NEW BOT Телеграм, страница - 687578833

Bugbounty Tips

@rootdr_research

2.92K subscribers

84 photos

6 videos

13 files

92 links

research and sharing in cybersecurity

Download Telegram

About

Blog

Apps

Platform

2.92K subscribers

https://nullsecurityx.codes/cve-2025-49113-roundcube-rce

https://news.1rj.ru/str/rootdr_research

❤7✍1

4.44K viewsedited 22:28

This media is not supported in your browser

VIEW IN TELEGRAM

6🤣54❤2

2.42K views08:54

https://medium.com/@skycer_00/full-blown-ssrf-to-gain-access-to-millions-of-users-records-and-multiple-internal-panels-3719d9b802e9

Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels

This write-up details an SSRF vulnerability that allowed unauthorized access to millions of sensitive data and internal services.

❤9

2.77K views19:46

https://x.com/sardar0x1/status/1978219086065627488?t=4YZ4ZoyC4bMV_bsRdbRkeA&s=35

X (formerly Twitter)

Sardar (@sardar0x1) on X

RCE Bug On T-Mobile's Custom Header

Vulnerable Header:
X-Export-Format: pdf ; Payload

Tip:
Always test your payloads on custom headers, as the header may be vulnerable, as in this case
#BugBounty #bugbountytips #redteam #cybersecurity #Developers #pentest

👍1

1.82K views00:01

https://x.com/sardar0x1/status/1978219086065627488?t=4YZ4ZoyC4bMV_bsRdbRkeA&s=35

This scenario applies to features such as exporting data, generating reports, converting data, and similar functions.
If the server-side creates a file with the requested extension or returns it as an output, this constitutes a good test case and should be tested accordingly.
Note: Do not restrict the test case or payloads to Remote Code Execution (RCE) attacks only.

https://news.1rj.ru/str/rootdr_research

research and sharing in cybersecurity

❤1

2.04K views00:11

https://github.com/h4x0r-dz/CVE-2025-64095---DNN-Unauthenticated-arbitrary-file-upload

GitHub - h4x0r-dz/CVE-2025-64095---DNN-Unauthenticated-arbitrary-file-upload: POC of DNN Insufficient Access Control - Image Upload…

POC of DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite - h4x0r-dz/CVE-2025-64095---DNN-Unauthenticated-arbitrary-file-upload

❤3

2.99K views09:01

Forwarded from Code Review

#نگاه_نفوذگر_قسمت_6
تو این قسمت لابراتوری رو حل میکنیم که میتونیم با استفاده از آپلود فایل هایی که متادیتا دارن به XSS برسیم.

YouTube:
https://www.youtube.com/watch?v=7O5zwcPzWFw

Github:
https://github.com/maverick0o0/RealWorld-Labs/tree/main/Metadata-XSS

فیدبک های شما خیلی میتونه تو این مسیر کمک کنه پس منتظر فیدبکاتون هستم.

👏9❤3

1.5K views18:34

Forwarded from Offensive Security

Opsec C2 iceberg

@GoSecurity

❤5🔥1

1.93K views20:11

Bugdasht CTB

👏26❤7🔥4👎1

2.72K views20:09

🤣25🔥2👀2👎1

2.42K viewsedited 20:57

https://github.com/rootdr-backup/exbackup

GitHub - rootdr-backup/exbackup

Contribute to rootdr-backup/exbackup development by creating an account on GitHub.

❤6👎2

2.5K views17:23

Forwarded from 𝑬𝒓𝒇𝒂𝒏 𝑻𝒂𝒗𝒂𝒌𝒐𝒍𝒊 ⁪⁬⁮⁮⁮⁮

https://news.1rj.ru/str/CodeReview0o0/90

#نگاه_نفوذگر_قسمت_8
تو این قسمت یه نگاه عمیق میکنیم به RCE که داخل Nextjs و React اتفاق افتاده و باهم به صورت کامل و تکنیکال بررسی میکنیم که این RCE چجوری اتفاق افتاده.
بررسی کد آسیب پذیر Next js و React + تست روی لابراتو + توضیح نحوه عملکرد PoC ها و ...…

❤4

1.37K views17:18

https://mobsf.live/

🙏7🤣1

733 views13:01