NEW BOT Телеграм, страница

Brut Security

CVE-2024-6387 (and probably CVE-2006-5051): Unauthenticated RCE in OpenSSH 🔥

The vulnerability, discovered by Qualys researchers, allows an attacker to perform RCE on any OpenSSH server, provided that the operating system contains the glibc library.

Versions 8.5p1 to 9.8p1 are affected, and versions <4.4p are also potentially vulnerable.

Search at Netlas.io:
👉🏻 Link: https://nt.ls/ySN3C
👉🏻 Dork: tag.openssh.version:(>=8.5 AND <9.8) OR tag.openssh.version:(<4.4)

Read more: https://www.qualys.com/regresshion-cve-2024-6387/

👍5

2.48K viewsSaumadip Mandal, 16:38

Brut Security

🔥3

2.79K viewsSaumadip Mandal, 16:46

Brut Security

OSCP_PDF.pdf

2.3 MB

2.7K viewsSaumadip Mandal, 17:16

Brut Security

⚠️Join Our Discussion Group ⚠️

🔥

https://news.1rj.ru/str/brutsec

🔥

Please open Telegram to view this post

VIEW IN TELEGRAM

Discussion

Community Discussion

👍2

2.72K viewsSaumadip Mandal, edited 17:33

Brut Security

Brut Security pinned «⚠️Join Our Discussion Group ⚠️ 🔥 https://news.1rj.ru/str/brutsec 🔥»

18:57

Brut Security

0:24

This media is not supported in your browser

VIEW IN TELEGRAM

⚠️Subprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.

🔥Download: https://github.com/RevoltSecurities/Subprober

Please open Telegram to view this post

VIEW IN TELEGRAM

🔥3

2.49K viewsSaumadip Mandal, 20:36

Brut Security

📞 Enroll Now: https://wa.me/918945971332

Please open Telegram to view this post

VIEW IN TELEGRAM

👍3❤1

2.56K viewsSaumadip Mandal, 08:55

Brut Security

Brut Security pinned a photo

09:31

Brut Security

https://www.youtube.com/watch?v=aVOraNqA-n8

YouTube

CrikeyCon 2021 - Shubham Shah - Hacking on Bug Bounties for Five Years

Bug bounties have become an established process in organisations with a mature security posture. Over the last five years, I have been submitting vulnerabilities to companies in almost every industry. By participating in bug bounties over such a long period…

2.4K viewsSaumadip Mandal, 06:16

Brut Security

🚨Payloads - Payload for bug bounty!🚨
🔗 Download https://github.com/1BlackLine/Payloads

👍5🔥1

2.95K viewsSaumadip Mandal, 07:22

Brut Security

2.81K viewsSaumadip Mandal, 07:25

Brut Security

breaking_into_cyber_security_successfully.pdf

1.6 MB

👍1

6.69K viewsSaumadip Mandal, 16:48

Brut Security

🤖 Bug Bounty Target -

https://bughunters.jahezgroup.com/en

Please open Telegram to view this post

VIEW IN TELEGRAM

👏3

2.71K viewsSaumadip Mandal, 18:16

Brut Security

☄️Will Drop A New BB Platform If We Reach 4K by Upcoming Week☄️

Please open Telegram to view this post

VIEW IN TELEGRAM

👍7

2.88K viewsSaumadip Mandal, edited 18:29

Brut Security

🔫 New Bug Bounty Target -

https://www.alliander.com/.well-known/security.txt

Please open Telegram to view this post

VIEW IN TELEGRAM

👍6❤‍🔥1🔥1👏1😁1

2.68K viewsSaumadip Mandal, 17:59

Brut Security

0:59

This media is not supported in your browser

VIEW IN TELEGRAM

⚠️CVE-2024-36991: Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows.

📣Sign Up On Netlas.io: https://app.netlas.io/ref/9cc61538/
📣Join Official Netlas Telegram: https://news.1rj.ru/str/netlas

🔴In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows.

✅PoC: https://github.com/bigb0x/CVE-2024-36991

ℹ️Netlas Dork: http.body:"splunk-Enterprise"

Please open Telegram to view this post

VIEW IN TELEGRAM

❤2👍1

2.57K viewsSaumadip Mandal, edited 10:50

Brut Security

2.27K viewsSaumadip Mandal, 19:08

Brut Security

📣Understanding Bug Bounty Hunting for Newcomers📣

🎁

Bug bounty hunting can seem appealing, but it’s important to know:

🖱High Skill Level Required: Success in bug bounty hunting demands a very high skill level. It's not just about using tools like Nuclei to scan public programs.

🖱Reality Check: Many see bug bounty hunting as a way to financial freedom or a high-paying job. However, if you have the skills to excel here, you can probably find other well-paying jobs in cybersecurity.

🖱Consider Your Location: Bug bounty hunting might be more attractive if you live in a country with a low average salary. Otherwise, it’s better pursued for fun or experience rather than as your main source of income.

🖱Extra Income and Experience: It can be great for earning extra money and gaining experience, but it’s not a reliable primary income source.

💳Bottom Line: Bug bounty hunting can be enjoyable and rewarding as a side activity, but it’s not the best choice for a main job once you understand the reality of the work involved.

Please open Telegram to view this post

VIEW IN TELEGRAM

👍3

2.38K viewsSaumadip Mandal, 19:19

Brut Security

🛠️Guide to Active Directory Hacking

📝Active Directory (AD) is a directory service developed by Microsoft to manage and store network information, offering a central location for access control and network security.

📰 Read more: https://en.iguru.gr/odigos-gia-active-directory-hacking/

🔖#infosec #cybersecurity #hacking #pentesting #security

2.26K viewsSaumadip Mandal, 19:29

Brut Security

0:09

This media is not supported in your browser

VIEW IN TELEGRAM

👨‍💻6👍3🤡2💯1

2.26K viewsSaumadip Mandal, 05:07

Brut Security

CVE-2024-39929: Bypass of attachment verification in Exim❗

Due to incorrect parsing of a multiline RFC 2231 header filename, an attacker can bypass attachment verification and send an executable payload to the victim.

Search at Netlas.io:
👉 Link: https://nt.ls/gRdtH
👉 Dork: smtp.banner:"Exim" NOT smtp.banner:"Exim 4.98"

Read more: https://bugs.exim.org/show_bug.cgi?id=3099#c4

3.13K viewsSaumadip Mandal, 13:09

About

Blog

Apps

Platform