Blind SQL injection – ContentLength based
December 13th, 2018 📆 | 1861 Views ⚑
It’s possible that you will find false positives and you have to adjust the content-length. You can download profile: *
Author Archives: Burp Bounty
Tagged with: based • blind • contentlength • injection
Blind XSS with BurpBounty using Burp Collaborator
December 11th, 2018 📆 | 6016 Views ⚑
BurpBounty change the {BC} token for Burp Collaborator host. Burp Collaborator its in background searching for interactions with it. If
Tagged with: blind • burpbounty • collaborator • using
Error SQL Injection with BurpBounty
December 7th, 2018 📆 | 3878 Views ⚑
You can detect Error SQL injection if you trigger an sql errors and later find them through simple string match
Tagged with: burpbounty • error • injection
Reflected and Stored XSS Url Encoded with BurpBounty
December 7th, 2018 📆 | 6784 Views ⚑
You can encode multiple times your payload, and later find them without encode. You can download this profile: * https://github.com/wagiro/BurpBounty/blob/master/profiles/XSSUrlEncode.bb
Tagged with: burpbounty • encoded • reflected • stored
Reflected and Stored XSS with BurpBounty
December 4th, 2018 📆 | 4689 Views ⚑
Basic XSS with BurpBounty 3.0 BurpBounty send every payload in every insertion point, and later search for them. You can
Tagged with: burpbounty • reflected • stored
Popular
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
GitLab 11.4.7 – Remote Code Execution (Authenticated) December 20, 2020 # Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…- Oracle Solaris SunSSH PAM parse_user_name() Buffer… December 18, 2020 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…
Members
Comments