Hey folks, today we are going to talk about the tool that can easily add malicious payloads within the .PDF extension files and after which you can easily access any system. As we know it is prohibited to execute malicious payloads inside the window defender system, hence we will send […]
Continue Reading
Hey folks, today we will show you (PoC) of “Gila CMS 1.11.8 – ‘query’ SQL Injection” vulnerability. The get parameter “query” is vulnerable, hence we will use the SQL injection tool 💉 to retrieve the database. About the Vulnerability Vulnerability Setup Full Proof of Concept Step -1 Step -2 Usage […]
Continue Reading
Hey Folks, in this tutorial we will show you that how you can embed your malicious URL in popular websites such as : Youtube, Facebook and Google etc. These kind of techniques are useful during the social engineering attacks because we can embed our malicious URLs in well known domains […]
Continue Reading
Vulnerability Details : The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known. Full Proof of Concept (PoC) Step -1 Step -2 Step -3 Step -4 Step -5 Step -6 […]
Continue Reading
Key Points : ✔ In this vulnerabilities frigate professional software will be crashed due to malicious code. You can Follow these steps : Run python code: FrigateLCE.py Copy content to clipboard Open “Frigate3.exe” Go to “Disk” > Find Computer Paste ClipBoard into the “Computer Name:” field Click on OK Calc.exe […]
Continue Reading
Full Proof of Concept (PoC) Step -1 Step -2 Step -3 Step -4 Step -5 Done 🙂 !!
Continue Reading
CVE-2020-13432 Security Issue This vulnerability allows an remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers like Cookie, User-Agent etc. Remote unauthenticated attackers can send concurrent HTTP requests using an incrementing or specific payload range of junk characters […]
Continue Reading
Hey folks, in this article we will going to talk about “ Top 20 Recon, Passive Enumeration and Information Gathering Tool “ for bug bounty hunters. We have selected these tools after extensive research. Basically this article based on “Information Gathering” which is the part of bug bounty. What is […]
Continue Reading
Hey folks, in this article we are going to talk about “How can we get multiple email addresses using Email Extractor ” We will also take help of Google dork. There are many tools available that will help you to get the email address but in this tutorial we will […]
Continue Reading