❤8👍7
How JWT WOrks & it's attack scenario😀☝🏻
by
@sec_r0
#bugbounty #infosec #hacking
Download :
https://securityzines.com/flyers/jwt.html
by
@sec_r0
#bugbounty #infosec #hacking
Download :
https://securityzines.com/flyers/jwt.html
👍3👏1
All about most common Http Response Headers 😀☝🏻
by
@sec_r0
#bugbounty #infosec #hacking
Download :
https://securityzines.com/flyers/httpres.html
by
@sec_r0
#bugbounty #infosec #hacking
Download :
https://securityzines.com/flyers/httpres.html
🔥2👍1👏1
Bug Bounty Tips 🌵
#bugbounty #bugbountytips #infosec
- If Render Page crash:
sudo sysctl -w kernel.unprivileged_userns_clone=1
- If embedded browser crash due sandbox:
find .BurpSuite -name chrome-sandbox -exec chown root:root {} \; -exec chmod 4755 {} \;
- Scope with all subdomains:
.*\.test\.com$
- Use Intruder to target specific parameters for scanning
- Right click: actively scan defined insertion points
# Configuration
- Project Options -> HTTP -> Redirections -> Enable JavaScript-driven
- User Options -> Misc -> Proxy Interception -> Always disabled
- Target -> Site Map -> Show all && Show only in-scope items
# XSS Validator extension
1) Start xss.js phantomjs $HOME/.BurpSuite/bapps/xss.js
2) Send Request to Intruder
3) Mark Position
4) Import xss-payload-list from $Tools into xssValidator
5) Change Payload Type to Extension Generated
6) Change Payload Process to Invoke-Burp Extension - XSS Validator
7) Add Grep-Match rule as per XSS Validator
8) Start.
# Filter the noise
https://gist.github.com/vsec7/d5518a432b70714bedad79e4963ff320
# Filter the noise TLDR
# TLS Pass Through
.*\.google\.com
.*\.gstatic\.com
.*\.googleapis\.com
.*\.pki\.goog
.*\.mozilla\.com
# Send swagger to burp
https://github.com/RhinoSecurityLabs/Swagger-EZ
# Hosted:
https://rhinosecuritylabs.github.io/Swagger-EZ/
# If some request/response breaks or slow down Burp
- Project options -> HTTP -> Streaming responses -> Add url and uncheck "Store streaming responses...."
# Burp Extension rotate IP yo avoid IP restrictions
https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension
# Collab/SSRF/pingback alternative
interactsh.com
ceye.io
requestcatcher.com
canarytokens.org
webhook.site
ngrok.com
pingb.in
swin.es
requestbin.net
ssrftest.com
rbnd.gl0.eu
dnslog.cn
beeceptor.com
# Run private collaborator instance in AWS
https://github.com/Leoid/AWSBurpCollaborator
# Run your own collab server
https://github.com/yeswehack/pwn-machine
# Wordlist from burp project file
cat project.burp | strings | tok | sort -u > custom_wordlist.txt
# Autorize:
1. Copy cookies from low priv user and paste in Autorize
2. Set filters (scope, regex)
3. Set Autorize ON
4. Navigate as high priv user
# Turbo Intruder
basic.py -> Set %s in the injection point and specify wordlist in script
multipleParameters.py -> Set %s in all the injection points and specify the wordlists in script
# Match and Replace
https://github.com/daffainfo/match-replace-burp
# Customize Audit Scans
Configure your audit profile -> Issues reported -> Individual issues -> right-click on "Extension generated issues" -> "Edit detection methods"
Works on most of issues like SQLi
# Send to local Burp from VPS
# In local computer
ssh -R 8080:127.0.0.1:8080 root@VPS_IP -f -N
# In VPS
curl URL -x http://127.0.0.1:8080
# Ip rotation
https://github.com/ustayready/fireprox
#bugbounty #bugbountytips #infosec
- If Render Page crash:
sudo sysctl -w kernel.unprivileged_userns_clone=1
- If embedded browser crash due sandbox:
find .BurpSuite -name chrome-sandbox -exec chown root:root {} \; -exec chmod 4755 {} \;
- Scope with all subdomains:
.*\.test\.com$
- Use Intruder to target specific parameters for scanning
- Right click: actively scan defined insertion points
# Configuration
- Project Options -> HTTP -> Redirections -> Enable JavaScript-driven
- User Options -> Misc -> Proxy Interception -> Always disabled
- Target -> Site Map -> Show all && Show only in-scope items
# XSS Validator extension
1) Start xss.js phantomjs $HOME/.BurpSuite/bapps/xss.js
2) Send Request to Intruder
3) Mark Position
4) Import xss-payload-list from $Tools into xssValidator
5) Change Payload Type to Extension Generated
6) Change Payload Process to Invoke-Burp Extension - XSS Validator
7) Add Grep-Match rule as per XSS Validator
8) Start.
# Filter the noise
https://gist.github.com/vsec7/d5518a432b70714bedad79e4963ff320
# Filter the noise TLDR
# TLS Pass Through
.*\.google\.com
.*\.gstatic\.com
.*\.googleapis\.com
.*\.pki\.goog
.*\.mozilla\.com
# Send swagger to burp
https://github.com/RhinoSecurityLabs/Swagger-EZ
# Hosted:
https://rhinosecuritylabs.github.io/Swagger-EZ/
# If some request/response breaks or slow down Burp
- Project options -> HTTP -> Streaming responses -> Add url and uncheck "Store streaming responses...."
# Burp Extension rotate IP yo avoid IP restrictions
https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension
# Collab/SSRF/pingback alternative
interactsh.com
ceye.io
requestcatcher.com
canarytokens.org
webhook.site
ngrok.com
pingb.in
swin.es
requestbin.net
ssrftest.com
rbnd.gl0.eu
dnslog.cn
beeceptor.com
# Run private collaborator instance in AWS
https://github.com/Leoid/AWSBurpCollaborator
# Run your own collab server
https://github.com/yeswehack/pwn-machine
# Wordlist from burp project file
cat project.burp | strings | tok | sort -u > custom_wordlist.txt
# Autorize:
1. Copy cookies from low priv user and paste in Autorize
2. Set filters (scope, regex)
3. Set Autorize ON
4. Navigate as high priv user
# Turbo Intruder
basic.py -> Set %s in the injection point and specify wordlist in script
multipleParameters.py -> Set %s in all the injection points and specify the wordlists in script
# Match and Replace
https://github.com/daffainfo/match-replace-burp
# Customize Audit Scans
Configure your audit profile -> Issues reported -> Individual issues -> right-click on "Extension generated issues" -> "Edit detection methods"
Works on most of issues like SQLi
# Send to local Burp from VPS
# In local computer
ssh -R 8080:127.0.0.1:8080 root@VPS_IP -f -N
# In VPS
curl URL -x http://127.0.0.1:8080
# Ip rotation
https://github.com/ustayready/fireprox
👍4🔥2👎1👏1
In short Basic Computer Networking - Notes
#bugbounty #infosec
Beginner should know in Infosec community
See : ☝🏻
#bugbounty #infosec
Beginner should know in Infosec community
See : ☝🏻
❤4
Most Common TCP/UDP Port in Networking
#bugbounty #networking #infosec
Download : https://miro.medium.com/max/720/1*jIxgQnfS9X2dVDNKTrzVJg.png
See : ☝🏻
#bugbounty #networking #infosec
Download : https://miro.medium.com/max/720/1*jIxgQnfS9X2dVDNKTrzVJg.png
See : ☝🏻
❤5👍2😱1
Every Linux Networking Tool I Know 💢
By @b0rk
PDF : https://wizardzines.com/networking-tools-poster.pdf
#bugbounty #infosec
See :☝🏻
By @b0rk
PDF : https://wizardzines.com/networking-tools-poster.pdf
#bugbounty #infosec
See :☝🏻
👍3🔥2👏1
TOP OPEN SOURCE INTELLIGENCE TOOLS USED IN CYBERSECURITY
➡ OSINT Framework
➡ CheckUserNames
➡ HavelbeenPwned
➡ BeenVerified
➡ Censys
➡ BuiltWith
➡ Google Dorks
➡ Maltego
➡ Recon-Ng
➡ theHarvester
➡ Shodan
➡ Jigsaw
➡ SpiderFoot
➡ Creepy
➡ Nmap
➡ WebShag
➡ OpenVAS
➡ Fierce
➡ Unicornscan
➡ Foca
➡ ZoomEye
➡ Spyse
➡ IVRE
➡ Metagoofil
➡ Exiftool
#bugbounty #infosec
➡ OSINT Framework
➡ CheckUserNames
➡ HavelbeenPwned
➡ BeenVerified
➡ Censys
➡ BuiltWith
➡ Google Dorks
➡ Maltego
➡ Recon-Ng
➡ theHarvester
➡ Shodan
➡ Jigsaw
➡ SpiderFoot
➡ Creepy
➡ Nmap
➡ WebShag
➡ OpenVAS
➡ Fierce
➡ Unicornscan
➡ Foca
➡ ZoomEye
➡ Spyse
➡ IVRE
➡ Metagoofil
➡ Exiftool
#bugbounty #infosec
🔥7👏2
Basic Linux Commands💥
Download image : https://pbs.twimg.com/media/Fg-f_TcVQAIt55D?format=jpg&name=large
#bugbounty #infosec
Download image : https://pbs.twimg.com/media/Fg-f_TcVQAIt55D?format=jpg&name=large
#bugbounty #infosec
👍4🔥2😁1
Account takeover with JSON 💥
{"password":"1234",token="123"} ->200 0K
{"password":"1234","email":"victm@gmail.com","token="123"} ->200 0K
Hidden email add
#bugbounty #infosec #bugbountytips
{"password":"1234",token="123"} ->200 0K
{"password":"1234","email":"victm@gmail.com","token="123"} ->200 0K
Hidden email add
#bugbounty #infosec #bugbountytips
👍9🔥2👌1
Download above Checklist 1 : ☝🏻https://pbs.twimg.com/media/FhGatrsVQAAHrEM?format=jpg&name=medium
Download above Checklist 2 : ☝🏻https://pbs.twimg.com/media/FhGauVWUUAE2xjQ?format=png&name=large
Download above Checklist 2 : ☝🏻https://pbs.twimg.com/media/FhGauVWUUAE2xjQ?format=png&name=large
👍3🎉1
Offensive Security Approved OSCP Notes
Link : https://web.archive.org/web/20221129191056/https://oscpnotes.infosecsanyam.in/My_OSCP_Preparation_Notes.html
#bugbounty #OSCP #infosec #pentest
Link : https://web.archive.org/web/20221129191056/https://oscpnotes.infosecsanyam.in/My_OSCP_Preparation_Notes.html
#bugbounty #OSCP #infosec #pentest
🔥16👍4👏3❤1💯1
Cross Origin Resource Sharing (CORS)🔥
Include :
Blogs / Articles , Tools and Mind Maps
Link :
https://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/cors
Include :
Blogs / Articles , Tools and Mind Maps
Link :
https://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/cors
🤩4👏2👍1
PWK – Penetration Testing With Kali Linux Penetration Testing With Kali Linux . This ebook teaches not only the skills, but also the mindset required for successful penetration testing.
It's Equivalent to bible in Penetration Testing Field
Link : https://abhishekmeena.gumroad.com/l/oscp
It's Equivalent to bible in Penetration Testing Field
Link : https://abhishekmeena.gumroad.com/l/oscp
👍5❤🔥1🔥1👏1