Dark@Joker:~$
@ExploitNest
CRTA | CAP | OSCP (Aspirant) - Pentration Tester & Bug Hunter - Red Teamer 🤡
คุณอาจชื่นชอบ
Nobody can memorize all XXE payloads/vectors. Use this payload list when testing for XXE vulnerabilities: github.com/payloadbox/xxe…
location-based WAF bypass techniques Tag Blending: <Svg OnLoad= location=textContent>JavaS<a>cript:al<a>ert(<a>1)// Template Literals: <Svg OnLoad= location=`Java${/S/.source}cript:alert${"\50"}1)`> Credit - @BRuteLogic
📂 Target: robots.txt + sitemap.xml 👀 What to look for: /admin_old/ /staging/ /backup/ Hidden API routes .env, .git, .bak files 🎯 Use found paths in: Fuzzing Bruteforce Hidden login discovery
Ultimate Reconnaissance + Port Mapping Methodology (Advanced) 1. Enumerate all the domains+subdomains `$ amass enum -ip -d <domain>` 2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt. `$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…
![TheMsterDoctor1's tweet image. Ultimate Reconnaissance + Port Mapping Methodology (Advanced)
1. Enumerate all the domains+subdomains
`$ amass enum -ip -d &lt;domain&gt;`
2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt.
`$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…](https://pbs.twimg.com/media/GoUWKW3XgAAtFWw.jpg)
United States เทรนด์
- 1. Happy Halloween 706K posts
- 2. Dolphins 39.6K posts
- 3. YouTube TV 46.4K posts
- 4. Ryan Rollins 11.8K posts
- 5. Ravens 55.1K posts
- 6. #SinisterMinds 5,424 posts
- 7. Mike McDaniel 4,947 posts
- 8. Lamar 51.4K posts
- 9. Talbot N/A
- 10. Derrick Henry 5,463 posts
- 11. Mary Ann N/A
- 12. YTTV N/A
- 13. #DBX4 1,741 posts
- 14. Hulu 18.6K posts
- 15. Achane 4,776 posts
- 16. #RHOC 3,301 posts
- 17. Corey Perry N/A
- 18. UTSA 3,657 posts
- 19. #TNFonPrime 2,963 posts
- 20. #PorVida 1,914 posts
คุณอาจชื่นชอบ
Something went wrong.
Something went wrong.