cloudamqp.com | |
cloudkarafka.com | |
elephantsql.com | |
cloudmqtt.com | |
aax.com | |
achmea.nl | |
syntrus.com | |
woonfonds.nl | |
fbto.nl | |
averoachmea.nl |
This Bash gist is a nifty command to find WordPress domains from a bug bounty program list provided by Project Discovery. First, it uses curl to fetch the bug bounty program list from a GitHub repository. Then, it utilizes jq to select domains from programs that have a bounty, followed by sorting to ensure uniqueness. After that, it employs httpx to test if these domains are running WordPress. Finally, the output is filtered and saved into the host-wordpress file. The second version of this command also removes https, http, www, and other characters from the URLs, providing cleaner results. Pretty cool, right?
curl -s "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json" | jq -r '.programs[] | select(.bounty==true) | .domains[]' | sort -u | httpx -td -ms WordPress | sed -e 's/\s.*$//' | tee host-wordpress
curl -s "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbo
name: Recon
on:
push:
branches: [master]
jobs:
scan-and-deploy:
runs-on: ubuntu-latest
#!/bin/bash
## this tool to take parameters that have '=' and add 'FUZZ' at the end of '=' the ultimate goal of this tool is to perform fuzzing and checking of vulnerable parameters
domain=$1
url="https://web.archive.org/cdx/search/cdx?url=*."$domain"/*&output=txt&fl=original&collapse=urlkey&page=/"
if [[ -z "$domain" ]]; then
echo "Include the domain as an argument"
exit 1
fi
- Challenge: Serialization Saga
- Points: 100
- Category: Insecure Deserialization
This challenge is a CTF designed to test the ability to identify and exploit insecure deserialization vulnerabilities. Participants are required to perform certain functions by exploiting these vulnerabilities and obtaining flags as a result.
Project Details:
- Client: [Client Name]
- Project Name: [Project Name]
- Testing Period: [Start Date] - [End Date]
In this report, we provide an overview of the security posture of the target system, detailing findings and their respective severities. The assessment is based on a comprehensive analysis of potential vulnerabilities and risks using the CVSS 3.0 and 3.1 scoring frameworks. Each finding is described along with its associated risk score and recommendations for remediation.
I am happy to share vulnerability findings on Fortinet FortiMail, focusing on versions v7.0.1, v7.0.0, v6.4.5 & below, v6.3.7 & below, and v6.0.11 & below. During this assessment, I was able to identify an unpatched XSS (Cross-Site Scripting) vulnerability, tagged as CVE-2021-43062
. The vulnerability allowed arbitrary code execution via a specially crafted HTTP GET request to the FortiGuard URI protection service.
Product | Fortinet FortiMail |
---|---|
Vendor | Fortinet |
Severity | Medium |
Affected Versions | v7.0.1, v7.0.0, v6.4.5 & below, v6.3.7 & below, v6.0.11 & below |
title | date |
---|---|
Server Side Template Injection via Twig Security Extension |
2023-04-15 |
Shopware is an e-commerce platform that is open source and built on the Symfony Framework and Vue.js. The default storefront of Shopware 6, called Shopware 6 Storefront, is based on Twig and Bootstrap. Users can customize the appearance of their storefront by using extensions (previously known as plugins) to override the default Twig template files. These custom themes can be enabled using the included Shopware 6 Administration panel.
Please note that this is a bypass of CVE-2023-22731, which is being tracked as issue NEXT-24667 by Shopware.
#!/usr/bin/env zsh | |
# Download JSON file containing a list of bug bounty programs and their domains | |
curl -O "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json" | |
# Create folders for each bug bounty program | |
cat chaos-bugbounty-list.json | jq -r '.programs[] | select(.bounty==true) | .name' | while read folder; do mkdir -p "$folder" -v; done | |
# For each bug bounty program, get the domains and save them to a file | |
for (( i=0; i < $(cat chaos-bugbounty-list.json | jq -r '.programs | length'); i++ )) |