Termux All Command [Telegram Group]

Bug Bounty Reminder Don't forget about the <math> element for XSS WAF bypass on Firefox browser. <math> <xss href="javascript:alert(31337)"> Click Me </xss> </math> The <math> can make any HTML element clickable within it. #bugbountytips #bughunting #bugbounty Bug Bounty Brigade - Global Hacking Community #xss

Find Website IP with Favicon Hash: Paypal Sample link: https://lnkd.in/d3icxrGa 1. install this tool https://lnkd.in/dHaWNtii git clone https://lnkd.in/dJKpyVQv cd MurMurHash pip install -r requirements.txt python MurMurHash.py 2. Extract the hash value python3 MurMurHash.py paypal.com 3. open https://www.shodan.io/) and search this http.favicon.hash:<hash>

🌟Subdominator🌟 is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. 📥 https://github.com/sanjai-AK47/Subdominator

☑️ TOP 10 PHISHING TOOLS TO USE IN 2024 Setoolkit - https://github.com/trustedsec/social-engineer-toolkit SocialFish - https://github.com/UndeadSec/SocialFish HiddenEye - https://github.com/DarkSecDevelopers/HiddenEye-Legacy Evilginx2 - https://github.com/kgretzky/evilginx SeeYou - (Get Location using phishing attack) - https://github.com/Viralmaniar/I-See-You SayCheese - (Grab target's Webcam Shots) - https://github.com/hangetzzu/saycheese QR Code Jacking - https://github.com/cryptedwolf/ohmyqr ShellPhish - https://github.com/An0nUD4Y/shellphish BlackPhish - https://github.com/iinc0gnit0/BlackPhish

GTFONow | Made PrivEsc More Easy!!🔥 Automatic privilege escalation on unix systems by exploiting misconfigured setuid/setgid binaries, capabilities and sudo permissions. Designed for CTFs but also applicable in real world pentests. https://github.com/Frissi0n/GTFONow

XSS IN IMAGE UPLOAD WHAT IS IT? Injecting malicious JavaScript code that is executed on a website WHY IN IMAGE UPLOAD? Image metadata and rendering is often overlooked by developers, you can inject XSS payloads in image filename & metadata HOW TO DO IT? Here are your three general options: ** XSS in image nameEx: Upload image with name "><img src=x onerror=alert(1)>.png ** XSS in image metadataEx: Add XSS payload in your image payloadCommand: exiftool -Comment='"><img src=x onerror=alert(1)>' IMAGE.pngInstall: https://exiftool.org/install.html ** XSS in SVG fileWeb applications often allow SVG upload, use this SVG file:https://gist.github.com/rudSarkar/76f1ce7a65c356a5cd71d058ab76a34

403 Bypass 77 ways

Bug Bounty Intercept the request and change the method to Delete. This will delete the 2fa page and hence the attacker will get the access of the account without OTP. #bugbounty #globalhackers

Does 403 always have a bypass? And what are the techniques you used for bypassing? I followed this sometimes: https://lnkd.in/g2eUNgfH

⚙️🌐🔐 Website Hacking, Penetration Testing & Bug Bounty Hunting Resources 🔍🔓 🚨 SHARE MAYBE SOMEONE NEED IT 🚨 Acquire skills in Bug Bounty to detect and report system vulnerabilities proactively, preventing potential exploitation by cybercriminals. Access the download link here: 🔗 https://lnkd.in/dv6x3BKR

Advance web hacking course👇 https://lnkd.in/dWT2GSXh

🐛 Bug Bounty Resources 🛡️ 🚨 SHARE MAYBE SOMEONE NEED IT 🚨 Acquire skills in Bug Bounty to detect and report system vulnerabilities proactively, preventing potential exploitation by cybercriminals. Access the download link here: 🔗 https://lnkd.in/dRBaf6mX