My youtube channel : https://www.youtube.com/c/IsmailTasdelen
IBM – Cross site Scripting [XSS]
Posted on
HOW I WAS BYPASSED CLOUDFLARE WAF
Posted on
Hey guys, I was doing Penetration testing for the private company. I am used to of manual testing instead of tools. At that time, the company had used Cloudflare WAF. As a penetration tester, you fill like your inputs are not working and you havenβt found a single bug. Your inputs are going to block by WAF.
XSSCon – XSS Tool @Kitploit
Posted on
Powerfull Simple XSSScanner made with python 3.7
Download: https://github.com/menkrep1337/XSSCon
Reference: https://www.kitploit.com
I Found a multiple xss on https://clickmeeting.com
Posted on
xss at anghami.com
Posted on
ifound xss at anghami.com here it is the details report link: https://www.openbugbounty.org/reports/927326/ effected page:https://anghami.com/openapp/?deeplink=anghami://song/45651752 poc: https://www.anghami.com/openapp/?deeplink=anghami://song/45651752″>xxx<svg%2Fonload%3Dconfirm%28%2Fzikads%2F%29> mypayload: “>xxx<svg%2Fonload%3Dconfirm%28%2Fzikads%2F%29> bug has been fixted what did i get ? 1 month of subscription which worth about 1$ as bounty π
WordPress Stored XSS Vulnerability
Posted on
PoC:
XSS Reflected on ahrefs.com
Posted on
XSS in App1.bqrlinq.com (Got bounty and fixed)
Posted on
95$ certificate at 0.01$ Parameter Tempering on w3school
Posted on
π
Sql Injection on college website
Posted on
π