Evaluation of different tools for routers firmware emulation (FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA) skemman.is/bitstream/1946… #cybersecurity #embedded

Wordlists specially for API routes fuzzing 📒 wordlists-cdn.assetnote.io/data/automated/ #infosec #cybersec #bugbountytips #bugbounty

Lenovo CVE-2025-8061: PoC for popping a system shell against the LnvMSRIO.sys driver GitHub: github.com/symeonp/Lenovo…

🔍 Bug Bounty Tip: WAF Bypass Evade WAF’s URL normalization with double encoding (%252f) or unusual paths. Example: /api/v1/%2e%2e/%2e%2e/config?id=1%252bUNION%252bSELECT%252bsecrets-- Test only on authorized systems! 🛡️ #Cybersecurity #BugBounty

Super excited to announce #WebRecon - an OSINT website recon tool - Extracts emails, subdomains, tech stacks automatically - Identifies cloud storage leaks & exposed files - Built-in FireProx for IP rotation - JavaScript rendering with Playwright, etc #Cybersecurity #OSINT

#Android #Integritycheck #Frida #ssl_unpinning #InfoSec #CyberSecurity #Hacking

GitHub - t3l3machus/PowerShell-Obfuscation-Bible: A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository github.com/t3l3machus/Pow…

Browse Malicious Packages & Threats - OpenSourceMalware.com opensourcemalware.com/browse

Se ha filtrado todo el código fuente de la web de la Apple App Store. Se olvidaron de desactivar los Source Maps y es totalmente legible, con comentarios incluidos: github.com/rxliuli/apps.a…

I created a simple but effective tool that examines and analyzes .js files. 🔗 Project: github.com/ynsmroztas/Ins… #DevTools #Js #JavaScript #bugbountytip #bugbountytips #InfoSec #recon

🔒 SOC Analyst (L1–L2) Preparation Guide 📘 💬 Comment “PDF” if you’d like to get the guide! I’ve just uploaded a comprehensive PDF guide designed for anyone preparing to become a Cybersecurity / SOC Analyst (Level 1–2).

How to build Android Bug Bounty lab Guide to configuring emulators, real devices, proxies, Magisk, Burp, Frida by YesWeHack ⠵ yeswehack.com/learn-bug-boun…

📝 List of blogs and guides to Master Insecure Deserialization. 1. book.hacktricks.xyz/pentesting-web… 2. greyshell.github.io/blog/2019/11/2… 3. snyk.io/blog/preventin…

Found a target that actively uses the 'kid' JWT header parameter? Make sure to test for injection attacks, such as SQLi! 🤠 Here's how: 1. Decode the header 2. Inject your SQLi payload into the 'kid' parameter 3. Modify the JWT claims (payload) 4. Sign your JWT using your

200+books on info sec and cybersecurity. Feel free to download any and read. LINK: drive.google.com/drive/u/0/fold… Follow kelvinlina𖤍💜✨ for more Re-share to also help a friend

AWS ha puesto gratis por tiempo limitado todo el material en Español para los Certificados de Cloud e IA. Exámenes oficiales, planes de formación y más. ¡Disponible hasta el 5 de enero! → skillbuilder.aws/category/exam-…

At least 3 spots have been hit. Fuerte Tiuna, La Carlota airbase and A communications center in El Hatillo. All of these controlled by government, heavily guarded by military and strategic places for Maduro. This is Caracas, Venezuela right now.

File upload vulnerability — Content-Disposition: filename is processed without validation, allowing RCE. #BugBounty #RCE #CyberSecurity