Advanced One-Liner for extracting filtered URLs for Injection-Based Attacks. This one-liner is a powerful example of how Bug Bounty Hunters and Pentesters can automate the extraction of URLs for any given website using various tools and Linux tricks. It employs active fuzzing techniques (not passive), with optimized blacklists to avoid fetching URLs with extensions that are not useful for injection attacks (such as images, etc.). The one-liner then cleans the URLs to include only those with parameters using the 'gf' tool and removes duplicates, reducing the overall results and maintaining only the scope you want accurately. Your final list will then be ready for injection-based attacks, depending on the types you choose, such as SQL, XSS, LFI, and RCEs. Breakdown of this one-liner: ➡️STEP 1: Crawling the Website with speed and accuracy actively. gospider -s 'URL TARGET' -c 10 -d 5 --blacklist ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico|pdf|svg|txt)" We run the 'GoSpider' tool to crawl the website 'URL TARGET' with 10 concurrent threads (-c 10) and a maximum depth of 5 (-d 5). The --blacklist option excludes files with specified extensions to optimize speed and accuracy. ➡️STEP 2: Filtering Parameters and looking only for those that are important. gf allparam We use the 'gf' tool to filter the output and show all parameters from the URLs using a predefined regex pattern. ➡️STEP 3: Cleaning URLs for Fuzzing sed 's/=./=/' We use 'sed' to remove everything after the equal sign in the URLs, preparing them for fuzzing by ensuring the URLs are clean after the parameters. ➡️STEP 4: Extracting URLs grep -Eo '(http|https)://[^&] ' We employ 'grep' with the '-Eo' option to extract and output only the URLs (starting with http or https) from the input. ➡️STEP 5: Removing Duplicated URLs awk '!seen[$0] ' We use 'awk' to remove duplicate URLs for optimization. The '!seen[$0] ' pattern checks if the current line is already in the 'seen' array and only adds it if it is unique. ➡️STEP 6: Filtering by Domain. grep '^URL TARGET' We apply one more time 'grep' to filter out only the URLs that match the main domain 'URL TARGET', ensuring the results stay within the defined scope. #InjectionBasedAttacks #InjectionAttacks #pentesting #bugbounty #bugbountytips #linux #hacking #infosec #informationsecurity #cybersecurity #offensivesecurity
Black Hat Ethical Hacking
Computer and Network Security
Global, Global 281,470 followers
We specialize in Offensive Security, focusing on Red Teaming, Pentesting, Digital Forensics and Phishing Simulated Tests
About us
At Black Hat Ethical Hacking, our mission is to provide Offensive Security services that help organizations identify and address potential vulnerabilities before they can be exploited by malicious actors globally. Our team of experienced hackers are passionate about sharing their expertise to raise awareness and inspire new talent in the field. We are involved in Bug Bounty Hunting Programs, helping companies identify and fix security flaws in their software and systems. Our approach is focused on helping the Information Security industry understand how important the presence of Offensive Security is in today's era. By using real-world tactics and techniques, we provide a comprehensive security assessment that goes beyond traditional security measures. Our solutions include Penetration Testing, which simulates real-world attacks to identify and exploit vulnerabilities in your network, applications, and systems. We also provide Vulnerability Assessment services, which identify weaknesses and prioritize them based on risk level. Our Phishing Simulation Test helps educate employees about the dangers of phishing attacks, and our Digital Forensics Services can help identify and mitigate security incidents. For more information about our solutions, please visit our website. If you're interested in discussing Security Solutions, Collaboration, or Sponsorship opportunities, please contact us at [email protected]. In addition to our services, we offer Offensive Security courses designed to help individuals and businesses gain the knowledge and skills necessary to protect themselves against cyber threats. Our courses cover a range of topics, including Ethical Hacking, Penetration Testing, and Cyber Security Fundamentals. To learn more about our courses, please visit blackhatethicalhacking.com/courses. Self promotion is prohibited without our consent, posts will be deleted. Crunchbase: https://www.crunchbase.com/organization/black-hat-ethical-hacking
- Website
-
https://www.blackhatethicalhacking.com
External link for Black Hat Ethical Hacking
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- Global, Global
- Type
- Privately Held
- Founded
- 2017
- Specialties
- Ethical Hacking, Penetration Testing, Phishing Testing, Digital Forensics, Offensive Security Courses, Offensive Security, Information Security, Bug Bounty Hunting, and Red Team
Locations
-
Primary
Global, Global 1337, CY
Employees at Black Hat Ethical Hacking
Updates
-
Digital Forensics Tool: Horus Horus, developed by 6abd, is a tool designed for investigative purposes, assisting in data gathering and analysis through various APIs. Whether you’re conducting digital forensics or OSINT (Open Source Intelligence), this tool provides features such as location tracking, IP tracing, MAC address vendor identification, and file encryption. Read the post: https://lnkd.in/euxdEThq #osint #digitalforensics #forensics #infosec #informationsecurity #cybersecurity
-
-
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. Read more: https://lnkd.in/dQ9nKkA3 #uefi #vulnerability #pkfail #secureboot #malware #exploit #informationsecurity #infosec
-
Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under certain circumstances. The flaw was initially discovered and fixed in Docker Engine v18.09.1, released in January 2019, but for some reason, the fix wasn’t carried forward in later versions, so the flaw resurfaced. Read more: https://lnkd.in/dc4x5vyf #docker #authz #vulnerability #authorization #informationsecurity #infosec
Docker: Critical Patch Issued for a 5-year Old Vulnerability Allowing Authorization Bypass
https://www.blackhatethicalhacking.com
-
The Ultimate Hardware Hacking Gear Guide. This magazine is amazing for all hardware hacking enthusiasts! Whether you're a professional or a beginner, if you're interested in hardware hacking, this e-zine has something for everyone. It’s packed with over 170 pages of essential content. Explore the best tools, detailed tutorials, tips, and the latest updates in hardware hacking. Creator: Julio Della Flora You can download it from this repository: https://lnkd.in/dE6z9VHb #hardwarehacking #hacking #infosec #informationsecurity #offensivesecurity #redteam
GitHub - jcldf/ultimate-hardware-hacking-gear-guide-: Unlock Exclusive Insights! 🚀📖 Download My FREE E-Zine Now ➡️ Over 170 Pages of Essential Content! Elevate your hardware hacking game with insider tips and the latest trends. Don’t miss out—grab your copy today and transform your projects!
github.com
-
A zero-day vulnerability in Telegram for Android, dubbed ‘EvilVideo,’ has been discovered, allowing attackers to send malicious Android APK payloads disguised as video files. This flaw, which affected Telegram version 10.14.4 and older, was first sold by a threat actor named ‘Ancryno’ on the XSS hacking forum on June 6, 2024. Full post: https://lnkd.in/dFNsGisq #zeroday #evilvideo #telegram #hacking #forum #android #apk #payload #vulnerability #informationsecurity #infosec
‘EvilVideo’ Zero-Day Exploit Hits Telegram: Malicious APKs Disguised as Video Files
https://www.blackhatethicalhacking.com
-
Cybersecurity researchers have identified a new Linux variant of the Play ransomware strain, also known as Balloonfly and PlayCrypt, which specifically targets VMware ESXi environments. Full post: https://lnkd.in/dPTnWPUe #linux #ransomware #playransomware #esxi #playcrypt #vmware #ransom #hacking #informationsecurity #infosec
New Linux Variant of Play Ransomware Targets VMware ESXi Environments
https://www.blackhatethicalhacking.com
-
Recon Tool: FinalRecon FinalRecon developed by Lohitya P. is an automatic web reconnaissance tool written in Python, designed to provide a comprehensive overview of a target website efficiently. Its goal is to streamline the web reconnaissance process by consolidating multiple functionalities into a single tool, reducing the need for multiple dependencies. Read the post: https://lnkd.in/eHsu53_P #reconnaissance #recon #pentesting #infosec #informationsecurity #cybersecurity
-
-
Cisco has addressed a critical severity vulnerability (CVE-2024-20401) affecting its Security Email Gateway (SEG) appliances. This vulnerability allows attackers to add new users with root privileges or permanently crash the appliances by exploiting email attachments with malicious content. Full post: https://lnkd.in/dZh4WuYF #cisco #vulnerability #root #seg #dos #asyncos #informationsecurity #infosec
Critical Cisco Bug Allows Root Access and Permanent DoS via Malicious Emails
https://www.blackhatethicalhacking.com
-
Convert a Shell into a Meterpreter Session using different methods. "Shell is just the beginning in post-exploitation." In this video, we explore the limitations of a standard shell and the enhanced capabilities offered by Metasploit's Meterpreter. Initially, we demonstrate basic shell functionalities such as downloading and uploading files. We then proceed to convert our current shell session into a Meterpreter session for more comprehensive control, allowing you to perform more sophisticated post-exploitation attacks. After obtaining a shell, we background the session and prepare to use Metasploit to perform the conversion with its own post module included. By listing the active sessions with the command 'sessions,' we identify the shell session's ID. We then set the session to the identified ID, enabling the conversion process. Running the conversion command will attempt to transform the shell into a Meterpreter session, allowing you as a Red Teamer to exercise more control over compromised endpoints. ➡️Watch the full episode: https://lnkd.in/eb9uM-8E Become a member and join the Offensive Security Front-Line on our Patreon channel. Discover our exclusive content with our FREE trial for 7 days! https://lnkd.in/g7F5etz #postexploitation #meterpreter #metasploit #hacking #infosec #informationsecurity #cybersecurity #offensivesecurity #redteam #patreon