Offensive Security notes 🔥📢 by: Joas Antonio - OSCP (Active Directory): drive.google.com/file/d/14jirVK… - OSWE: drive.google.com/file/d/1KIc_qs… - OSWA: drive.google.com/file/d/1EEA-y3… - OSEP: drive.google.com/file/d/1L9mfwf… - OSED: drive.google.com/file/d/1_mPHr3… - OSDA: drive.google.com/file/d/18cAE7Q… - OSMR:

Basic Server Types

A friend asked me to find out why his connected lightbulb app was asking for his location, so I ducked out to Australia’s favourite hardware store, Bunnings, and grabbed one to check out. The Android grid connect app has 500k+ downloads. Let’s take a quick look! 🧵 (1/n)

AI can now EDIT your videos in SECONDS... Say Goodbye to hours of video editing. Introducing Keyframes Studio, the only AI editing tool you will ever need: [🧵Bookmark to user later]

NPA Bomb of UPA (Thread) How Modi govt diffused it and saved India People from Finance may know this that I am going to share but common public don't know but each and every Indian must know How a financial bom could destroy India in 2018 and How Modi saved us from it 1/24

Vivek_Uneek HaxRob Vivek_Uneek Guten Tag, please find the unroll here: threadreaderapp.com/thread/1676416… Have a good day. 🤖

Web Check - All-in-one website OSINT tool for analysing any website Uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. web-check.as93.net #cybersecurity #infosec #OSINT

The Auditor book- Sherlock and Code4rena findings All Findings in one place: - 100+ Auditors - 150+ Audits - 5000+ Findings Download from here: theauditorbook.com

Google Dork - all the juicy extensions site:"target[.]com" ext:log | ext:txt | ext:conf | ext:cnf | ext:ini | ext:env | ext:sh | ext:bak | ext:backup | ext:swp | ext:old | ext:~ | ext:git | ext:svn | ext:htpasswd | ext:htaccess

Here are some Shodan dorks that bug bounty hunters can use to discover potentially vulnerable or misconfigured devices: 1. Apache Default Page: apache country:"YOUR_COUNTRY_CODE" title:"Index of /" -"Forbidden" 2. Default Login Pages: "login:" "password"

200+ Hacking / Infosec pdfs Source: drive.google.com/drive/u/0/mobi… Credit: Joas Antonio #infosec #Hacking #infosecurity #Malware #bugbountytips #CTF #BugBounty #vulnerability #pwn #CyberSecurityAwareness #CyberSecurity #cybersecuritytips

################################ CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent ################################ now.. first questions... how many devices in your enterprise do you have running a vulnerable version of SSH? How many of these are internet

10 ways to exploit JWT (JSON Web Token): by ⁦Musab Alharany⁩ medium.com/@musab_alharan…

𝙂𝙊𝙊𝙎𝙄𝙉𝙏 ☠ Collection of web-based open source intelligence & threat intelligence tools Link 🔗:- goosint.com

Tricks to find XSS injection points: * Check for JS variables with empty string assignments in the HTML response If you see ' var redirUrl = "";' in the HTML response, there is a decent chance that "redirURL" might be a query parameter * HTML input field names Check the "name"

Good to see my fellow infosec peeps NULL Hyderabad #nullhyd

We’re launching Predicta Search ! predictasearch.com ✉️📞 Give it an email address or a phone number, it'll give you all the related social media profiles 🕵️ The new essential website for your #OSINT investigations

The next level of humiliation.... #IndiaVsPakistan