Termux All Command [Telegram Group]

How to add Burp Suite PROXY SERVER in Firefox

Bug Bounty Secret Tip of The Night :- use xargs with gau to scan bulk domains without losing speed. Use This:- xargs -a alive.txt -I@ sh -c 'gau --blacklist css,jpg,jpeg,JPEG,ott,svg,js,ttf,png,woff2,woff,eot,gif "@"' | tee -a gau.txt instead of :- gau example.com --subs explanation of the code:- xargs will take first line of the alive.txt then pass it to gau print the output and save it to gau.txt and after the first line it will repeat itself till the last line it will be really helpful hope this helps. some other day I'll share it how to create an alias to shorten the code so you don't have to remember it :) #knowledge_over_Certificates #knowledge #cybersecurity #bugbounty #bugbountytips #knowledgesharing

🖥 100 Web Vulnerabilities, categorized into various types : 😀 ⚡️ Injection Vulnerabilities: 1. SQL Injection (SQLi) 2. Cross-Site Scripting (XSS) 3. Cross-Site Request Forgery (CSRF) 4. Remote Code Execution (RCE) 5. Command Injection 6. XML Injection 7. LDAP Injection 8. XPath Injection 9. HTML Injection 10. Server-Side Includes (SSI) Injection 11. OS Command Injection 12. Blind SQL Injection 13. Server-Side Template Injection (SSTI) ⚡️ Broken Authentication and Session Management: 14. Session Fixation 15. Brute Force Attack 16. Session Hijacking 17. Password Cracking 18. Weak Password Storage 19. Insecure Authentication 20. Cookie Theft 21. Credential Reuse ⚡️ Sensitive Data Exposure: 22. Inadequate Encryption 23. Insecure Direct Object References (IDOR) 24. Data Leakage 25. Unencrypted Data Storage 26. Missing Security Headers 27. Insecure File Handling ⚡️ Security Misconfiguration: 28. Default Passwords 29. Directory Listing 30. Unprotected API Endpoints 31. Open Ports and Services 32. Improper Access Controls 33. Information Disclosure 34. Unpatched Software 35. Misconfigured CORS 36. HTTP Security Headers Misconfiguration ⚡️ XML-Related Vulnerabilities: 37. XML External Entity (XXE) Injection 38. XML Entity Expansion (XEE) 39. XML Bomb ⚡️ Broken Access Control: 40. Inadequate Authorization 41. Privilege Escalation 42. Insecure Direct Object References 43. Forceful Browsing 44. Missing Function-Level Access Control ⚡️ Insecure Deserialization: 45. Remote Code Execution via Deserialization 46. Data Tampering 47. Object Injection ⚡️ API Security Issues: 48. Insecure API Endpoints 49. API Key Exposure 50. Lack of Rate Limiting 51. Inadequate Input Validation ⚡️ Insecure Communication: 52. Man-in-the-Middle (MITM) Attack 53. Insufficient Transport Layer Security 54. Insecure SSL/TLS Configuration 55. Insecure Communication Protocols ⚡️ Client-Side Vulnerabilities: 56. DOM-based XSS 57. Insecure Cross-Origin Communication 58. Browser Cache Poisoning 59. Clickjacking 60. HTML5 Security Issues ⚡️ Denial of Service (DoS): 61. Distributed Denial of Service (DDoS) 62. Application Layer DoS 63. Resource Exhaustion 64. Slowloris Attack 65. XML Denial of Service ⚡️ Other Web Vulnerabilities: 66. Server-Side Request Forgery (SSRF) 67. HTTP Parameter Pollution (HPP) 68. Insecure Redirects and Forwards 69. File Inclusion Vulnerabilities 70. Security Header Bypass 71. Clickjacking 72. Inadequate Session Timeout 73. Insufficient Logging and Monitoring 74. Business Logic Vulnerabilities 75. API Abuse ⚡️ Mobile Web Vulnerabilities: 76. Insecure Data Storage on Mobile Devices 77. Insecure Data Transmission on Mobile Devices 78. Insecure Mobile API Endpoints 79. Mobile App Reverse Engineering ⚡️ IoT Web Vulnerabilities: 80. Insecure IoT Device Management 81. Weak Authentication on IoT Devices 82. IoT Device Vulnerabilities ⚡️ Web of Things (WoT) Vulnerabilities: 83. Unauthorized Access to Smart Homes 84. IoT Data Privacy Issues ⚡️ Authentication Bypass: 85. Insecure "Remember Me" Functionality 86. CAPTCHA Bypass ⚡️ Server-Side Request Forgery (SSRF): 87. Blind SSR 88. Time-Based Blind SSRF ⚡️ Content Spoofing: 89. MIME Sniffing 90. X-Content-Type-Options Bypass 91. Content Security Policy (CSP) Bypass ⚡️ Business Logic Flaws: 92. Inconsistent Validation 93. Race Conditions 94. Order Processing Vulnerabilities 95. Price Manipulation 96. Account Enumeration 97. User-Based Flaws ⚡️ Zero-Day Vulnerabilities: 98. Unknown Vulnerabilities 99. Unpatched Vulnerabilities 100. Day-Zero Exploits

[ Simple url bypass (401 / 403) ] ;%2f..%2f..%2f 🔥

We've been using this for while to actively monitory new CVE's that are being published, exploited and getting reported to make informed decisions for CVEs to go after for our research team, similarly it can be used to prioritize diffreent workflow depending on what CVE's means for your use case! Today, we are publishing CVEMap to easily query, browse and search through CVE and multiple datapoints associated with it, let me what you think about it or what could be done to improve this further? Read the release blog here - https://lnkd.in/gmA-_PEp GitHub project - https://lnkd.in/gBdsDfXA #release #opensource #cvemap

#SQLMAP update and install sudo apt install --only-upgrade sqlmap pip install --upgrade sqlmap

⚠️You must include this wordlist in your arsenal. During eight years of practice as a penetration tester, I had the privilege of working with Lotus Domino web servers on several occasions. Through this exposure, I gained an extraordinary understanding of its servers and their behavior, which allowed me to compile my own custom-designed wordlist to identify weaknesses particularly for Lotus Domino web servers. This wordlist played a big role in my journey and its key contribution ensured me significant security bonuses exceeding $1,000. Wordlist: https://lnkd.in/eSptd7b7 Ffuf: ffuf -w 'lotus_domino.txt' -u https://[TARGET:PORT]/FUZZ -H 'User-Agent: Googlebot/2.1 (+https://lnkd.in/eKMwfRZ3)' -ac -mc 200 This could uncover critical vulnerabilities, particularly when files such as 'names.nsf' and 'domcfg.nsf/all' return a 200 response code. Best of luck with your fuzzing endeavors! #BugBountyTips

Apna College complete ALPHA COURSE. Total section 50 GOOGLE DRIVE LiNK : https://drive.google.com/drive/folders/16d5xKEMcTuDAm4-S-T7mNAB6uaEeiTsF

ffuf json file to extract link ::

2FA Bypass techniques: 🍀🔥 1. Response Manipulation In response if "success":false Change it to "success":true 2. Status Code Manipulation If Status Code is 4xx Try to change it to 200 OK and see if it bypass restrictions 3. 2FA Code Leakage in Response Check the response of the 2FA Code Triggering Request to see if the code is leaked. 4.JS File Analysis Rare but some JS Files may contain info about the 2FA Code, worth giving a shot 5.2FA Code Reusability Same code can be reused 6.Lack of Brute-Force Protection Possible to brute-force any length 2FA Code 7.Missing 2FA Code Integrity Validation Code for any user account can be used to bypass the 2FA 8.CSRF on 2FA Disabling No CSRF Protection on disabling 2FA, also there is no auth confirmation 9. Password Reset Disable 2FA 2FA gets disabled on password change/email change 10.Backup Code Abuse Bypassing 2FA by abusing the Backup code feature Use the above mentioned techniques to bypass Backup Code to remove/reset 2FA reset restrictions 11.Clickjacking on 2FA Disabling Page Iframing the 2FA Disabling page and social engineering victim to disable the 2FA 12.Iframing the 2FA Disabling page and social engineering victim to disable the 2FA If the session is already hijacked and there is a session timeout vulnerbility 13.Bypass 2FA with null or 000000 Enter the code 000000 or null to bypass 2FA protection. Steps:- 1. Enter “null” in 2FA code 2. Enter 000000 in 2FA code 3. Send empty code - Someone found this in grammarly 4. Open new tab in same browser and check if other API endpoints are accessible without entering 2FA 14. Google Authenticator Bypass Steps:- 1) Set-up Google Authenticator for 2FA 2) Now, 2FA is enabled 3) Go on password reset page and change your password 4) If you are website redirect you to your dashboard then 2FA (Google Authenticator) is bypassed 15. Bypassing OTP in registration forms by repeating the form submission multiple times using repeater Steps :- 1) Create an account with a non-existing phone number 2) Intercept the Request in BurpSuite 3) Send the request to the repeater and forward 4) Go to Repeater tab and change the non-existent phone number to your phone number 5) If you got an OTP to your phone, try using that OTP to register that non-existent number Collected

🧵 Complete Cybersecurity Professional Roadmap 🧵 1. Introduction to Ethical Hacking - Definition - Purpose - Types of Hackers - Legal and Ethical Considerations 2. Networking Basics - TCP/IP - OSI Model - Subnetting - DNS - DHCP 3. Operating Systems - Linux - Windows - macOS - Command Line Basics 4. Cybersecurity Fundamentals - Encryption - Firewalls - Antivirus - IDS/IPS 5. Programming Languages - Python - Javascript - Bash Scripting - SQL - C/ C++/ Java/ Ruby 6. Scanning and Enumeration - Port Scanning - Service Enumeration - Vulnerability Scanning 7. Exploitation - Common Vulnerabilities and Exploits - Metasploit Framework - Buffer Overflows 8. Web Application Security - OWASP Top Ten - SQL Injection - Cross-Site Scripting (XSS) 9. Wireless Network Hacking - Wi-Fi Security - WEP, WPA, WPA2 - Wireless Attacks 10. Social Engineering - Phishing - Spear Phishing - Social Engineering Toolkit (SET) 11. Sniffing and Spoofing - Man-in-the-Middle Attacks - ARP Spoofing - DNS Spoofing 12. Malware Analysis - Types of Malware - Sandbox Analysis - Signature-Based and Behavior-Based Detection 13. Incident Response and Handling - Incident Response Process - Digital Forensics - Chain of Custody 14. Penetration Testing - Types of Penetration Testing - Methodology - Reporting 15. Cryptography - Symmetric and Asymmetric Encryption - Hashing Algorithms - Digital Signatures 16. Mobile Hacking - Android and iOS Security - Mobile Application Security 17. Cloud Security - AWS, Azure, Google Cloud - Security Best Practices 18. IoT Security - Internet of Things Risks - Securing IoT Devices 19. Legal and Compliance - Computer Fraud and Abuse Act (CFAA) - GDPR, HIPAA, PCI DSS 20. Cybersecurity Tools - Nmap, Wireshark, Burp Suite - Snort, Nessus, Aircrack-ng 21. Career Path and Certifications - Certified Ethical Hacker (CEH) - Offensive Security Certified Professional (OSCP) - CISSP, CompTIA Security+

Add Custom Api: sudo apt install amass -y amass enum -d <link> -o x.txt amass enum -list Go to https://github.com/ykankaya/Amass-1/blob/master/examples/config.ini and copy the file and put any api amass enum -list --config config.ini amass enum -list Go to https://github.com/owasp-amass/amass/blob/master/examples/config.yaml and Copy the flie options: datasources: "./datasources.yaml" [Comment all the line expect those line] then again go to https://github.com/owasp-amass/amass/blob/master/examples/datasources.yaml and Copy the flie nano config.yaml nano datasources.yaml [copy those and put API] amass enum -list amass enum -list --config config.yaml

Amass API

Amass Custom API : THE ART OF USING AMASS TO ITS FULL POTENTIAL

Top 5 Anonymous OS 🙂 OS-Links: 1. https://tails.net/ 2. https://www.whonix.org/ 3. https://www.qubes-os.org/ 4. https://subgraph.com/ 5. https://www.digi77.com/linux-kodachi/