CybrMonk’s Post

Apache Traffic Server: Incomplete check for chunked trailer section allows re...Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulne... Apache, Traffic, Server:, Incomplete, check, for, chunked, trailer, section, allows, re...

Apache Traffic Server: Invalid Accept&Encoding can force forwarding requestsI...Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 th... Apache, Traffic, Server:, Invalid, Accept-Encoding, can, force, forwarding, requestsI...

Today is day 21 of 50, where we learn how to be better at cybersecurity! 🚀 Let’s talk about enumeration tools because the better you are at enumeration, the better you’ll be at exploitation. Today, I want to highlight an awesome tool: httprobe by the legendary Tomnomnom, one of the great professionals in our field. When you’re dealing with asset discovery or subdomain enumeration, it’s common to end up with a massive list of hosts. But the real question is: Which of these are live and running HTTP or HTTPS services? This is where httprobe shines! It’s a fast and efficient tool designed to check a list of domains or IPs and determine which ones respond over HTTP or HTTPS. What Makes httprobe So Useful for Cybersecurity Professionals? 1. Saves Time ⏱️: No more manually checking if hosts are live. 2. Flexible Integration 🛠️: Pair it with tools like Sublist3r, Amass, or Assetfinder, and you’ll have a streamlined workflow to uncover live targets. 3. HTTPS Support 🌐: It doesn’t just stop at HTTP—it seamlessly checks for HTTPS services too. 4. Simplicity at Its Best 🖥️: With a single command, you can filter out dead targets and focus on the ones that matter. A Practical Tip for Professionals 💡 After running httprobe, take the list of live hosts and use it as input for tools like nmap, dirb, or Burp Suite. This ensures you’re spending time only on actionable targets, which is critical when handling large scopes in bug bounty programs or penetration tests. Let’s keep learning, keep growing, and get better at what we do. Enumeration is the foundation of every great exploit, so sharpen those skills! httprobe link: https://lnkd.in/geHhVskj Take a list of domains and probe for working http and https servers. Install ▶ go install https://lnkd.in/g_gCYzRk Happy Hacking! #CyberSecurity #HTTProbe #CyberSecJourney #EnumerationTools #LinkedIn50DayChallenge

🚀 Mastering DNS Troubleshooting with nslookup! 🔍 Whether you're just getting started or diving deep into advanced DNS queries, nslookup is an essential tool for resolving network issues, verifying DNS configurations, and much more. Check out this visual breakdown of how nslookup works to query domain names and IP addresses! 🌐💻 #Networking #Cybersecurity #DNS #nslookup #NetworkTroubleshooting #TechTips #Proompt #CybersecurityTools

🚀 Mastering DNS Troubleshooting with nslookup! 🔍 Whether you're just getting started or diving deep into advanced DNS queries, nslookup is an essential tool for resolving network issues, verifying DNS configurations, and much more. Check out this visual breakdown of how nslookup works to query domain names and IP addresses! 🌐💻 #Networking #Cybersecurity #DNS #nslookup #NetworkTroubleshooting #TechTips #Proompt #CybersecurityTools

I am excited to share my latest article. -> This will explain that how we can connect on prime pfsense firewall with the Microsoft Sentinel SIEM. -> This article will provide you the brief understanding of Linux syslog server, log collection and log forwarding.

easy, breezy, connecting to mail protocols with telnet to freshen up on some skills, and to learn more about the basis of emails servers such as IMAP, POP3 etc.

Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers - https://lnkd.in/eejK7ZA6 #OSINT #ThreatIntel #CyberSecurity

Kamaji's RBAC Roles for `etcd` are not disjunctKamaji is the Hosted Control P...Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an "open at the top" range definition in RBAC for etcd roles leading to some TCPs API servers b...Kamaji's RBAC Roles for `etcd` are not disjunctKamaji is the Hosted Control P...

Org.keycloak/keycloak&quarkus&server: keycloak proxy header handling denial&o...A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service