I am posting the bug images intentionally to showcase you that Low fruit bug hunting is not at all hard, but if you do continue enjoying it probably you'll missed something big. These are small happiness which lure you to engage in more automation. Avoid it! And do manual testing! Best Of Luck Everyone👾
❤🔥7👍2
As I said bug bounty is all about luck factor if you do automation. Manual testing is far better than performing automation and reporting each and every bug. If it repeated continuously you will lose your sanity very soon and feel hopeless and burn out.
Whoever is selling bug bounty courses with private automation and other stuffs, they are actual fraud.
If my automation works then why should I share with you? I will continue to earn from that, but no. As a name of private level bug bounty they sell and earn.
Rather than enrolling in bug bounty do learn web pentesting, which have more impact in current world scenario.
If you're reading till here, I hope you have a good day, don't forget to take rest and spend quality time with your parents. Adios Amigos!!
Whoever is selling bug bounty courses with private automation and other stuffs, they are actual fraud.
If my automation works then why should I share with you? I will continue to earn from that, but no. As a name of private level bug bounty they sell and earn.
Rather than enrolling in bug bounty do learn web pentesting, which have more impact in current world scenario.
If you're reading till here, I hope you have a good day, don't forget to take rest and spend quality time with your parents. Adios Amigos!!
👍10❤🔥4❤1
Crushed | Exploiting Arbitrary File Read on CrushFTP! (CVE-2024-4040)
Google Dork: innoscript:"CrushFTP WebInterface" inurl:/WebInterface/login.html
Shodan Dork: http.favicon.hash:-1022206565
POC: https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
Google Dork: innoscript:"CrushFTP WebInterface" inurl:/WebInterface/login.html
Shodan Dork: http.favicon.hash:-1022206565
POC: https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC
🤯3👍1
Which of the following is used to access content outside the root of a website?
Final Results
7%
Brute force
12%
Port scanning
14%
SQL injection
68%
Directory traversal
👍4🐳2
🚨LazyEgg - Hunting JS Files🚨
💥Command: waybackurls target | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} bash -c 'echo -e "\ntarget : {}\n" && python lazyegg[.]py "{}" --js_urls --domains --ips'
🔗Download https://lnkd.in/gnRJ5mzw
💥Command: waybackurls target | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} bash -c 'echo -e "\ntarget : {}\n" && python lazyegg[.]py "{}" --js_urls --domains --ips'
🔗Download https://lnkd.in/gnRJ5mzw
❤4👍2
🚨Ready to level up your cybersecurity skills and earn rewards?
📢Join our 30-day bug bounty challenge and learn the art of bug bounty hunting!
😉Over 30 days, you'll receive daily tasks to help you master:
Information gathering and reconnaissance
Vulnerability identification and exploitation
Web application security testing
API security testing
Cloud security testing
Fuzz testing
Machine learning and AI in security
Business logic vulnerabilities
Deserialization vulnerabilities
Server-side request forgery (SSRF)
👌Plus, you'll get access to resources and references to help you along the way!
📝Complete the challenge and earn a Certificate of Completion to showcase your skills!
💖Join the community and start your journey to cybersecurity mastery today!
🔗Join Now: https://nas.io/brutsecurity/challenges/bug-bounty-blitz-30-days-of-learning
📢Join our 30-day bug bounty challenge and learn the art of bug bounty hunting!
😉Over 30 days, you'll receive daily tasks to help you master:
Information gathering and reconnaissance
Vulnerability identification and exploitation
Web application security testing
API security testing
Cloud security testing
Fuzz testing
Machine learning and AI in security
Business logic vulnerabilities
Deserialization vulnerabilities
Server-side request forgery (SSRF)
👌Plus, you'll get access to resources and references to help you along the way!
📝Complete the challenge and earn a Certificate of Completion to showcase your skills!
💖Join the community and start your journey to cybersecurity mastery today!
🔗Join Now: https://nas.io/brutsecurity/challenges/bug-bounty-blitz-30-days-of-learning
🔥6
Brut Security pinned «🚨Ready to level up your cybersecurity skills and earn rewards? 📢Join our 30-day bug bounty challenge and learn the art of bug bounty hunting! 😉Over 30 days, you'll receive daily tasks to help you master: Information gathering and reconnaissance Vulnerability…»
🚀 Advance Your Career in Cybersecurity with Our Comprehensive VAPT Course! 🚀
🚨Are you ready to become a cybersecurity expert? Enroll in our Vulnerability Assessment and Penetration Testing (VAPT) course and gain the skills you need to protect critical systems and data.
📢Key Features:
🔸Live Trainer-Led Online Training: Engage in interactive sessions led by experienced cybersecurity professionals.
🔸50 Hours of Classes Over 3 Months: Comprehensive coverage of VAPT topics, allowing for in-depth learning and mastery.
🔸70% Practical Oriented: Emphasis on hands-on labs and real-world scenarios to ensure you can apply what you learn.
🔸Pay in 2 Installments: Flexible payment options to suit your financial needs.
🔸Career Oriented Training: Focused on building the skills needed for a successful career in cybersecurity.
🔸2 Practical Assignments & 1 Capture The Flag (CTF) Exam: Practical assessments to test and enhance your skills.
👉 Register Now: https://wa.me/message/NQLPOBIAEFDBN1
🚨Are you ready to become a cybersecurity expert? Enroll in our Vulnerability Assessment and Penetration Testing (VAPT) course and gain the skills you need to protect critical systems and data.
📢Key Features:
🔸Live Trainer-Led Online Training: Engage in interactive sessions led by experienced cybersecurity professionals.
🔸50 Hours of Classes Over 3 Months: Comprehensive coverage of VAPT topics, allowing for in-depth learning and mastery.
🔸70% Practical Oriented: Emphasis on hands-on labs and real-world scenarios to ensure you can apply what you learn.
🔸Pay in 2 Installments: Flexible payment options to suit your financial needs.
🔸Career Oriented Training: Focused on building the skills needed for a successful career in cybersecurity.
🔸2 Practical Assignments & 1 Capture The Flag (CTF) Exam: Practical assessments to test and enhance your skills.
👉 Register Now: https://wa.me/message/NQLPOBIAEFDBN1
Exploit all vulnerable ip's: CVE-2024-24919
https://github.com/seed1337/CVE-2024-24919-POC
https://github.com/seed1337/CVE-2024-24919-POC
GitHub
GitHub - seed1337/CVE-2024-24919-POC
Contribute to seed1337/CVE-2024-24919-POC development by creating an account on GitHub.
👍2