你可能會喜歡
You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!
This is a nice resource on Bug Bounty notes and checklists: github.com/HolyBugx/HolyT…
Full Web App Checklist : 📓 - blog.hackxpert.com/2024/02/web-ap… #infosec #cybersec #bugbountytips
DAY 28/365 Tip : Modify account email to "[email protected]", application says "Email already registered"... Bypass using dot-notation ( this is where the vuln showed itself to me, haha ) Instead of using "[email protected]", try "[email protected]" ( with this…
Deep dive into Android Pentesting Covered everything from static & dynamic analysis, Frida, Drozer, SSL pinning bypass,and more If you're into mobile security, this one's packed with real-world scenarios & tools #mobilesecurity #androidapptesting coal-memory-97b.notion.site/Android-Pentes…
📌AI pentest scoping playbook devansh.bearblog.dev/ai-pentest-sco…
Nobody can memorize all XXE payloads/vectors. Use this payload list when testing for XXE vulnerabilities: github.com/payloadbox/xxe…
location-based WAF bypass techniques Tag Blending: <Svg OnLoad= location=textContent>JavaS<a>cript:al<a>ert(<a>1)// Template Literals: <Svg OnLoad= location=`Java${/S/.source}cript:alert${"\50"}1)`> Credit - @BRuteLogic
📂 Target: robots.txt + sitemap.xml 👀 What to look for: /admin_old/ /staging/ /backup/ Hidden API routes .env, .git, .bak files 🎯 Use found paths in: Fuzzing Bruteforce Hidden login discovery
Ultimate Reconnaissance + Port Mapping Methodology (Advanced) 1. Enumerate all the domains+subdomains `$ amass enum -ip -d <domain>` 2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt. `$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…
![TheMsterDoctor1's tweet image. Ultimate Reconnaissance + Port Mapping Methodology (Advanced)
1. Enumerate all the domains+subdomains
`$ amass enum -ip -d &lt;domain&gt;`
2. Extract the hosts from the Amass file, to create a file named hosts-amass.txt.
`$ cat amass_output/amass.txt | cut -d']' -f 2 | awk…](https://pbs.twimg.com/media/GoUWKW3XgAAtFWw.jpg)
United States 趨勢
- 1. Vanity Fair 27.9K posts
- 2. Susie Wiles 68.1K posts
- 3. Mick Foley 22.6K posts
- 4. Raphinha 33.9K posts
- 5. Disclosure Day 14.9K posts
- 6. Spielberg 20.2K posts
- 7. Brad Johnson N/A
- 8. Michelea Ponce 8,143 posts
- 9. Bellingham 24K posts
- 10. langdon 2,412 posts
- 11. Alan Jackson N/A
- 12. Doug Williams N/A
- 13. My Fellow Americans 1,242 posts
- 14. Unemployment 54.4K posts
- 15. CSC Academic All-District N/A
- 16. Chief of Staff 42.3K posts
- 17. Allen Lazard 1,219 posts
- 18. Emily Blunt 5,535 posts
- 19. #csm223 6,043 posts
- 20. Clapper 14.8K posts
你可能會喜歡
Something went wrong.
Something went wrong.