Advanced SQL Injection Cheatsheet
This repository contains a advanced methodology of all types of SQL Injection.
• Find injection point
• Understand the website behaviour
• Send queries for enumeration
• Understanding WAF & bypass it
• Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
This repository contains a advanced methodology of all types of SQL Injection.
• Find injection point
• Understand the website behaviour
• Send queries for enumeration
• Understanding WAF & bypass it
• Dump the database
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#infosec #pentesting #bugbounty
❤🔥4👍1
Bug Bounty Beginner's Roadmap
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
https://github.com/bittentech/Bug-Bounty-Beginner-Roadmap
#bugbounty #pentesting #infosec
❤🔥5🔥2
wpfinger
WordPress scanning tool.
• Core version detection
• Plugin scanning through fingerprinting
• Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
WordPress scanning tool.
• Core version detection
• Plugin scanning through fingerprinting
• Vulnerability output, using database from Wordfence
https://github.com/LeakIX/wpfinger
#pentesting #redteam #bugbounty
👍2🔥1
BLACKHAT_Asia2023
Just About BLACKHAT USA2022 PDF Public. File List, Search what your intersting.
https://github.com/Mr-xn/BLACKHAT_Asia2023
#infosec #pentesting #redteam
Just About BLACKHAT USA2022 PDF Public. File List, Search what your intersting.
https://github.com/Mr-xn/BLACKHAT_Asia2023
#infosec #pentesting #redteam
👍1
RedCaddy
C2 redirector base on caddy.
• Block IP by GEOIP country
• Allow requests by header matcher
• User-agent & IP blacklist
• Support multiple redirection
• TeamServer port warden
https://github.com/XiaoliChan/RedCaddy
#infosec #pentesting #redteam
C2 redirector base on caddy.
• Block IP by GEOIP country
• Allow requests by header matcher
• User-agent & IP blacklist
• Support multiple redirection
• TeamServer port warden
https://github.com/XiaoliChan/RedCaddy
#infosec #pentesting #redteam
GitHub
GitHub - XiaoliChan/RedCaddy: C2 redirector base on caddy
C2 redirector base on caddy. Contribute to XiaoliChan/RedCaddy development by creating an account on GitHub.
🔥1
Best Online MD5 Encryption & Decryption Tools
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
https://trickypenguin.ink/best-online-md5-encryption-decryption-tools/
@trickypenguin
#pentesting #cryptography
👍3🔥3❤1
Logger++
A multithreaded logging extension for #BurpSuite. In addition to logging requests and responses from all Burp Suite tools, the extension allows advanced filters to be defined to highlight interesting entries or filter logs to only those which match the filter.
https://github.com/nccgroup/LoggerPlusPlus
#infosec #pentesting #bugbounty
A multithreaded logging extension for #BurpSuite. In addition to logging requests and responses from all Burp Suite tools, the extension allows advanced filters to be defined to highlight interesting entries or filter logs to only those which match the filter.
https://github.com/nccgroup/LoggerPlusPlus
#infosec #pentesting #bugbounty
GitHub
GitHub - nccgroup/LoggerPlusPlus: Advanced Burp Suite Logging Extension
Advanced Burp Suite Logging Extension. Contribute to nccgroup/LoggerPlusPlus development by creating an account on GitHub.
👍3🔥1
Top25 Parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual #recon.
https://github.com/lutfumertceylan/top25-parameter
#infosec #pentesting #bugbounty
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual #recon.
https://github.com/lutfumertceylan/top25-parameter
#infosec #pentesting #bugbounty
GitHub
GitHub - lutfumertceylan/top25-parameter: For basic researches, top 25 vulnerability parameters that can be used in automation…
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙 - lutfumertceylan/top25-parameter
🔥2
x8
Hidden parameters discovery suite written in Rust.
The tool aids in identifying hidden parameters that could potentially be vulnerable or reveal interesting functionality that may be missed by other testers. Its high accuracy is achieved through line-by-line comparison of pages, comparison of response codes, and reflections.
https://github.com/Sh1Yo/x8
#infosec #pentesting #bugbounty
Hidden parameters discovery suite written in Rust.
The tool aids in identifying hidden parameters that could potentially be vulnerable or reveal interesting functionality that may be missed by other testers. Its high accuracy is achieved through line-by-line comparison of pages, comparison of response codes, and reflections.
https://github.com/Sh1Yo/x8
#infosec #pentesting #bugbounty
🔥1
Red Teaming & Pentesting checklists for various engagements
Even though, a penetration test is a creative process most people maintain private checklists to ensure that they will not forget to test networks, systems and applications against various scenarios and maintain the overall quality of the assessment.
https://github.com/netbiosX/Checklists
infosec #pentesting #redteam
Even though, a penetration test is a creative process most people maintain private checklists to ensure that they will not forget to test networks, systems and applications against various scenarios and maintain the overall quality of the assessment.
https://github.com/netbiosX/Checklists
infosec #pentesting #redteam
Bug Bounty scripts
The scripts I write to help me on my bug bounty hunting.
https://github.com/victoni/Bug-Bounty-Scripts
#infosec #pentesting #bugbounty
The scripts I write to help me on my bug bounty hunting.
https://github.com/victoni/Bug-Bounty-Scripts
#infosec #pentesting #bugbounty
🔥1
toxssin
Penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).
This project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an XSS vulnerability may introduce by using vanilla JavaScript, trusted certificates and cheap tricks.
https://github.com/t3l3machus/toxssin
#infosec #pentesting #redteam
Penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).
This project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an XSS vulnerability may introduce by using vanilla JavaScript, trusted certificates and cheap tricks.
https://github.com/t3l3machus/toxssin
#infosec #pentesting #redteam
👍4
SQLi Queries Generator Online
https://trickypenguin.ink/sqli-queries-generator/
@trickypenguin.ink
@trickypenguin
#sqli #pentesting #tools
https://trickypenguin.ink/sqli-queries-generator/
@trickypenguin.ink
@trickypenguin
#sqli #pentesting #tools
❤7❤🔥1🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
HBSQLI
Automated tool for testing header based blind sql injection.
https://github.com/SAPT01/HBSQLI
#infosec #pentesting #bugbounty
Automated tool for testing header based blind sql injection.
https://github.com/SAPT01/HBSQLI
#infosec #pentesting #bugbounty
❤🔥1❤1
ADHunt v2.0
A tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.
https://github.com/Auto19/ADHunt
#infosec #pentesting #redteam
A tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.
https://github.com/Auto19/ADHunt
#infosec #pentesting #redteam
IAMActionHunter
IAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.
https://github.com/RhinoSecurityLabs/IAMActionHunter
#cybersecurity #infosec #pentesting
IAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.
https://github.com/RhinoSecurityLabs/IAMActionHunter
#cybersecurity #infosec #pentesting
💠 Unshackle
Open-source tool to bypass windows and linux passwords from bootable usb.
https://github.com/Fadi002/unshackle
#infosec #pentesting #redteam
Open-source tool to bypass windows and linux passwords from bootable usb.
https://github.com/Fadi002/unshackle
#infosec #pentesting #redteam
Let's talk about Advanced Persistent Threats differently and beginner-friendly!
Read here: https://blog.hackerinthehouse.in/a-comprehensive-guide-to-apt/
#cybersecurity #apt #threat #pentesting #bugbounty #hacking #ethicalhacking #infosec
Read here: https://blog.hackerinthehouse.in/a-comprehensive-guide-to-apt/
#cybersecurity #apt #threat #pentesting #bugbounty #hacking #ethicalhacking #infosec
HITH Blog - Hackerinthehouse - Learn, Contribute, Conquer
A Comprehensive Guide to APT - HITH Blog - Hackerinthehouse
Advanced persistent threats (APTs) are elite hacker groups that leverage sophisticated malware, zero-days, and relentless tactics to breach major targets.
❤3👍1