ββWeb application pentesting checklist
A OWASP Based Checklist With 500+ Test Cases.
https://github.com/Hari-prasaanth/Web-App-Pentest-Checklist
#infosec #pentesting #bugbounty
A OWASP Based Checklist With 500+ Test Cases.
https://github.com/Hari-prasaanth/Web-App-Pentest-Checklist
#infosec #pentesting #bugbounty
π₯1
ββTeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts.
https://github.com/Flangvik/TeamFiltration
#pentesting #redteam #bugbounty
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts.
https://github.com/Flangvik/TeamFiltration
#pentesting #redteam #bugbounty
GitHub
GitHub - Flangvik/TeamFiltration: TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooringβ¦
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts - Flangvik/TeamFiltration
β€βπ₯4β€1
Cross-site scripting is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users.
Read full Article >>
bit.ly/cross-sites-cripting
#bugbounty #pentesting
Read full Article >>
bit.ly/cross-sites-cripting
#bugbounty #pentesting
β€βπ₯3π₯3π1
ββNuclear Pond
Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
https://github.com/DevSecOpsDocs/nuclearpond
#infosec #pentesting #bugbounty
Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
https://github.com/DevSecOpsDocs/nuclearpond
#infosec #pentesting #bugbounty
π₯4π1
What's SQL injection & SQLi attack examples & How to prevent it.
SQLi, or SQL Injection, is a type of code injection technique where an attacker injects malicious code into a websiteβs SQL database through user input fields. It is one of the most common web application exploiting techniques.
Read full Article
bit.ly/sql-injections-and-preventions
#pentesting #bugbounty #sqli
@trickypenguin
SQLi, or SQL Injection, is a type of code injection technique where an attacker injects malicious code into a websiteβs SQL database through user input fields. It is one of the most common web application exploiting techniques.
Read full Article
bit.ly/sql-injections-and-preventions
#pentesting #bugbounty #sqli
@trickypenguin
π₯4β€βπ₯3π1
ββuncover
A go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools.
https://github.com/projectdiscovery/uncover
#OSINT #recon #bugbounty
A go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools.
https://github.com/projectdiscovery/uncover
#OSINT #recon #bugbounty
π7
ββAdvanced SQL Injection Cheatsheet
This repository contains a advanced methodology of all types of SQL Injection.
β’ Find injection point
β’ Understand the website behaviour
β’ Send queries for enumeration
β’ Understanding WAF & bypass it
β’ Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
This repository contains a advanced methodology of all types of SQL Injection.
β’ Find injection point
β’ Understand the website behaviour
β’ Send queries for enumeration
β’ Understanding WAF & bypass it
β’ Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
β€βπ₯4π1
Bug Bounty Beginner's Roadmap
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
β€βπ₯5π₯2
ββwpfinger
WordPress scanning tool.
β’ Core version detection
β’ Plugin scanning through fingerprinting
β’ Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
WordPress scanning tool.
β’ Core version detection
β’ Plugin scanning through fingerprinting
β’ Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
π2π₯1
ββLogger++
A multithreaded logging extension for #BurpSuite. In addition to logging requests and responses from all Burp Suite tools, the extension allows advanced filters to be defined to highlight interesting entries or filter logs to only those which match the filter.
https://github.com/nccgroup/LoggerPlusPlus
#infosec #pentesting #bugbounty
A multithreaded logging extension for #BurpSuite. In addition to logging requests and responses from all Burp Suite tools, the extension allows advanced filters to be defined to highlight interesting entries or filter logs to only those which match the filter.
https://github.com/nccgroup/LoggerPlusPlus
#infosec #pentesting #bugbounty
GitHub
GitHub - nccgroup/LoggerPlusPlus: Advanced Burp Suite Logging Extension
Advanced Burp Suite Logging Extension. Contribute to nccgroup/LoggerPlusPlus development by creating an account on GitHub.
π3π₯1
ββTop25 Parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual #recon.
https://github.com/lutfumertceylan/top25-parameter
#infosec #pentesting #bugbounty
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual #recon.
https://github.com/lutfumertceylan/top25-parameter
#infosec #pentesting #bugbounty
GitHub
GitHub - lutfumertceylan/top25-parameter: For basic researches, top 25 vulnerability parameters that can be used in automationβ¦
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§ - lutfumertceylan/top25-parameter
π₯2
ββx8
Hidden parameters discovery suite written in Rust.
The tool aids in identifying hidden parameters that could potentially be vulnerable or reveal interesting functionality that may be missed by other testers. Its high accuracy is achieved through line-by-line comparison of pages, comparison of response codes, and reflections.
https://github.com/Sh1Yo/x8
#infosec #pentesting #bugbounty
Hidden parameters discovery suite written in Rust.
The tool aids in identifying hidden parameters that could potentially be vulnerable or reveal interesting functionality that may be missed by other testers. Its high accuracy is achieved through line-by-line comparison of pages, comparison of response codes, and reflections.
https://github.com/Sh1Yo/x8
#infosec #pentesting #bugbounty
π₯1
ββBug Bounty scripts
The scripts I write to help me on my bug bounty hunting.
https://github.com/victoni/Bug-Bounty-Scripts
#infosec #pentesting #bugbounty
The scripts I write to help me on my bug bounty hunting.
https://github.com/victoni/Bug-Bounty-Scripts
#infosec #pentesting #bugbounty
π₯1
ββJs Finding
A Python tool for extracting JavaScript (JS) files from a given list of domains. This tool utilizes various utilities such as waybackurls, gauplus, and subjs to perform JS file extraction from the specified domains.
https://github.com/pikpikcu/js-finding
#infosec #redteam #bugbounty
A Python tool for extracting JavaScript (JS) files from a given list of domains. This tool utilizes various utilities such as waybackurls, gauplus, and subjs to perform JS file extraction from the specified domains.
https://github.com/pikpikcu/js-finding
#infosec #redteam #bugbounty
β€1
This media is not supported in your browser
VIEW IN TELEGRAM
ββHBSQLI
Automated tool for testing header based blind sql injection.
https://github.com/SAPT01/HBSQLI
#infosec #pentesting #bugbounty
Automated tool for testing header based blind sql injection.
https://github.com/SAPT01/HBSQLI
#infosec #pentesting #bugbounty
β€βπ₯1β€1
To find information disclosure vulnerabilities change the headers
- Change the Accept header to:
- Also trying sending null byte like
GET /%00
If error handling is not done properly, reveals server version information, stack and route information
#bugbounty #bugbountytip
- Change the Accept header to:
- Also trying sending null byte like
GET /%00
If error handling is not done properly, reveals server version information, stack and route information
#bugbounty #bugbountytip
β€2
CSP-bypass techniques βοΈ
https://bhavesh-thakur.medium.com/content-security-policy-csp-bypass-techniques-e3fa475bfe5d
#bugbounty #bugbountytips
https://bhavesh-thakur.medium.com/content-security-policy-csp-bypass-techniques-e3fa475bfe5d
#bugbounty #bugbountytips
β€βπ₯2
The Ultimate Guide to Vulnerability Scanning
Read here: https://blog.hackerinthehouse.in/the-ultimate-guide-to-vulnerability-scanning/
#vulnerability #vulnerabilityassessment #vulnerabilityscanning #cybersecurity #infosec #penetrationtesting #bugbounty
Read here: https://blog.hackerinthehouse.in/the-ultimate-guide-to-vulnerability-scanning/
#vulnerability #vulnerabilityassessment #vulnerabilityscanning #cybersecurity #infosec #penetrationtesting #bugbounty
HITH Blog - Hackerinthehouse - Learn, Contribute, Conquer
The Ultimate Guide to Vulnerability Scanning - HITH Blog - Hackerinthehouse
Vulnerability scanning is the practice of systematically identifying weaknesses, flaws, or vulnerabilities in a digital system or network.
π3π₯3β€1
Let's talk about Advanced Persistent Threats differently and beginner-friendly!
Read here: https://blog.hackerinthehouse.in/a-comprehensive-guide-to-apt/
#cybersecurity #apt #threat #pentesting #bugbounty #hacking #ethicalhacking #infosec
Read here: https://blog.hackerinthehouse.in/a-comprehensive-guide-to-apt/
#cybersecurity #apt #threat #pentesting #bugbounty #hacking #ethicalhacking #infosec
HITH Blog - Hackerinthehouse - Learn, Contribute, Conquer
A Comprehensive Guide to APT - HITH Blog - Hackerinthehouse
Advanced persistent threats (APTs) are elite hacker groups that leverage sophisticated malware, zero-days, and relentless tactics to breach major targets.
β€3π1
This media is not supported in your browser
VIEW IN TELEGRAM
Mark your calendar and Get Ready. Something really cool is Coming Soon this June!
Will be exclusively announced on "Nerd Plugin": https://connect.hackerinthehouse.in
#hacker #cybersecurity #announcement #bugbounty #pentest #penetrationtesting #bughunting #redteam #redteaming #security #informationsecurity #infosec #hackerinthehouse #hith
Will be exclusively announced on "Nerd Plugin": https://connect.hackerinthehouse.in
#hacker #cybersecurity #announcement #bugbounty #pentest #penetrationtesting #bughunting #redteam #redteaming #security #informationsecurity #infosec #hackerinthehouse #hith