#GoldBrute is coming

Reason number #61234 of why you don't run random exploits from the interent: CVE-2019-0708 #Bluekeep

One of very helpful and not very well known Shodan filter is “http.favicon.hash”. It calculates hash of favicon.ico image and search for exactly this same value, which returns websites running the same target software or service. #shodan #OSINT

⚠️ WARNING ⚠️ @Forbes Magazine subscription website ( https://t.co/VqCahQHj9X) is infected with #magecart malware. Exfil domain: fontsawesome[.]gq (🇧🇬) @urlscanio results: https://t.co/Su3ziLZd3w Deobfuscated code: https://t.co/jb0ULmq0Et

Getting Started in #BugBounty Hunting https://t.co/FdNRxcFkV0

#AEMDorks inurl:"/libs/granite/core/content/login" intitle:"AEM Sign In"

New blog post! 🙌 This is how I've been leveraging low-severity XSS bugs to bypass CSRF protections & perform full account takeovers. I've included canned JS payloads to gain administrative access on Wordpress and Drupal in my Github (link in article). https://t.co/kv1dHkWNl8

Attacking Private Networks from the Internet with DNS Rebinding https://t.co/hp7gHe7KqG

Crack WPA/WPA2 Wi-Fi Routers with Aircrack-ng and Hashcat https://t.co/3kbYFoT3mn

SSRF Part # 3 https://t.co/AXOCG937gy

SSRF Part #2 https://t.co/xLpmsA5fK5

SSRF Part #1 https://t.co/YzYQpA9zDq