🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

O sonho de qualquer homem

CVE-2025-31489: Vulnerability in MinIO, 8.7 rating❗️ Vulnerability allows an attacker to upload objects using any arbitrary secret. Search at Netlas.io: 👉 Link: nt.ls/TEvNJ #cybersecurity #vulnerability_map

🚨 1st KNOXSS GIVEAWAY of 2025 ! 🚨 LIKE + SHARE this to have a chance to win one of the following subscriptions: 1 Pro 3-month 1 Pro 6-month 1 Pro 1-year Winners of the draw will be announced next week. Good luck! 😀 knoxss.pro - XSS for pros.

oneliner to find s3 buckets related to a target using 5 tools by tomnomnom: 🪲 assetfinder to find subs 🐞 httprobe to find alive hosts 🐛 anew to sort and add hosts to a file (and output to terminal) 🪳 meg to fetch paths for hosts 🕷️ gf to grep for specifc patterns (in this

CVE-2025-25226, -25227: SQLi and Improper Auth in Joomla, 7.5 - 9.8 rating 🔥 Vulns in Joomla CMS and Database package allow an attacker to bypass the 2FA or perform SQLi. Search at Netlas.io: 👉 Link: nt.ls/nxRtD #cybersecurity #vulnerability_map

CVE-2025-3439: Deserialization of Untrusted Data in Everest Forms, 9.8 rating 🔥 Vuln in the 'field_value' allows a remote unauth attacker to perform PHP object injection. Search at Netlas.io: 👉 Link: nt.ls/CoAb6 #cybersecurity #vulnerability_map

10 tips to crush bug bounties in your FIRST YEAR👇

🚀 Urx 0.5.0 is out! You can now extract URLs from robots.txt and sitemaps using the --include-robots and --include-sitemap flags. Host validation is now enabled by default for better accuracy — disable it with `--strict false` if needed. Big thanks to Chukwudi for their valuable

for the last weeks I have a 0 valid bugs, some marked as N/a, some good programs closed , and to be honse I was working just 1 hour per day now I am going to start new methods and new techniques, and if it works well, I will share it if in some days you find that you have a bad

CVE-2025-3616: File Upload in Greenshift WordPress Plugin, 8.8 rating❗️ Vuln discovered by Wordfence allows attackers to upload arbitrary files and execute them remotely. Search at Netlas.io: 👉 Link: nt.ls/meWm0 #cybersecurity #vulnerability_map

🚀 New plugin in the Caido Store! Introducing "JXScout" by Francisco Neves. Supercharge your JavaScript analysis by ingesting requests from Caido into JXScout. JXScout: github.com/francisconeves… Plugin: github.com/francisconeves…

How to grab all Graphql query/mutation if introspection disabled? 1. Download all js files to directory js_files 2. Run this command: grep -Eo '(query|mutation) [a-zA-Z0-9_]+\(' js_files -R 1/n #bugbountytips #graphql

hi Colin Armstrong If you can DM me, I found something critical :S

$64k in #bugbounty for finding basic secrets in predictable places because teams skipped Git 101 and proper .gitignore hygiene. Good on the reporter for cashing in on the perpetual lack of fundamental version control understanding. medium.com/@sharon.brizin…

CVE-2025-1763, -2443 and other: Multiple vulns in GitLab, 4.3 - 8.7 rating❗️ In a recent advisory, GitLab shared information about several fixed vulns, including XSS and DoS. Search at Netlas.io: 👉 Link: nt.ls/XxMjv #cybersecurity #vulnerability_map

🚀 Another plugin in the Caido Store! Introducing "Data Grep" by bebiks. Extract data from requests and responses. Great for building wordlists, finding secrets, or powering your recon. Check it out: github.com/caido-communit…

❌GraphQL introspection disabled? ✅No problem! Extract all GraphQL operations from Javascript files! 1. go install github.com/rashahacks/jsm… 2. Scan the JS URL with -u flag. 🚀View all the GraphQL operations in seconds -- no introspection needed.

CVE-2025-32432: RCE in CraftCMS, 10.0 rating 🔥🔥🔥 0-day vuln makes some versions of CraftCMS vulnerable to RCE. Used in the wild in combination with CVE-2024-58136. Search at Netlas.io: 👉 Link: nt.ls/XVVPd #cybersecurity #vulnerability_map

Not in the kingofbugbounty group? Go there and let's help the guys t.me/+Swi6HIdwAP2DD…

CVE-2025-27007: Privilege Escalation in OttoKit WordPress Plugin, 9.8 rating 🔥 Errors in the logic of the plugin's API could lead to gaining access to the admin account. Search at Netlas.io: 👉 Link: nt.ls/y4FXX #cybersecurity #vulnerability_map