Exploit for Deserialization of Untrusted Data in Facebook React

⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...

From Cloudflare Bypass to Credit Card Theft

Introduction On July 6, 2025, a suspicious Python package called 'cloudscrapersafe' was uploaded to the Python Package Index PyPI. Marketed as a utility to evade Cloudflare’s anti-bot protections, this package was a modified version of a widely used 'cloudscraper' library, which is used to automa...

SSRF vulnerability in the vrite

Description This vulnerability can be used to leak remote server information, bypass CDN like cloudflare. Also it can be used to the SSRF attack. Proof of Concept Here we can use it to leak the real IP of the https://app.vrite.io. GET /proxy?url=https://your-vps-ip.nip.io/ HTTP/2 Host: app.vrite....

Yuga Labs: Origin IP Exposed waf bypass

The origin IP address of the website was exposed, allowing bypassing of the anti-DDoS mechanism in place, such as Cloudflare. This could have enabled access to the service without going through the web application firewall, potentially leading to unfiltered payloads being forwarded to the service...

SMTP2GO BBP: Origin IP found, WAF Cloudflare Bypass

Description: I have discovered that the http://172.105.190.180/login/ site exposed it's IP which could allow bypassing of anti-DDoS mechanisms i.e you are using Cloudflare for protection. For Originate IP address which I found from https://search.censys.io/ By using these IP address as a resolver...

Logitech: GET based Open redirect on [streamlabs.com/content-hub/streamlabs-obs/search?query=]

Summary: Description: in the following link, the parameter query is reflecting in multiple places, one of them is in the tag in the head section of the HTML source, the reflection is in the content attribute to be precise check the below image F983200 And i was able to break out of the content...

Razer: Reflected XSS on molpay.com with cloudflare bypass

The tester discovered a reflected XSS vulnerability on molpay.com which could allow an adversary to steal client side information such as a cookie. Razer Fintech thanks the tester for his clear report and PoC. Follow brutelogic for amazing bypass tips. Thank you for bounty @razer 🙏...

Razer: [press.razer.com] Origin IP found, Cloudflare bypassed

The tester discovered that the press.razer.com site exposed its IP which could allow bypassing of anti-DDoS mechanisms. While minor, Razer does appreciate the report and the tester bringing this to our attention...

CloudUnflare - Reconnaissance Real IP Address For Cloudflare Bypass

Reconnaissance Real IP address for Cloudflare Bypass. Preparation: 1. CompleteDNS API Create an account at completedns.com and verify first. Input your email and password on CompleteDNSLogin variable in cloudunflare.bash. 2. Dependencies Needed curl dig whois Debian Based apt-get install curl...

There are Upload file the file name at the time of discovery of the delay injection vulnerability-vulnerability warning-the black bar safety net

! The It is author in invited to test items found in the Upload File name the filename of a time delay blind injection vulnerabilities, this position is relatively rare, Share this in hopes of everyone starting to learn a role. The following is the author of the discovery process. Earlier this...

BillCipher - Information Gathering Tool For A Website Or IP Address

Information Gathering tool for a Website or IP address, use some ideas from Devploit. BillCipher can work in any operating system if they have and support Python 2, Python 3, and Ruby. Features DNS Lookup Whois Lookup GeoIP Lookup Subnet Lookup Port Scanner Page Links Zone Transfer HTTP Header Ho...

Th3Inspector - Tool for Information Gathering

Tool For Information Gathering. Usage Short Form| Long Form| Description ---|---|--- -i| --info| Website Information -n| --number| Phone Number Information -mx| --mailserver| Find IP Address And E-mail Server -w| --whois| Domain Whois Lookup -l| --location| Find Website/IP Address Location -c|...

Striker - Offensive Information And Vulnerability Scanner

Striker is an offensive information and vulnerability scanner. Features Just supply a domain name to Striker and it will automatically do the following for you: Check and Bypass Cloudflare Retrieve Server and Powered by Headers Fingerprint the operating system of Web Server Detect CMS 197+ CMSs a...