Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 179
» Latest member: knocker
» Forum threads: 33
» Forum posts: 55

Full Statistics

Online Users
There are currently 50 online users.
» 0 Member(s) | 49 Guest(s)
Bing

Latest Threads
Clara1337
XSS

Forum: Hot Topics
Last Post: Clara1337
08-03-2025, 05:39 PM
» Replies: 0
» Views: 150
Unix_Root
Compiled tools for intern...

Forum: Popular tools
Last Post: Unix_Root
07-26-2025, 12:15 PM
» Replies: 0
» Views: 205
Unix_Root
Windows Server Rdp hosted...

Forum: Announcement
Last Post: Unix_Root
07-25-2025, 06:36 AM
» Replies: 0
» Views: 222
Unix_Root
A series of scripts to ha...

Forum: Blue Team - General
Last Post: Unix_Root
07-23-2025, 09:55 PM
» Replies: 0
» Views: 200
Unix_Root
XSS.IS Cybercrime Forum S...

Forum: Announcement
Last Post: Unix_Root
07-23-2025, 09:51 PM
» Replies: 0
» Views: 216
Unix_Root
BrowserBruter

Forum: Popular tools
Last Post: Unix_Root
07-06-2025, 09:11 PM
» Replies: 0
» Views: 253
Unix_Root
Advanced dork generator (...

Forum: Red Teaming
Last Post: Unix_Root
07-06-2025, 09:07 PM
» Replies: 0
» Views: 249
Unix_Root
CVE-Vulns

Forum: Hot Topics
Last Post: Unix_Root
07-06-2025, 09:06 PM
» Replies: 0
» Views: 261
Unix_Root
#Malware_analysis

Forum: Malware analysis
Last Post: Unix_Root
07-06-2025, 09:04 PM
» Replies: 0
» Views: 247
Unix_Root
#WebApp_Security

Forum: Writes-up
Last Post: Unix_Root
07-06-2025, 09:03 PM
» Replies: 0
» Views: 280

 
  XSS
Posted by: Clara1337 - 08-03-2025, 05:39 PM - Forum: Hot Topics - No Replies

Sir can you give me a suggestion for a payload xss bypas ?

Print this item

  Compiled tools for internal assessments
Posted by: Unix_Root - 07-26-2025, 12:15 PM - Forum: Popular tools - No Replies

This repository is intended for pentesters and red teamers using a variety of offensive security tools during their assessments. The repository is a collection of useful tools suitable for assessments in internal environments. We fetch and compile the latest version of each tool on a regular basis and provide it to you as a release.
You don't have to worry about updating and compiling the tools yourself. Just download the latest release and find all the awesome tools you will need in a single archive.
https://github.com/Syslifters/offsec-tools

Print this item

  Windows Server Rdp hosted on Github Free for 6 hour.
Posted by: Unix_Root - 07-25-2025, 06:36 AM - Forum: Announcement - No Replies

Link:
https://github.com/danieldurnea/rdp-free

Print this item

  A series of scripts to harden Macos 15 Sequoia
Posted by: Unix_Root - 07-23-2025, 09:55 PM - Forum: Blue Team - General - No Replies

A series of scripts to harden macOS 15.5 (Sequoia) for security and
privacy, inspired by NIST guidelines. Suitable for power users and
novices alike. This project evolved from the macOS Security Compliance
Project, a Python-based tool, with the current focus on Bash scripts
while preserving legacy features.
https://github.com/cluster2600/ALBATOR

Print this item

  XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine
Posted by: Unix_Root - 07-23-2025, 09:51 PM - Forum: Announcement - No Replies

https://hackread.com/xss-is-cybercrime-f...ted-admin/

Print this item

  BrowserBruter
Posted by: Unix_Root - 07-06-2025, 09:11 PM - Forum: Popular tools - No Replies

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications. 
https://github.com/netsquare/BrowserBruter
   

Print this item

  Advanced dork generator (AI)
Posted by: Unix_Root - 07-06-2025, 09:07 PM - Forum: Red Teaming - No Replies

https://syntax.goldenowl.ai/    

Print this item

  CVE-Vulns
Posted by: Unix_Root - 07-06-2025, 09:06 PM - Forum: Hot Topics - No Replies

#exploit
1⃣ CVE-2025-48703: (https://fenrisk.com/rce-centos-webpanel)
RCE in CentOS Web Panel
2⃣ CVE-2025-31200: (https://blog.noahhw.dev/posts/cve-2025-31200)
Zero-click RCE vulnerability in Apple's iOS 18.x
3⃣ CVE-2025-32463: (https://github.com/pr0v3rbs/CVE-2025-32463_chwoot)
Escalation of Privilege to the root through sudo binary with chroot option
4⃣ CVE-2025-49113: (https://github.com/fearsoff-org/CVE-2025-49113)
Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization
5⃣ CVE-2025-32433: (https://github.com/ProDefense/CVE-2025-32433)
Unauth RCE in Erlang/OTP SSH

Print this item

  #Malware_analysis
Posted by: Unix_Root - 07-06-2025, 09:04 PM - Forum: Malware analysis - No Replies

1. DEVMAN Ransomware
https://any.run/cybersecurity-blog/devma...e-analysis
2. BrowserVenom (Fake DeepSeek) Malicious installer
https://securelist.com/browservenom-mimi...oxy/115728
3. KimJongRAT Stealer
https://unit42.paloaltonetworks.com/kimj...powershell
4. macOS NimDoor
https://www.sentinelone.com/labs/macos-n...ed-malware
5. Windows Shortcut (LNK) Malware Strategies
https://unit42.paloaltonetworks.com/lnk-malware

Print this item

  #WebApp_Security
Posted by: Unix_Root - 07-06-2025, 09:03 PM - Forum: Writes-up - No Replies

#WebApp_Security
Bug Bounty Cheat Sheet, Ver.1.0.
1. Account Takeover (ATO) (https://github.com/swisskyrepo/PayloadsA...20Takeover)
2. API Key and Token Leaks (https://github.com/swisskyrepo/PayloadsA...ey%20Leaks)
3. Bypass Upload Tricky (https://github.com/swisskyrepo/PayloadsA...re%20Files)
4. Clickjacking (https://github.com/swisskyrepo/PayloadsA...ickjacking)
5. Client Side Path Traversal (CSPT) (https://github.com/swisskyrepo/PayloadsA...0Traversal)
6. Command Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
7. Content Injection (https://github.com/EdOverflow/bugbounty-...jection.md)
8. CORS (https://github.com/swisskyrepo/PayloadsA...ion)/OAuth (https://github.com/swisskyrepo/PayloadsA...figuration) Misconfiguration
9. CRLF Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
10. CSV Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
11. Cross-Site WebSocket Hijacking (CSWSH) (https://github.com/swisskyrepo/PayloadsA...s)/Request Forgery (CSRF/XSRF) (https://github.com/swisskyrepo/PayloadsA...%20Forgery)
12. DNS Rebinding (https://github.com/swisskyrepo/PayloadsA...0Rebinding)
13. DOM Clobbering (https://github.com/swisskyrepo/PayloadsA...Clobbering)
14. Dependency Confusion (https://github.com/swisskyrepo/PayloadsA...0Confusion)
15. Directory Traversal (https://github.com/swisskyrepo/PayloadsA...0Traversal)
16. External Variable Modification (https://github.com/swisskyrepo/PayloadsA...dification)
17. File Inclusion/LFI (https://github.com/swisskyrepo/PayloadsA...0Inclusion)
18. GraphQL Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
19. HTTP Request Smuggling (https://github.com/swisskyrepo/PayloadsA.../Parameter Pollution (HPP) (https://github.com/swisskyrepo/PayloadsA...0Pollution)
20. Insecure Deserialization (https://github.com/swisskyrepo/PayloadsA...on)/Direct Object References (https://github.com/swisskyrepo/PayloadsA...Management Interface (https://github.com/swisskyrepo/PayloadsA...Randomness (https://github.com/swisskyrepo/PayloadsA...ss)/Source Code Management (https://github.com/swisskyrepo/PayloadsA...Management)
21. LDAP Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
22. LaTeX Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
23. Mass Assignment (https://github.com/swisskyrepo/PayloadsA...Assignment)
24. Memory Exhaustion (DoS) (https://github.com/swisskyrepo/PayloadsA...%20Service)
25. NoSQL Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
26. ORM Leak (https://github.com/swisskyrepo/PayloadsA...ORM%20Leak)
27. Open URL Redirect (https://github.com/swisskyrepo/PayloadsA...20Redirect)
28. Prompt Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
29. Prototype Pollution (https://github.com/swisskyrepo/PayloadsA...0Pollution)
30. Race Condition (https://github.com/swisskyrepo/PayloadsA...0Condition)
31. Regular Expression DoS (ReDoS) (https://github.com/swisskyrepo/PayloadsA...Expression)
32. SAML Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
33. SQL Injection (SQLi) (https://github.com/swisskyrepo/PayloadsA...0Injection)
34. Server Side Include Injection (https://github.com/swisskyrepo/PayloadsA...n)/Request Forgery (https://github.com/swisskyrepo/PayloadsA...)/Template Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
35. SMTP Header Injection (https://www.acunetix.com/blog/articles/e...-injection)
36. Tabnabbing (https://github.com/swisskyrepo/PayloadsA...Tabnabbing)
37. Type Juggling (https://github.com/swisskyrepo/PayloadsA...20Juggling)
38. Web Cache Deception (https://github.com/swisskyrepo/PayloadsA...0Deception)
39. XPATH (https://github.com/swisskyrepo/PayloadsA...tion)/XSLT (https://github.com/swisskyrepo/PayloadsA...ction)/XSS (https://github.com/swisskyrepo/PayloadsA...ction)/XXE Injection (https://github.com/swisskyrepo/PayloadsA...0Injection)
40. Zip Slip Command Execution (https://github.com/snyk/zip-slip-vulnerability)

Print this item