{"uuid": "1c30ab26-2cfb-426d-a30d-519537d0c4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-1388", "type": "seen", "source": "https://t.me/bhhub/858", "content": "#BugBountyTips of the Day\n(Forensicator - Powershell Script To Aid Live Forensics &amp; Incidence Response) -  https://t.co/AgcfEBrdwF #infosec #netsec #pentest #cybersecurity #bugbounty  https://t.co/Q7cdVK2Lfs\n---\nActive Directory Privilege Escalation Hardening  #infosec #cybersecurity #cybersecuritytips  #pentesting #oscp #redteam  #informationsecurity  #cissp #CyberSec #networking #networksecurity #CheatSheet #infosecurity #bugbountytips  https://t.co/W0rlIDyhmB\n---\nIncident Response Cheat Sheet  #infosec #cybersecurity #cybersecuritytips  #pentesting #oscp #redteam  #informationsecurity  #cissp #CyberSec #networking #networksecurity #CheatSheet #infosecurity #bugbountytips  https://t.co/AEYuem3Tur\n---\n403 Forbidden bypass \ud83d\udd25\ud83d\udd25  GET /admin ==&gt; 403 Forbidden GET /blablabal/%2e%2e/admin ==&gt; 200 OK GET /blablabal/..;/admin ==&gt; 200 OK  GET /blablabal/;/admin ==&gt; 200 OK GET /blablabal/admin/..;/ ==&gt; 200 OK GET /admin?access=1 ==&gt; 200 OK   #bugbountytips #bugbountytip #bugbounty\n---\n\u2694\ufe0f List of Top 25 parameters for finding:  - XSS - SSRF - LFI - SQLi - RCE - Open Redirects   https://t.co/FP4Ykz63Tm  Useful for fuzzing.  #bugbounty #infosec #cybsersecurity #redteam #pentesting  https://t.co/6jP6ghzoIT\n---\nSome endpoint bypasses \u2705: #bugbountytips #infosec  https://t.co/pfEvLjTz2g\n---\nLog files to check for valuable information &amp; clear  system logs. - Here is a small list of UNIX locations to modify/view while you're on a machine. - #CyberSecurity #infosec #CTF #bugbounty  https://t.co/NvvkZ719HZ\n---\nCVE-2022-30525 PoC  #bugbounty  https://t.co/x9gfuFeR9a\n---\n#infosec #bugbounty #redteam  https://t.co/fJq6T5nj5x\n---\n#PoC for CVE-2022-1388 is out, grab it here! Added #shodan query!   https://t.co/nX4FufMyI4   #bugbounty #bugbountytips #infosec #cybersecurity  https://t.co/BbYx6mkrSl\n---\nResolving at 22K qps from a single host. Not bad, uh?  This is from a second iteration of permutations and alterations using puredns and the @trick3st resolvers lists  #recon #hacking #bugbounty  https://t.co/9y1bHgAD4w", "creation_timestamp": "2022-05-16T13:37:05.000000Z"}