Endi mavjud! Telegram Tadqiqoti 2025 โ yilning asosiy insaytlari 
Bug bounty Tips
Kanalga Telegramโda oโtish
๐ก๏ธ Cybersecurity enthusiast | ๐ป Helping secure the digital world | ๐ Web App Tester | ๐ต๏ธโโ๏ธ OSINT Specialist Admin: @laazy_hack3r
Ko'proq ko'rsatish5 849
Obunachilar
+1124 soatlar
+687 kunlar
+37430 kunlar
Postlar arxiv
5 850
God Penetration Testing Reference Bank
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet. This is a collection of resources, scripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want!
GitHub
#pentest
5 850
"PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers", 2023.
#powershell
โโโ
@islemolecule_source
5 850
20 Tools DDOS Attack Works Great 100%๐
https://github.com/secgang/ddos-http?search=1 https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/secgang/ddosutils https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/HyukIsBack/KARMA-DDoS https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/hoaan1995/ZxCDDoS https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/screetsec/TheFatRat https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/grafov/hulk/blob/master/hulk.py https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/jseidl/GoldenEye https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/palahsu/DDoS-Ripper https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Tmpertor/Raven-Storm https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Thibault-69/RAT-Hodin-v2.9 https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/the0cp/awesome-ddos-tools https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Xart3mis/AKILT https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Leeon123/Aoyama https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/us-nexus-hackers/US-DDOS-V2 https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Hex1629/SOCKETPIE_DOSTOOL https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/pavel-odintsov/fastnetmon https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/epsylon/ufonet https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/SuperIlu/DOjS https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/BC-SECURITY/Empire https://rb.gy/ua52vb https://t.ly/_I8Jn
https://github.com/Ne0nd0g/merlin https://rb.gy/ua52vb https://t.ly/_I8Jn
5 850
The Command again
ffuf -w /subdomain_megalist.txt -u 'https://adminFUZZ.Target.com' -c -t 350 -mc all -fs 0
-t means threads , dont make it so high u could miss alot of working subs , aslo its dpends in your network speed
,sinc im using vps 350 find for me
-mc all means macth all respone codes like 200,302,403 and this importent
5 850
Subdomain Fuzzing worth 35k bounty!
https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc
5 850
[ Testing LFI in Windows: How I (never) got a $30000 bounty ]
Another great post by adeadfed!
https://adeadfed.com/posts/testing-lfi-in-windows-how-i-never-got-a-30000-bounty/
5 850
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity exploit
https://github.com/W01fh4cker/CVE-2024-27198-RCE
https://github.com/Chocapikk/CVE-2024-27198
https://github.com/rapid7/metasploit-framework/pull/18922
Cyberspace Mapping Dork:
Fofa
app="JET_BRAINS-TeamCity"
ZoomEye
app:"JetBrains TeamCity"
Hunter.how
product.name="TeamCity"
Shodan
http.component:"teamcity"
Read research: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/5 850
๐ Cybersecurity Alert: CVE-2024-21893 Vulnerability
๐จ Attention Security Professionals and IT Enthusiasts! A critical vulnerability has been discovered in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA. Letโs dive into the details:
๐ Vulnerability Description: A server-side request forgery (SSRF) flaw in the SAML component of the mentioned Ivanti products allows an attacker to access restricted resources without authentication. This means unauthorized access to sensitive data and potential security breaches.
๐ Affected Versions:
๐ Ivanti Connect Secure (9.x, 22.x)
๐ Ivanti Policy Secure (9.x, 22.x)
๐ Ivanti Neurons for ZTA
๐ฅ Impact:
๐ Unauthenticated attackers can exploit this vulnerability.
๐ High severity (CVSS Base Score: 8.2)
๐น Video Demo: Iโve created a video demonstrating the vulnerability. Check it out here:
https://youtu.be/JMYVWL67PIY
5 850
FIND S3 BUCKETS:-
# Find buckets from keyword or company name
# https://github.com/nahamsec/lazys3
ruby lazys3.rb companyname
# https://github.com/initstring/cloud_enum
python3 cloud_enum.py -k companynameorkeyword
# https://github.com/gwen001/s3-buckets-finder
php s3-buckets-bruteforcer.php --bucket gwen001-test002
# Public s3 buckets
https://buckets.grayhatwarfare.com
https://github.com/eth0izzle/bucket-stream
# https://github.com/cr0hn/festin
festin mydomain.com
festin -f domains.txt
# Google dork
site:.s3.amazonaws.com "Company"
