XSS Cheatsheet Burpsuite Extension https://portswigger.net/bappstore/eb75d39684b845adb457bcb050d1aa1d
👍3
👉 InfiSCA: Your Open-Source Vulnerability Scanner
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
🔗Download :https://github.com/Infisical/infisical
InfiSCA is an open-source software composition analysis (SCA) tool. Think of it as a security guard for your software supply chain.
🔗Download :
👍7❤1🔥1
📮JScripter - A noob-friendly JavaScript scraper based on #GAU and #hakrawler. Options to scan a single URL or multiple URLs from a list. Uses threads, saves files into a directory, and de-duplicates during saving.
✅Download-https://github.com/ifconfig-me/JScripter
#BugBounty #bugbountytips
✅Download-
#BugBounty #bugbountytips
🔥8👍1
🚀 Apepe - Mobile application pentesting🚀
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
❤7
Do Sign Up for Top Notch Results 😎
Please open Telegram to view this post
VIEW IN TELEGRAM
Drop Your Suggestions for Resources
Please open Telegram to view this post
VIEW IN TELEGRAM
🤣5😁2🙏1
This media is not supported in your browser
VIEW IN TELEGRAM
BBRF-Client: The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices.
😚 https://github.com/honoki/bbrf-client/
Please open Telegram to view this post
VIEW IN TELEGRAM
👏2👍1
IDOR in Reset Password
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
When the user reset his password the application make an API request to make sure that username exists. If exist, it will come back with Personal Identifying Information (PII) in the response [Full name,Email,Phone number].
By:@Maakthon
#bugbountytips
❤11👍4
🚨 CVE-2024-40348 🚨
👉 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
🔗 Download : https://github.com/bigb0x/CVE-2024-40348
👉 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
🔗 Download : https://github.com/bigb0x/CVE-2024-40348
🔥2❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
Buy Brut Security a Coffee
Become a supporter of Brut Security today!
❤2🤝1
Brut Security pinned «🤩 Hey everyone, thanks for being part of this awesome community! 🐸 If you enjoy my content and want to support me, you can buy me a coffee on Ko-fi: https://ko-fi.com/brutxninja ☕️ !»
Please open Telegram to view this post
VIEW IN TELEGRAM
Ko-fi
A Practical Guide to Starting Your Cybersecurity Career in India
Brut Security published a post on Ko-fi
❤1
actuator/env
actuator/auditevents
actuator/beans
actuator/caches
actuator/configprops
actuator/health
actuator/heapdump
actuator/info
actuator/integrationgraph
actuator/configprops
actuator/jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/hosts
#bugbountytip #bugbountytips #bugbounty
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3
If your input causes a server error (e.g. 500) when you inject a ' (for eg) but you don't get reliable results using boolean inferential injections, try these payloads which should trigger the 500 when the red condition is true.
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2