BUG BOUNTY
@bugbounty2
517 subscribers
32 photos
1 video
6 files
122 links
Poc &Tools &Methodology
Download Telegram
About
Blog
Apps
Platform
Join
BUG BOUNTY
517 subscribers
BUG BOUNTY
https://dhiyaneshgeek.github.io/web/security/2021/10/23/how-i-was-able-to-revoke-your-instagram-2fa/
Geek Freak
How I was able to revoke your Instagram 2FA
Bypassing Rate Limit using IP Rotation
378 views
BUG BOUNTY
https://www.zapstiko.com/account-takeover-via-facebook-oauth/
413 views
BUG BOUNTY
Methods To Find Sqli
by 'Aswin Govind'

1. sublist3r -d target | tee -a domains
2. cat domains | httpx | tee -a alive
3. cat alive | waybackurls | tee -a urls
4. gf sqli urls >> sqli
5. sqlmap -m sqli.txt --dbs --batch
429 views
BUG BOUNTY
https://xelkomy.medium.com/easy-ssrf-from-wayback-machine-edf946486120
420 views
BUG BOUNTY
Forwarded from xAL7x Cyber (copyright: © xAL7x)
Cheat sheet Metasploit

https://twitter.com/alhassanAlharb7/status/1456231461946855429?t=mjEuwRV2ZUew_1E_zSwVhg&s=19
463 views
BUG BOUNTY
Forwarded from xAL7x Cyber (copyright: © xAL7x)
Nmap Cheat Sheet
483 views
BUG BOUNTY
https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
Security Breached Blog
My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.
The Post describe basic steps i follow before starting actual hunt for bugs in a bug bounty program, how i map out the target and which tools to use.
518 views
BUG BOUNTY
Here some good tip
1. Create an account email@burp_collab*
2. Forgot password
3. Received requests from internal server + SMTP connection details
4. Got Internal headers + origin IP
5. http://site.com/admin = (403)
6. http://site.com/admin = (Headers + Origin IP = pwn)
537 views
BUG BOUNTY
https://twitter.com/Alra3ees/status/1462726648810418179
Twitter
Emad Shanab - أبو عبد الله
Bug Bounty mind maps collection:- CC @NafihZain gowthams.gitbook.io/bughunter-hand… github.com/imran-parray/M… awesomeopensource.com/projects/mindm… github.com/5bhuv4n35h/pen… github.com/topics/mindmap
629 views
BUG BOUNTY
https://salmonsec.com/cheatsheet/account_takeover
612 views
BUG BOUNTY
https://0xmahmoudjo0.medium.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-9c3bb3780e8f
Medium
How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutes
Hello all, hope you’re OK. Our journey today is about how I found multiple SQL Injection in a BugBounty program in just few minutes with a…
713 views
BUG BOUNTY
https://github.com/Cyber-Guy1/theCyberGuy_Recon_V1.0/blob/main/theCyberGuy_Recon_V1.0.png
GitHub
theCyberGuy_Recon_V1.0/theCyberGuy_Recon_V1.0.png at main · Cyber-Guy1/theCyberGuy_Recon_V1.0
Contribute to Cyber-Guy1/theCyberGuy_Recon_V1.0 development by creating an account on GitHub.
838 views
BUG BOUNTY
BUG BOUNTY
Blind XSS via Burpsuite Match and Replace:- Save this file as json format and go to:- 1:- Burpsuite - Proxy - Options - Match and Replace. 2:- Click on the option button and choose load options. 3:- Browse for the file and load it to Burpsuite. 4:- Import…
blind xss
782 views
BUG BOUNTY
https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6
alike-lantern-72d on Notion
Web Application Penetration Testing Checklist | Notion
More than 200 custom test cases
835 views
BUG BOUNTY
https://www.kitploit.com/2022/04/bitb-browser-in-browser-bitb-templates.html
Kitploit
Kitploit – Maintenance in Progress
Kitploit is temporarily under maintenance. We’ll be back shortly with improvements.
👍1
895 views
BUG BOUNTY
https://nuclei-templates.netlify.app/#q=cve-2021
nuclei-templates.netlify.app
Nuclei Templates Directory
Browse published Nuclei templates here!
959 views
BUG BOUNTY
https://github.com/alexbieber/Bug_Bounty_writeups#remote-code-execution-rce
GitHub
GitHub - alexbieber/Bug_Bounty_writeups: BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴
BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴. Contribute to alexbieber/Bug_Bounty_writeups development by creating an account on GitHub.
1.11K views
BUG BOUNTY
1.05K views
BUG BOUNTY
https://github.com/cyspad/Weaponize-Your-Burp
GitHub
GitHub - cyspad/Weaponize-Your-Burp: Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp…
Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite - cyspad/Weaponize-Your-Burp
1.16K views
BUG BOUNTY
https://bgpview.io/
1.15K views
BUG BOUNTY
Shodan Dorking (Web)

org:”target.com
http.status:”<status_code>”
product:”<Product_Name>”
port:<Port_Number> “Service_Message”
port:<Port_Number> “Service_Name”
http.component:”<Component_Name>”
http.component_category:”<Component_Category>”
http.waf:”<firewall_name>”
http.html:”<Name>”
http.title:”<Title_Name>”
ssl.alpn:”<Protocol>”
http.favicon.hash:”<Favicon_Hash>”
net:”<Net_Range>” (for e.g. 104.16.100.52/32)
ssl.cert.subject.cn:”<Domain.com>”
asn:”<ASnumber>”
hostname:”<hostname>”
ip:”<IP_Address>”
all:”<Keyword>”
“Set-Cookie: phpMyAdmin”
“Set-Cookie: lang=”
“Set-Cookie: PHPSESSID”
“Set-Cookie: webvpn”
“Set-Cookie:webvpnlogin=1”
“Set-Cookie:webvpnLang=en”
“Set-Cookie: mongo-express=”
“Set-Cookie: user_id=”
“Set-Cookie: phpMyAdmin=”
“Set-Cookie: _gitlab_session”
“X-elastic-product: Elasticsearch”
“x-drupal-cache”
“access-control-allow-origin”
“WWW-Authenticate”
“ X-Magento-Cache-Debug”
“kbn-name: kibana”
“X-App-Name: kibana”
“x-jenkins”
👍1
1.39K views