■■■■□ HTTPX: Use the -screenshot (-ss) option to capture screenshots of specific URLs, pages, or endpoints, including the rendered DOM!
https://github.com/projectdiscovery/httpx
https://github.com/projectdiscovery/httpx
GitHub
GitHub - projectdiscovery/httpx: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp…
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. - projectdiscovery/httpx
👍3🔥1
Damn Exploitable Android App - Abusing Info Leaks to bypass ASLR.
https://www.mobilehackinglab.com/blog/damn-exploitable-android-app-abusing-info-leaks-to-bypass-aslr
https://www.mobilehackinglab.com/blog/damn-exploitable-android-app-abusing-info-leaks-to-bypass-aslr
Mobilehackinglab
Damn Exploitable Android App - Abusing Info Leaks to bypass ASLR
Dive into our latest blog to learn a clever technique for exploiting format string vulnerabilities to bypass ASLR, revealing key memory addresses and targeting the Damn Exploitable Android App.
🔥3👍2
ATO | How I exploited security issue to take over admin account.
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
Medium
ATO | How I exploited security issue to take over admin account
Few days ago I came across one bug bounty program of an booking website lets call https://redacted.com, it was interesting website with…
Making the Cloudflare WARP VPN leak DNS requests.
https://www.mathyvanhoef.com/2023/08/making-cloudflare-warp-vpn-leak-dns.html
https://www.mathyvanhoef.com/2023/08/making-cloudflare-warp-vpn-leak-dns.html
Mathyvanhoef
Making the Cloudflare WARP VPN leak DNS requests
Cloudflare offers a free VPN client called Cloudflare WARP . I found that its Windows client can be tricked into leaking all DNS requests . ...
👍2
2023 OWASP Top-10 Series: API6:2023 Unrestricted Access to Sensitive Business Flows.
https://lab.wallarm.com/api62023-unrestricted-access-to-sensitive-business-flows/
https://lab.wallarm.com/api62023-unrestricted-access-to-sensitive-business-flows/
Wallarm
API6:2023 Unrestricted Access to Sensitive Business Flows - OWASP
APIs that expose sensitive business flows without proper authorization can be exploited by attackers to cause significant damage.
👍1
Forwarded from Meisam Monsef
دوره رایگان OWASP
مدرس : میثم منصف
HTTP (Part01) :
https://cafenode.ir/OWASP-FREE/01/c01.mp4
https://cafenode.ir/OWASP-FREE/01/c02.mp4
https://cafenode.ir/OWASP-FREE/01/c03.mp4
https://cafenode.ir/OWASP-FREE/01/c04.mp4
OS Command Injection (Part02):
https://cafenode.ir/OWASP-FREE/02/c01.mp4
https://cafenode.ir/OWASP-FREE/02/c02.mp4
https://cafenode.ir/OWASP-FREE/02/c03.mp4
https://cafenode.ir/OWASP-FREE/02/c04.mp4
https://cafenode.ir/OWASP-FREE/02/c05.mp4
https://cafenode.ir/OWASP-FREE/02/c06.mp4
Server Side Template Injection (Part03):
https://cafenode.ir/OWASP-FREE/03/c01.mp4
https://cafenode.ir/OWASP-FREE/03/c02.mp4
https://cafenode.ir/OWASP-FREE/03/c03.mp4
https://cafenode.ir/OWASP-FREE/03/c04.mp4
XSS - CSRF (Part04):
https://cafenode.ir/OWASP-FREE/04/c01.mp4
https://cafenode.ir/OWASP-FREE/04/c02.mp4
https://cafenode.ir/OWASP-FREE/04/c03.mp4
https://cafenode.ir/OWASP-FREE/04/c04.mp4
Live (Part05):
https://cafenode.ir/OWASP-FREE/05/c01.mp4
https://cafenode.ir/OWASP-FREE/05/c02.mp4
Server Side Request Forgery (Part06):
https://cafenode.ir/OWASP-FREE/06/c01.mp4
https://cafenode.ir/OWASP-FREE/06/c02.mp4
https://cafenode.ir/OWASP-FREE/06/c03.mp4
https://cafenode.ir/OWASP-FREE/06/c04.mp4
https://cafenode.ir/OWASP-FREE/06/c05.mp4
https://cafenode.ir/OWASP-FREE/06/c06.mp4
SQL Injection I (Part07) :
https://cafenode.ir/OWASP-FREE/07/c01.mp4
https://cafenode.ir/OWASP-FREE/07/c02.mp4
https://cafenode.ir/OWASP-FREE/07/c03.mp4
https://cafenode.ir/OWASP-FREE/07/c04.mp4
https://cafenode.ir/OWASP-FREE/07/c05.mp4
https://cafenode.ir/OWASP-FREE/07/c06.mp4
https://cafenode.ir/OWASP-FREE/07/c07.mp4
https://cafenode.ir/OWASP-FREE/07/c08.mp4
SQL Injection II (Part08) :
https://cafenode.ir/OWASP-FREE/08/c01.mp4
https://cafenode.ir/OWASP-FREE/08/c02.mp4
https://cafenode.ir/OWASP-FREE/08/c03.mp4
https://cafenode.ir/OWASP-FREE/08/c04.mp4
https://cafenode.ir/OWASP-FREE/08/c05.mp4
https://cafenode.ir/OWASP-FREE/08/c06.mp4
https://cafenode.ir/OWASP-FREE/08/c07.mp4
XML External Entity (Part09) :
https://cafenode.ir/OWASP-FREE/09/c01.mp4
https://cafenode.ir/OWASP-FREE/09/c02.mp4
https://cafenode.ir/OWASP-FREE/09/c03.mp4
https://cafenode.ir/OWASP-FREE/09/c04.mp4
https://cafenode.ir/OWASP-FREE/09/c05.mp4
https://cafenode.ir/OWASP-FREE/09/c06.mp4
https://cafenode.ir/OWASP-FREE/09/c07.mp4
https://cafenode.ir/OWASP-FREE/09/c08.mp4
https://cafenode.ir/OWASP-FREE/09/c09.mp4
https://cafenode.ir/OWASP-FREE/09/c10.mp4
Broken Authentication (Part10) :
https://cafenode.ir/OWASP-FREE/10/c01.mp4
https://cafenode.ir/OWASP-FREE/10/c02.mp4
https://cafenode.ir/OWASP-FREE/10/c03.mp4
https://cafenode.ir/OWASP-FREE/10/c04.mp4
https://cafenode.ir/OWASP-FREE/10/c05.mp4
API Security (Part11) :
https://cafenode.ir/OWASP-FREE/11/c01.mp4
https://cafenode.ir/OWASP-FREE/11/c02.mp4
https://cafenode.ir/OWASP-FREE/11/c03.mp4
https://cafenode.ir/OWASP-FREE/11/c04.mp4
https://cafenode.ir/OWASP-FREE/11/c05.mp4
@SecCode
مدرس : میثم منصف
HTTP (Part01) :
https://cafenode.ir/OWASP-FREE/01/c01.mp4
https://cafenode.ir/OWASP-FREE/01/c02.mp4
https://cafenode.ir/OWASP-FREE/01/c03.mp4
https://cafenode.ir/OWASP-FREE/01/c04.mp4
OS Command Injection (Part02):
https://cafenode.ir/OWASP-FREE/02/c01.mp4
https://cafenode.ir/OWASP-FREE/02/c02.mp4
https://cafenode.ir/OWASP-FREE/02/c03.mp4
https://cafenode.ir/OWASP-FREE/02/c04.mp4
https://cafenode.ir/OWASP-FREE/02/c05.mp4
https://cafenode.ir/OWASP-FREE/02/c06.mp4
Server Side Template Injection (Part03):
https://cafenode.ir/OWASP-FREE/03/c01.mp4
https://cafenode.ir/OWASP-FREE/03/c02.mp4
https://cafenode.ir/OWASP-FREE/03/c03.mp4
https://cafenode.ir/OWASP-FREE/03/c04.mp4
XSS - CSRF (Part04):
https://cafenode.ir/OWASP-FREE/04/c01.mp4
https://cafenode.ir/OWASP-FREE/04/c02.mp4
https://cafenode.ir/OWASP-FREE/04/c03.mp4
https://cafenode.ir/OWASP-FREE/04/c04.mp4
Live (Part05):
https://cafenode.ir/OWASP-FREE/05/c01.mp4
https://cafenode.ir/OWASP-FREE/05/c02.mp4
Server Side Request Forgery (Part06):
https://cafenode.ir/OWASP-FREE/06/c01.mp4
https://cafenode.ir/OWASP-FREE/06/c02.mp4
https://cafenode.ir/OWASP-FREE/06/c03.mp4
https://cafenode.ir/OWASP-FREE/06/c04.mp4
https://cafenode.ir/OWASP-FREE/06/c05.mp4
https://cafenode.ir/OWASP-FREE/06/c06.mp4
SQL Injection I (Part07) :
https://cafenode.ir/OWASP-FREE/07/c01.mp4
https://cafenode.ir/OWASP-FREE/07/c02.mp4
https://cafenode.ir/OWASP-FREE/07/c03.mp4
https://cafenode.ir/OWASP-FREE/07/c04.mp4
https://cafenode.ir/OWASP-FREE/07/c05.mp4
https://cafenode.ir/OWASP-FREE/07/c06.mp4
https://cafenode.ir/OWASP-FREE/07/c07.mp4
https://cafenode.ir/OWASP-FREE/07/c08.mp4
SQL Injection II (Part08) :
https://cafenode.ir/OWASP-FREE/08/c01.mp4
https://cafenode.ir/OWASP-FREE/08/c02.mp4
https://cafenode.ir/OWASP-FREE/08/c03.mp4
https://cafenode.ir/OWASP-FREE/08/c04.mp4
https://cafenode.ir/OWASP-FREE/08/c05.mp4
https://cafenode.ir/OWASP-FREE/08/c06.mp4
https://cafenode.ir/OWASP-FREE/08/c07.mp4
XML External Entity (Part09) :
https://cafenode.ir/OWASP-FREE/09/c01.mp4
https://cafenode.ir/OWASP-FREE/09/c02.mp4
https://cafenode.ir/OWASP-FREE/09/c03.mp4
https://cafenode.ir/OWASP-FREE/09/c04.mp4
https://cafenode.ir/OWASP-FREE/09/c05.mp4
https://cafenode.ir/OWASP-FREE/09/c06.mp4
https://cafenode.ir/OWASP-FREE/09/c07.mp4
https://cafenode.ir/OWASP-FREE/09/c08.mp4
https://cafenode.ir/OWASP-FREE/09/c09.mp4
https://cafenode.ir/OWASP-FREE/09/c10.mp4
Broken Authentication (Part10) :
https://cafenode.ir/OWASP-FREE/10/c01.mp4
https://cafenode.ir/OWASP-FREE/10/c02.mp4
https://cafenode.ir/OWASP-FREE/10/c03.mp4
https://cafenode.ir/OWASP-FREE/10/c04.mp4
https://cafenode.ir/OWASP-FREE/10/c05.mp4
API Security (Part11) :
https://cafenode.ir/OWASP-FREE/11/c01.mp4
https://cafenode.ir/OWASP-FREE/11/c02.mp4
https://cafenode.ir/OWASP-FREE/11/c03.mp4
https://cafenode.ir/OWASP-FREE/11/c04.mp4
https://cafenode.ir/OWASP-FREE/11/c05.mp4
@SecCode
👍8👎3❤2
How it is possible to get persistent reverse shell from Android app without visible permissions to make device unusable via annoying DoS
https://www.mobile-hacker.com/2023/09/27/get-persistent-reverse-shell-from-android-app-without-visible-permissions-to-make-device-unusable/
https://www.mobile-hacker.com/2023/09/27/get-persistent-reverse-shell-from-android-app-without-visible-permissions-to-make-device-unusable/
Mobile Hacker
Get persistent reverse shell from Android app without visible permissions to make device unusable Mobile Hacker
This blog will introduce you how it is possible to write a persistent reverse shell app on Android without any user requested and visible permissions. Since such application has no permissions, it shouldn’t be able to perform any task. Well, that isn’t true.…
👍2❤1
Use silent SMS messages to track LTE users’ locations
https://mandomat.github.io/2023-09-21-localization-with-silent-SMS/
https://mandomat.github.io/2023-09-21-localization-with-silent-SMS/
Home
Using silent SMS to localize LTE users
Proof of concept implementation
👍2