinning-and-intercept-ssl-traffic/

Kamil Vavra @vavkamil

How to bypass Android certificate pinning and intercept SSL traffic

Offensive website security Bug bounty Ethical hacking

111 views04:08

https://github.com/Frint0/mass-pwn-vbulletin

107 views04:18

Simple Webserver with ncat

ncat --keep-open -l -p 1337 -c "printf 'HTTP/1.1 200 OK\r\n\r\n'; cat ~/evil.html"

109 views05:50

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

portswigger.net

Cross-Site Scripting (XSS) Cheat Sheet - 2026 Edition | Web Security Academy

Interactive cross-site scripting (XSS) cheat sheet for 2026, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.

148 views05:51

https://0xpatrik.com/subdomain-enumeration-smarter/

92 views05:16

Nmap-cheatsheet: Reference guide for mapping networks. https://t.co/58e3Ef5Wkg

jasonniebauer/Nmap-Cheatsheet

Reference guide for scanning networks with Nmap. Contribute to jasonniebauer/Nmap-Cheatsheet development by creating an account on GitHub.

99 views05:16

SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.
https://t.co/OGLdX5FeAD

infosecn1nja/SharpDoor

SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file. - infosecn1nja/SharpDoor

118 views05:19

https://frederik-braun.com/firefox-ui-xss-leading-to-rce.html

Frederik Braun - Remote Code Execution in Firefox beyond memory corruptions

Click to view Frederik's blog post

103 views05:20