Encontrando vulnerabilidades IDOR mediante la automatización | PwnFox + Auth Analyzer

Finding IDOR vulnerabilities through automation | PwnFox + Auth Analyzer

First we must download the PwnFox extension for the Firefox browser from the following link. https://addons.mozilla.org/es/firefox/addon/pwnfox/ Once PwnFox is installed we must go to “Settings”. Here is the proxy configuration and we must set the host to and the port to 8080. Once this is done we must enable PwnFox. The status will change color

Read More
Enumeración de subdominios ? Recon parte 2

Subdomain enumeration ? Reckon part 2

Inspired by part two of https://twitter.com/RogueSMG/status/1496217791976054784 Topics: Set up your VPS server To list subdomains of a target, the easiest way is programmatic automation. First of all we need to have a Linux-based operating system, such as the KaliLinux distribution that can be used as a virtual machine from Vmware in Windows. But

Read More
Wide scope Program – Recon parte 1

Wide scope Program – Recon part 1

A different approach to traditional recognition. When a vulnerability search is carried out for a company, and not enough information is provided, it is difficult to have a map about all the assets that correspond to the company. In this entry you will be able to obtain information about different techniques to locate those objectives that are not visible

Read More
OnlineShoop Bug Bounty

OnlineShop Bug Bounty

Below are some TIPS that can be used when practicing Bug Bounty.

Read More