By @ofjaaah
echo "tesla.com" | waybackurls | httpx -silent -timeout 2 -threads 100 | gf redirect | anew
1. Collect all URLs of the target domain from the Wayback Machine
2. Attempt to download all the URLs quickly in 100 parallel threads in order to identify working URLs
3. For all working URLs, match any potentially vulnerable parameters to open redirect
4. Print out only unique, potentially vulnerable URLs
Please open Telegram to view this post
VIEW IN TELEGRAM
❤13👍4🔥2
It's a request to everyone, do give reaction on the post, it helped me to stay motivated and to post content like this.🥸
For queries do reach me out from channel bio. Thanks Everyone!🚫
For queries do reach me out from channel bio. Thanks Everyone!
Please open Telegram to view this post
VIEW IN TELEGRAM
👍36❤11🔥8
appsettings.jsont to your wordlist, and you might discover some juicy data. Enjoy! Please open Telegram to view this post
VIEW IN TELEGRAM
👍13
🔖 JShunter - A command-line tool for analyzing JavaScript files and extracting valuable endpoints.
✨ Key Features:
JShunter specializes in uncovering sensitive data like API endpoints and spotting potential security vulnerabilities, making it indispensable for developers and security researchers.
🔗 https://github.com/cc1a2b/jshunter
✨ Key Features:
JShunter specializes in uncovering sensitive data like API endpoints and spotting potential security vulnerabilities, making it indispensable for developers and security researchers.
🔗 https://github.com/cc1a2b/jshunter
👍12❤1🔥1
🚨CVE-2024-35286 & CVE-2024-41713:Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
🔥PoC: https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713
👇Dorks
HUNTER:/product.name="Mitel MiCollab"
SHODAN: http.favicon.hash:-1922044295
FOFA: app="Mitel-Network-Products"
🔥PoC: https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713
👇Dorks
HUNTER:/product.name="Mitel MiCollab"
SHODAN: http.favicon.hash:-1922044295
FOFA: app="Mitel-Network-Products"
👍15
🚨Free Bug Bounty Complete Course!
✅Learn Bug Bounty to identify and report System vulnerabilities.
🔗https://drive.google.com/drive/mobile/folders/1t-hTqg0-02t0cnc5SypHnb8t3CfE3bXU
✅Learn Bug Bounty to identify and report System vulnerabilities.
🔗https://drive.google.com/drive/mobile/folders/1t-hTqg0-02t0cnc5SypHnb8t3CfE3bXU
❤22👍6🔥5🗿4
CVE-2024-55579, -55580: RCE and Broken Access Control in Qlik Sense, 7.5 - 8.8 rating❗️
Vulnerabilities discovered in Qlik Sense allow attackers to run EXE files on the server, as well as remotely execute commands, potentially affecting confidentiality and integrity.
Search at Netlas.io:
👉 Link: https://nt.ls/9ok2E
👉 Dork: http.noscript:"Qlik Sense"
Vendor's advisory: https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004
Vulnerabilities discovered in Qlik Sense allow attackers to run EXE files on the server, as well as remotely execute commands, potentially affecting confidentiality and integrity.
Search at Netlas.io:
👉 Link: https://nt.ls/9ok2E
👉 Dork: http.noscript:"Qlik Sense"
Vendor's advisory: https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004
👍8
CENT Tool
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.
📱 CENT Tool 📱
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥6❤4👍4
dorki.io
taksec.github.io/google-dorks-bug-bounty/
dorksearch.com
dorkme.comdorkgenius.com
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3
BLACKFRIDAY2024 SALE: Get all of our malware development and red teaming courses bundle for only $199.
❌$400
✅$199
Start your new year with developing malware and building offensive tools
redteamsorcery.teachable.com/p/learnthemall
❌$400
✅$199
Start your new year with developing malware and building offensive tools
redteamsorcery.teachable.com/p/learnthemall
🤨3👍2❤1
CVE-2024-11274, -8233, other: Multiple vulnerabilities in GitLab, 7.5 - 8.7 rating❗
In a new release, GitLab talked about two important vulnerabilities. One of them allows attacker to carry out DoS, the second allows to steal session data and potentially gain unauthorized access to accounts. Several smaller vulnerabilities are also mentioned.
Search at Netlas.io:
👉 Link: https://nt.ls/xM1vs
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/12/11/patch-release-gitlab-17-6-2-released/
In a new release, GitLab talked about two important vulnerabilities. One of them allows attacker to carry out DoS, the second allows to steal session data and potentially gain unauthorized access to accounts. Several smaller vulnerabilities are also mentioned.
Search at Netlas.io:
👉 Link: https://nt.ls/xM1vs
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/12/11/patch-release-gitlab-17-6-2-released/
👍4🤨2