Brut Security pinned «🚨 If you're looking for accurate IoT results, then Sign Up On @Netlas 😮💨 https://app.netlas.io/ref/9cc61538/»
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥6
Finding Hidden Parameter & Potential XSS with Arjun + KXSS
arjun -q -u target -oT arjun && cat arjun | awk -F'[?&]' '{baseUrl=$1; for(i=2; i<=NF; i++) {split($i, param, "="); print baseUrl "?" param[1] "="}}' | kxss❤13
JS Recon : WaybackURLs & HTTPX
waybackurls url | grep '\.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} python lazyegg[.]py "{}" --js_urls --domains --ips > urls && cat urls | grep '\.' | sort -u | xargs -I{} httpx -silent -u {} -sc -noscript -td
👍6❤3
PRO TIP TO DETECT CSTI
- in your proxy add a match and replace rule for some keywords to make changes in the response
- in your proxy add a match and replace rule for some keywords to make changes in the response
eg : TESTCSTI = {{7*9}}CVE-2024-8698: Privelege Escalation in Keycloak, 7.7 rating❗️
Improper SAML signature verification allows an attacker to create a document that is only partially signed. Due to the vulnerability, the entire document will be considered signed, which may lead to privelege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/LJfRK
👉 Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Read more: https://access.redhat.com/security/cve/CVE-2024-8698
Improper SAML signature verification allows an attacker to create a document that is only partially signed. Due to the vulnerability, the entire document will be considered signed, which may lead to privelege escalation.
Search at Netlas.io:
👉 Link: https://nt.ls/LJfRK
👉 Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Read more: https://access.redhat.com/security/cve/CVE-2024-8698
❤1
⚡TOP 100 Vulnerabilities Step-by-Step Guide Handbook
https://github.com/Zorono/Learning-PDFs/blob/main/TOP%20100%20Vulnerabilities%20Step-by-Step%20Guide%20Handbook.pdf
https://github.com/Zorono/Learning-PDFs/blob/main/TOP%20100%20Vulnerabilities%20Step-by-Step%20Guide%20Handbook.pdf
GitHub
Learning-PDFs/TOP 100 Vulnerabilities Step-by-Step Guide Handbook.pdf at main · Zorono/Learning-PDFs
Contribute to Zorono/Learning-PDFs development by creating an account on GitHub.
❤12🐳1🗿1
CVE-2024-47062: SQL Injection and Auth Bypass in Navidrome Music Server, 9.4 rating 🔥
The latest advisory disclosed several vulnerabilities, which in theory allow an attacker to gain access to sensitive data.
Search at Netlas.io:
👉 Link: https://nt.ls/N9Jj8
👉 Dork: http.denoscription:"Navidrome Music Server"
Vendor's advisory: https://github.com/navidrome/navidrome/security/advisories/GHSA-58vj-cv5w-v4v6
The latest advisory disclosed several vulnerabilities, which in theory allow an attacker to gain access to sensitive data.
Search at Netlas.io:
👉 Link: https://nt.ls/N9Jj8
👉 Dork: http.denoscription:"Navidrome Music Server"
Vendor's advisory: https://github.com/navidrome/navidrome/security/advisories/GHSA-58vj-cv5w-v4v6
👍4
⚡️Google Dorks - Vulnerable Parameters ⚡️
⛔️XSS prone parameters:
inurl:q= | inurl:s= | inurl:search= | inurl:query= | inurl:keyword= | inurl:lang= inurl:& site:example[.]com
⛔️Open Redirect prone parameters
inurl:url= | inurl:return= | inurl:next= | inurl:redirect= | inurl:redir= | inurl:ret= | inurl:r2= | inurl:page= inurl:& inurl:http site:example[.]com
⛔️SQLi Prone Parameters
inurl:id= | inurl:pid= | inurl:category= | inurl:cat= | inurl:action= | inurl:sid= | inurl:dir= inurl:& site:example[.]com
⛔️SSRF Prone Parameters
inurl:http | inurl:url= | inurl:path= | inurl:dest= | inurl:html= | inurl:data= | inurl:domain= | inurl:page= inurl:& site:example[.]com
⛔️LFI Prone Parameters
inurl:include | inurl:dir | inurl:detail= | inurl:file= | inurl:folder= | inurl:inc= | inurl:locate= | inurl:doc= | inurl:conf= inurl:& site:example[.]com
⛔️RCE Prone Parameters
inurl:cmd | inurl:exec= | inurl:query= | inurl:code= | inurl:do= | inurl:run= | inurl:read= | inurl:ping= inurl:& site:example[.]com
🔆 Credit- Mike Takashi
⛔️XSS prone parameters:
inurl:q= | inurl:s= | inurl:search= | inurl:query= | inurl:keyword= | inurl:lang= inurl:& site:example[.]com
⛔️Open Redirect prone parameters
inurl:url= | inurl:return= | inurl:next= | inurl:redirect= | inurl:redir= | inurl:ret= | inurl:r2= | inurl:page= inurl:& inurl:http site:example[.]com
⛔️SQLi Prone Parameters
inurl:id= | inurl:pid= | inurl:category= | inurl:cat= | inurl:action= | inurl:sid= | inurl:dir= inurl:& site:example[.]com
⛔️SSRF Prone Parameters
inurl:http | inurl:url= | inurl:path= | inurl:dest= | inurl:html= | inurl:data= | inurl:domain= | inurl:page= inurl:& site:example[.]com
⛔️LFI Prone Parameters
inurl:include | inurl:dir | inurl:detail= | inurl:file= | inurl:folder= | inurl:inc= | inurl:locate= | inurl:doc= | inurl:conf= inurl:& site:example[.]com
⛔️RCE Prone Parameters
inurl:cmd | inurl:exec= | inurl:query= | inurl:code= | inurl:do= | inurl:run= | inurl:read= | inurl:ping= inurl:& site:example[.]com
🔆 Credit- Mike Takashi
👍13❤4🔥4
Media is too big
VIEW IN TELEGRAM
🔖Hacking Kia: Remotely Controlling Cars With Just a License PlateNew writeup from Specters and Sam Curry: They were finally allowed to disclose a vulnerability reported to Kia that could have allowed an attacker to remotely control nearly all vehicles made after 2013, using only the license plate.
Full Blog: https://samcurry.net/hacking-kia
Full Blog: https://samcurry.net/hacking-kia
👍3❤2
https://leak.sx
http://scylla.sh
https://intelx.io
https://4iq.com
https://leaked.site
https://hashes.org
https://leakcheck.io
https://vigilante.pw
https://leakcheck.net
https://weleakinfo.to
https://leakcorp.com
https://leakpeek.com
https://rslookup.com
https://snusbase.com
https://ghostproject.fr
https://leakedsource.ru
https://leak-lookup.com
https://nuclearleaks.com
https://private-base.info
https://haveibeensold.app
https://breachchecker.com
https://dehashed.com
http://scatteredsecrets.com
https://haveibeenpwned.com
https://haveibeenpwned.com
https://services.normshield.com
https://joe.black/leakengine.html
Please open Telegram to view this post
VIEW IN TELEGRAM
leak.sx
Leak.sx | Homepage | best source for hacking tools.
Leak.sx - The best leaked accounts website, Homepage, free combo tool, ai image generator, roblox free roblox accounts, free membership for netflix,Minecraft account generator.
👍7❤4🔥3
Methods that no one tells u to find origin ip addresses!!!???
https://forums.cybershieldctf.com/search.php?action=results&sid=3e360b4b477968060184d73068b9f841
#bugbounty #bugbountytips
https://forums.cybershieldctf.com/search.php?action=results&sid=3e360b4b477968060184d73068b9f841
#bugbounty #bugbountytips
❤4👍1🔥1
Brut Security
Methods that no one tells u to find origin ip addresses!!!??? https://forums.cybershieldctf.com/search.php?action=results&sid=3e360b4b477968060184d73068b9f841 #bugbounty #bugbountytips
Usually CI CD integrations are not protected by wafs and reverse proxies, so if you find any small organization's gitlab, jenkin instance etc you'll often find configurations files (from wayback machine, previous commit too +a lot of ways) , they often leak some ip addresses
🔥3❤2👍1