NEW BOT Телеграм, страница

☄️Collection of Links, Write-ups, Blog posts and Papers related to Cybersecurity, Reverse engineering and Exploitation☄️

🔖https://github.com/0xor0ne/awesome-list/blob/main/topics/cybersec.md

Please open Telegram to view this post

VIEW IN TELEGRAM

GitHub

awesome-list/topics/cybersec.md at main · 0xor0ne/awesome-list

Cybersecurity oriented awesome list. Contribute to 0xor0ne/awesome-list development by creating an account on GitHub.

❤3🗿2😱1

3.86K viewsSaumadip Mandal, 10:21

Brut Security

👍6❤1

3.66K viewsSaumadip Mandal, 03:37

Brut Security

What makes you hacker?

🤨

Please open Telegram to view this post

VIEW IN TELEGRAM

3.61K viewsSaumadip Mandal, 05:08

Brut Security

Add the folder 'home/000~ROOT~000/' to your wordlist, and you might discover some juicy data. Enjoy!"

😭7👍5🔥5🤣2❤1

3.6K viewsSaumadip Mandal, 04:20

Brut Security

🔍Top 10 Shodan Dorks

🔖#infosec #cybersecurity #hacking #pentesting #security

👍3👏1

3.89K viewsSaumadip Mandal, 05:10

Brut Security

☄️If you have access to jenkins dashboard, use below Script Console cmd for poc

☄️

def passwdFile = new File("/etc/passwd")
println passwdFile.text

Please open Telegram to view this post

VIEW IN TELEGRAM

❤9⚡6🔥2👍1

4.28K viewsSaumadip Mandal, 08:32

Brut Security

prv8_nuclei_templates.zip

3.9 MB

⚡ 6000+ Private Nuclei Templates ⚡

❤‍🔥28🤣5👌2❤1⚡1🔥1🤝1

6.58K viewsSaumadip Mandal, 10:25

Brut Security

CVE-2024-8073: Command Injection in Hillstone Networks Firewalls, 9.8 rating 🔥

The freshest vulnerability in Hillstone WAFs allows an attacker to perform RCE due to incorrect input validation.

Search at Netlas.io:
👉 Link: https://nt.ls/YZWqU
👉 Dork: http.noscript:"Hillstone Networks"

Vendor's advisory: https://www.hillstonenet.com.cn/security-notification/2024/08/21/mlzrld-2/

🔥5👍2🤣1

4.55K viewsSaumadip Mandal, 11:26

Brut Security

Telegram CEO is arrested, so there is a probability that telegram will end the services or it's services will be blocked on different countries. So as a backup you can join our discord channel. Thanks!
https://discord.gg/NTU2q8gU5K

Discord

Join the Brut Security Discord Server!

Check out the Brut Security community on Discord - hang out with 724 other members and enjoy free voice and text chat.

🤣1

3.99K viewsSaumadip Mandal, 18:06

Brut Security

0:13

This media is not supported in your browser

VIEW IN TELEGRAM

Wake Up! Your Mom and Dad are waiting for your success 🤩 They're both running out of time.

Please open Telegram to view this post

VIEW IN TELEGRAM

❤18😢4❤‍🔥2👍2🤣1

4.19K viewsSaumadip Mandal, 20:57

Brut Security

Dork King
https://dorkking.blindf.com/

❤5🤣2

3.58K viewsSaumadip Mandal, 05:02

Brut Security

Reset Password Feature Security Testing.pdf

72.4 KB

Reset Password Bug Bounty Guide

🤣1

3.55K viewsSaumadip Mandal, 08:26

Brut Security

☄️AutoRecon- It is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

🔗https://github.com/Tib3rius/AutoRecon

Please open Telegram to view this post

VIEW IN TELEGRAM

GitHub

GitHub - AutoRecon/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of…

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. - AutoRecon/AutoRecon

🤣3

3.63K viewsSaumadip Mandal, 08:32

Brut Security

CVE-2024-6386: RCE in WPML WordPress Plugin, 9.9 rating 🔥

Due to the lack of input validation, an attacker can execute code on the affected server.

Search at Netlas.io:
👉 Link: https://nt.ls/caxUk
👉 Dork: http.body:"plugins/wpml"

Read more: https://sec.stealthcopter.com/wpml-rce-via-twig-ssti/

👍6🤣1

4.09K viewsSaumadip Mandal, 08:40

Brut Security

Useful Google Dorks that bug bounty hunters can leverage to find sensitive information: 👇🏻

1. Discovering Exposed Files:
   - innoscript:"index of" "site:target.com"
   - filetype:log inurl:log site:target.com
   - filetype:sql inurl:sql site:target.com
   - filetype:env inurl:.env site:target.com

2. Finding Sensitive Directories:
   - inurl:/phpinfo.php site:target.com
   - inurl:/admin site:target.com
   - inurl:/backup site:target.com
   - inurl:wp- site:target.com

3. Exposed Configuration Files:
   - filetype:config inurl:config site:target.com
   - filetype:ini inurl:wp-config.php site:target.com
   - filetype:json inurl:credentials site:target.com

4. Discovering Usernames and Passwords:
   - intext:"password" filetype:log site:target.com
   - intext:"username" filetype:log site:target.com
   - filetype:sql "password" site:target.com

5. Finding Database Files:
   - filetype:sql inurl:db site:target.com
   - filetype:sql inurl:dump site:target.com
   - filetype:bak inurl:db site:target.com

6. Exposed Git Repositories:
   - inurl:".git" site:target.com
   - inurl:"/.git/config" site:target.com
   - innoscript:"index of" ".git" site:target.com

7. Finding Publicly Exposed Emails:
   - intext:"email" site:target.com
   - inurl:"contact" intext:"@target.com" -www.target.com
   - filetype:xls inurl:"email" site:target.com

8. Discovering Vulnerable Web Servers:
   - innoscript:"Apache2 Ubuntu Default Page: It works" site:target.com
   - innoscript:"Index of /" "Apache Server" site:target.com
   - innoscript:"Welcome to nginx" site:target.com

9. Finding API Keys:
   - filetype:env "DB_PASSWORD" site:target.com
   - intext:"api_key" filetype:env site:target.com
   - intext:"AWS_ACCESS_KEY_ID" filetype:env site:target.com

10. Exposed Backup Files:
    - filetype:bak inurl:backup site:target.com
    - filetype:bak inurl:backup site:target.com
    - filetype:zip inurl:backup site:target.com
    - filetype:tgz inurl:backup site:target.com

Replace target.com with the domain or target you are focusing on.

#GoogleDorks
#BugHunting
#OSINT

❤13👍8🔥5🤣1

4.53K viewsSaumadip Mandal, 13:14

Brut Security

priv8-Nuclei-.zip

845.8 KB

❤9🤣3🔥2

3.78K viewsSaumadip Mandal, 17:28

About

Blog

Apps

Platform