🚨Android SSL Pinning Bypass using Noxer🚨

👉Automate your Android penetration testing lab setup using Nox Emulator. Noxer is a powerful Python noscript designed for automating Android penetration testing tasks within the Nox Player emulator. It simplifies setup, enhances stability, manages Frida Server, removes unwanted bloatware, integrates BurpSuite certificates, and much more!

🔗Noxer: https://buff.ly/4b0gxM4

🚨CVE-2024-4577: PHP CGI Argument Injection Vulnerability🚨

⚠Dorks:
🔸Hunter: header.server="PHP"
🔸FOFA: server="PHP"
🔸SHODAN: server: PHP

Last Call! Hurry Up

🚨OneDorkForAll🚨

👉An insane list of all dorks taken from everywhere from various different sources. Google, Shodan, Github. Bug bounty dorks (includes private programs), shodan, github, CCTV, CMS dorks, lfi, sqli, xss, more vulns + an extra 1Mil+ dorks.

🔗https://github.com/HackShiv/OneDorkForAll

Have Tryhackme vouchers in stock
1 Month Voucher = 500 Rupees
Dm @wtf_yodhha

🚨noWAFpls🚨
👉Burp Plugin to Bypass WAFs through the insertion of Junk Data

🔗 https://github.com/assetnote/nowafpls

🚨CVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server

👉It allows remote attackers to execute arbitrary code on affected servers without authentication, potentially leading to data breaches, ransomware attacks, and complete system compromise.

💥PoC: https://github.com/rapid7/metasploit-framework/pull/19240

💥Dorks:
Hunter: /product.name="HTTP File Server" and web.body="Rejetto"
FOFA: product="HFS"
SHODAN: product:"HttpFileServer httpd"

#Rejetto #HFS #bugbounty #bugbountytips #cybersecurity #pentesting

How are you guys? and how is everything in life?

Found this on twitter. The POC is very informative. What you think?

Good Morning Everyone!
What topic should I post today. Let me know on discussion:) Thanks!

Surprisingly Havij - SQL injection tool helped me to achieve a error based sqli on ferrari 😳