🔥DOM clobbering cheatsheet by Tib3rius DOM clobbering is a technique in which you inject HTML into a page to manipulate the DOM and ultimately change the behavior of JavaScript on the page. tib3rius.com/dom

🔥 WordPress Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints PoC github.com/RandomRobbieBF…

🔐 x64 binary #obfuscator that is able to obfuscate various different pe files including exe, dll, sys. github.com/weak1337/Alcat… #pentest #CyberSecurity

Pycript enables users to encrypt and decrypt requests and response for manual and automated application penetration testing. #Portswigger #BurpSuite #BugBounty #Pentesting portswigger.net/bappstore/4826…

Wow, I am not a #BlueTeam, though seeing these tools making me interested. 🔥The Open Source Security Platform. Unified XDR and #SIEM protection for endpoints and cloud workloads.🔥 Check NetworkChuck video to get an overview: youtu.be/3CaG2GI1kn0 github.com/wazuh/wazuh

Best tools for decompiling and rebuilding .NET binaries. DotPeek lnkd.in/dCbqiFbb ILSpy lnkd.in/d8-P3fER DnSpy lnkd.in/dAzfXYCF Share with me, if you know some handy tools. #security #assesment #pentest

🔥This repository contains a Python script that allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories. github.com/AggressiveUser… #BugBounty #Pentesting

Collection of #Telegram #OSINT tools and resources github.com/cqcore/Telegra…

Bandit is a tool designed to find common security issues in #Python code.🐍🐍 #Pentesting #CyberSecurity github.com/PyCQA/bandit

🔥OWASP Top 10 #vulnerability list for Large Language Models llmtop10.com

🔍Ultimate #OSINT collection. start.me/p/DPYPMz/the-u…

🪟 Facing IIS default page? Try short filename enum. ⚒️This is an old tool and the code is a spaghetti, but it is capable to tackle even the latest IIS (IIS 10 on Windows Server 2022) github.com/irsdl/IIS-Shor… #Pentesting #BugBounty #Hacking

🏎️ New interesting research on race condition vulnerability. portswigger.net/research/smash…

🤖🧹Using a robot vacuum cleaner at home?   Besides regular pentesting, a cybergeek should spend his spare time having some fun. Threfore, I've explored if my robot vacuum could do more than just tidying up. Read all about it here: medium.com/p/1be9f9f13742

GitHub - stealthcopter/deepce: Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE) github.com/stealthcopter/…

❓Interested what is behind those long #Python SSTI payloads? Here is my small article on basics of Jinja template injection💉. medium.com/bugbountywrite… #BugBounty #Pentesting #Hacking

🛠️ SocketSleuth extension aims to enhance Burp Suite's websocket testing capabilities and make testing websocket based applications easier. #BurpSuite #BugBounty github.com/snyk/socketsle…

In the world of penetration testing, we often encounter fully restricted machines in our target network. In my latest Medium article, I've sheared a simple method that I use to set up a reverse SSH proxy. 🔗Find my article here: infosecwriteups.com/reverse-ssh-so…

Check out my new writeup: infosecwriteups.com/xss-on-the-oau…

Just dropped a new article on Medium. Real-life blind XXE exploitation by outputting results via Java exceptions in log files. Check it out for the details. medium.com/bugbountywrite…