NEW BOT Телеграм, страница - 512913023

HackerOne

11K subscribers

644 photos

31 videos

79 files

2.74K links

Community : @Sec0x01
@Bug0x

Download Telegram

About

Blog

Apps

Platform

11K subscribers

https://github.com/dark-lbp/isf

GitHub - dark-lbp/isf: ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python - dark-lbp/isf

1.16K viewsAmir Offensive, 06:55

1.15K viewsAmir Offensive, 11:34

https://blog.malwarebytes.com/security-world/2018/04/malwarebytes-crackme-2-another-challenge/

Malwarebytes Labs

Malwarebytes CrackMe 2: try another challenge

Last November, we launched the first Malwarebytes CrackMe. Encouraged by an overwhelmingly positive response, we decided to repeat the game—this time making it even harder and more fun.

1.03K viewsxDD, 21:53

Write up👆
https://secrary.com/CrackMe/hasherezadeCrackme2/

secrary[dot]com::blog

Malwarebytes CrackMe 2 by hasherazade

https://secrary.com - Does it matter?

1.06K viewsxDD, 21:54

https://medium.com/@y.shahinzadeh/nodejs-application-pentest-tips-improper-uri-handling-in-express-390b3a07cb3e

NodeJS Application Pentest Tips - Improper URI Handling in Express

Web application penetration test methodologies have many concepts/tests in common. However, each language and infrastructure has its own…

1.34K viewsAmir Offensive, 08:56

https://medium.com/@the.bilal.rizwan/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32

Wordpress xmlrpc.php -common vulnerabilites & how to exploit them

Hello there! , whats up ? ,Bilal Rizwan here hope your doing great & having fun learning from the community like I am.

1.23K viewsAmir Offensive, 08:56

https://github.com/sc0tfree/mentalist/blob/master/README.md

mentalist/README.md at master · sc0tfree/mentalist

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat...

1.11K viewsAmir Offensive, 09:00

1.12K viewsAmir Offensive, 09:03

https://github.com/hausec/ADAPE-Script

GitHub - hausec/ADAPE-Script: Active Directory Assessment and Privilege Escalation Script

Active Directory Assessment and Privilege Escalation Script - hausec/ADAPE-Script

1.22K viewsAmir Offensive, 10:27

Forwarded from Bug Bounty (Amir Offensive)

http://zhchbin.github.io/2017/08/30/Uber-XSS-via-Cookie/

[BBP系列二] Uber XSS via Cookie

This write up is about part of my latest XSS report to Uber@hackerone. Sorry for my poor English first of all, I will try my best to explain this XSS problem throughly. JSONP RequestSeveral months ago

225 viewsAmir Offensive, 13:29

7.68K viewsAmir Offensive, 21:04

1.44K viewsAmir Offensive, 07:44

1.37K viewsAmir Offensive, 07:44

https://security.szurek.pl/gitbucket-unauthenticated-rce.html

1.16K viewsAmir Offensive, 17:37

https://www.youtube.com/watch?v=PKIdGnx1KIg

[PL] Jak działa exploit zdalnego wykonania kodu (RCE) w GitBucket

Jeśli jesteś programistą i chcesz zobaczyć jak proste błędy w kodzie mogą prowadzić do zdalnego wykonania kodu na serwerze to ten film jest dla Ciebie. Tłuma...

1.21K viewsAmir Offensive, 17:37

https://github.com/rpranshu/EternalView

GitHub - rpranshu/EternalView: EternalView is an all in one basic information gathering and vulnerability assessment tool

EternalView is an all in one basic information gathering and vulnerability assessment tool - rpranshu/EternalView

1.17K viewsAmir Offensive, 10:11

https://getstream.io/blog/winds-2-0-its-time-to-revive-rss/

Winds 2.0: It’s Time to Revive RSS - The Stream Blog

I love using RSS to follow the programming and tech news I care about. Unfortunately, t…

1.14K viewsAmir Offensive, 10:17

1.4K viewsAmir Offensive, 12:55

Experimental Security Assessment of BMW Cars: A Summary Report
https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf

1.18K viewsAwdeL, 12:55

Backdoor Account Found in D-Link DIR-620 Routers
https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers/

Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet. [...]

BleepingComputer

Backdoor Account Found in D-Link DIR-620 Routers

Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet.

1.26K viewsAwdeL, 13:39

Forwarded from Bug Bounty (Amir Offensive)

https://hackerone.com/reports/341876

Shopify disclosed on HackerOne: SSRF in Exchange leads to ROOT...

Shopify infrastructure is isolated into subsets of infrastructure. @0xacb reported it was possible to gain root access to any container in one particular subset by exploiting a server side request...

101 viewsAmir Offensive, 07:12