Some Lateral Movement Methods:
-Pass the Hash/Relay ((Net-)NTLM)
-Pass the Ticket (Silver/Golden)
-RDP (Legit creds)
-Remote Services (VNC/SSH)
-(D)COM (Remote sched tasks, Services, WMI)
-Remote Service Vuln (EB)
-Admin Shares (PSExec)
-Webshell (Chopper)
-WinRM (PS Remoting)
-Pass the Hash/Relay ((Net-)NTLM)
-Pass the Ticket (Silver/Golden)
-RDP (Legit creds)
-Remote Services (VNC/SSH)
-(D)COM (Remote sched tasks, Services, WMI)
-Remote Service Vuln (EB)
-Admin Shares (PSExec)
-Webshell (Chopper)
-WinRM (PS Remoting)
#OSINT :
Built With:https://builtwith.com
Google Dorks:https://exploit-db.com/google-hacking-database/
Metagoofil:https://code.google.com/archive/p/metagoofil
Censys:https://censys.io
URLScan:https://urlscan.io
DNSStuff:https://dnsstuff.com/tools
Netcraft:https://searchdns.netcraft.com
#bugbountytips #redteam #BugBountyTip
Built With:https://builtwith.com
Google Dorks:https://exploit-db.com/google-hacking-database/
Metagoofil:https://code.google.com/archive/p/metagoofil
Censys:https://censys.io
URLScan:https://urlscan.io
DNSStuff:https://dnsstuff.com/tools
Netcraft:https://searchdns.netcraft.com
#bugbountytips #redteam #BugBountyTip
BuiltWith
Find out what websites are BuiltWith
Subdomain Takeover
https://t.co/5m9oDoTHQZ
https://t.co/Q7mEFPn33S
https://t.co/K2vaBNyvx0
https://t.co/U2pR9LUPlZ
https://t.co/O7WewUuj6u
https://t.co/Ix1MeUXm9O
https://t.co/aQrm9dW6qc
https://t.co/MeMOdEzOPu
https://t.co/r5v8T8pWHO
https://t.co/PsBhaoQlh7
#bugbounty
https://t.co/5m9oDoTHQZ
https://t.co/Q7mEFPn33S
https://t.co/K2vaBNyvx0
https://t.co/U2pR9LUPlZ
https://t.co/O7WewUuj6u
https://t.co/Ix1MeUXm9O
https://t.co/aQrm9dW6qc
https://t.co/MeMOdEzOPu
https://t.co/r5v8T8pWHO
https://t.co/PsBhaoQlh7
#bugbounty
Smaran Chand
Subdomain takeover via pantheon
I hope you are having a great time, I would like to share an issue which i discovered in less than 10 minutes and got rewarded $XXXX bounty within 24 hours of the submission. So the story begins wh…
Parameter tampering
https://t.co/qUyDVS7cON
https://t.co/MvYCAJHnvh
https://t.co/S7cjVw1wVc
https://t.co/QQ1tKjs1ww
https://t.co/gvP1bCRvXY
https://t.co/cHy7ZqsHr7
https://t.co/C8Qii9WG5E
https://t.co/jsS8CHp9Vb
https://t.co/7QMCAbzLg1
https://t.co/JBdqNPVGTV
#bugbounty
https://t.co/qUyDVS7cON
https://t.co/MvYCAJHnvh
https://t.co/S7cjVw1wVc
https://t.co/QQ1tKjs1ww
https://t.co/gvP1bCRvXY
https://t.co/cHy7ZqsHr7
https://t.co/C8Qii9WG5E
https://t.co/jsS8CHp9Vb
https://t.co/7QMCAbzLg1
https://t.co/JBdqNPVGTV
#bugbounty
Security Breached Blog
Improper Input Validation | Add Custom Text and URLs In SMS send by Snapchat | Bug Bounty POC - Security Breached Blog
Hey guys so this blog post is about an Issue in Snapchat's Website, due to Improper Input Validation one can add custom text & urls in SMS send by Snapchat here's a Short POC of the issue.