20 matches found
ctf-toolkit
Bug Bounty Recon Tool 🚀 The Ultimate Bug Bounty Recon Tool...
EUVD-2018-13477
Malware in sbrugna...
Secator - The Pentester'S Swiss Knife
secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Features Curated list of commands Unified input options Unified output schema CLI and library...
Crawpy - Yet Another Content Discovery Tool
Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast. Calibration mode, applies filters on its own Has bunch of flags that helps you fuzz in detail Recursi...
Kiterunner - Contextual Content Discovery Tool
For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Over time,...
h1-ctf: [ Hacky Holidays CTF ] Completely taken down the Grinch Networks
Day 1 - Robot flag We're presented with sample ui page without any function. So I guessed content discovery is the best way to find flag. And robots.txt came to my mind and found the flag. https://hackyholidays.h1ctf.com/robots.txt Response User-agent: Disallow: /s3cr3t-ar3a Flag:...
h1-ctf: Hackyholidays CTF writeup
Writeup for the hackyholidays CTF This CTF consisted of 12 challenges released daily in the 12 days leading up to christmas. The goal was to stop the Grinch from ruining christmas by slowly destroying the apps that he used to terrorize Santa and his elfs. The challenges were: 1. Robots.txt 2. DOM...
Feroxbuster - A Fast, Simple, Recursive Content Discovery Tool Written In Rust
What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. What's it do tho? feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate...
h1-ctf: [H1-2006] CTF Writeup
H1-2006 CTF Writeup I am fairly new to CTFs - this is just my second CTF after H1-415 CTF, at which I didn't get far at all. I think the most valuable thing I can do for anyone who comes across this writeup, is to describe exactly what I was thinking at each step along the way, including all my...
h1-ctf: @shakedko H1-2006 CTF writeup
TL;DR Flag is: ^FLAG^736c635d8842751b8aafa556154eb9f3$FLAG$. Thank you for this awesome challenge! Introduction I have participated in this CTF as I wanted to see how far I'd be able to get considering the fact that I'm doing bug bounty for a relatively short time. Coming from the software...
h1-ctf: [H1-2006 2020] Includes 1 free content discovery
Summary Got it! Thanks guys for going through the trouble to make these. Best regards @nahamsec @adamtlangley @B3nac for hosting and @hackingfish @zonkism and @clos for peer support to make it. Writeup to follow, but let's have the flag first! F859962 Impact Participating in CTFs can cause...
Recox - Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system. It gathers the information recursively over each subdomain, and IP addr for a...
Code injection
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations SEC-185...
CVE-2016-10785
cPanel before 60.0.25 allows attackers to discover file contents during file copy operations SEC-185...
Chomp Scan - A Scripted Pipeline Of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase
A scripted pipeline of tools to simplify the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs. Scope Chomp Scan is a Bash script that chains together the fastest and most effective tools in my opinion/experience for doing the long and sometimes tedious process o...
RATELIMITED: Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.
Hello Security Team Summary : When looking for links and trying for content discovery i found a link on domain support.theendlessweb.com https://support.theendlessweb.com/swift/apps/base/javascript/global/thirdparty/TinyMCE/tinymce.min.js It contains the tinyMCE plugin and the version they are...
Cansina - Web Content Discovery Tool
Cansina is a Web Content Discovery Application. It is well known Web applications don't publish all their resources or public links, so the only way to discover these resources is requesting for them and check the response. Cansina duty is to help you making requests and filtering the responses t...
WordPress 4.7.0 / 4.7.1 - Unauthenticated Content Injection (PoC) Exploit
Exploit for php platform in category web applications Exploit Title: Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC Date: 2017-02-02 Exploit Author: @leonjza Vendor Homepage: https://wordpress.org/ Software Link: https://wordpress.org/wordpress-4.7.zip Version: Wordpress 4.7.0/4.7.1...
[Cansina] Web Content Discovery Application
It takes general available lists of common path and files used by web applications and make URL requests looking back to the server response code. Cansina stores the information in a sqlite database omitting 404 responses. One for every new url think this as a kind of projects feature and the sam...
[ThreatFactor NSIA v1.0.6] Network System Integrity Analysis
ThreatFactor NSIA is a website scanner that monitors websites in real-time in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any...