Most Common TCP/UDP Port in Networking
#bugbounty #networking #infosec

Download : https://miro.medium.com/max/720/1*jIxgQnfS9X2dVDNKTrzVJg.png

See : ☝🏻

Every Linux Networking Tool I Know 💢
By @b0rk

PDF : https://wizardzines.com/networking-tools-poster.pdf

#bugbounty #infosec

See :☝🏻

TOP OPEN SOURCE INTELLIGENCE TOOLS USED IN CYBERSECURITY

➡ OSINT Framework
➡ CheckUserNames
➡ HavelbeenPwned
➡ BeenVerified
➡ Censys
➡ BuiltWith
➡ Google Dorks
➡ Maltego
➡ Recon-Ng
➡ theHarvester
➡ Shodan
➡ Jigsaw
➡ SpiderFoot
➡ Creepy
➡ Nmap
➡ WebShag
➡ OpenVAS
➡ Fierce
➡ Unicornscan
➡ Foca
➡ ZoomEye
➡ Spyse
➡ IVRE
➡ Metagoofil
➡ Exiftool

#bugbounty #infosec

Basic Linux Commands💥

Download image : https://pbs.twimg.com/media/Fg-f_TcVQAIt55D?format=jpg&name=large

#bugbounty #infosec

Account takeover with JSON 💥

{"password":"1234",token="123"} ->200 0K

{"password":"1234","email":"victm@gmail.com","token="123"} ->200 0K

Hidden email add

#bugbounty #infosec #bugbountytips

Download above Checklist 1 : ☝🏻https://pbs.twimg.com/media/FhGatrsVQAAHrEM?format=jpg&name=medium

Download above Checklist 2 : ☝🏻https://pbs.twimg.com/media/FhGauVWUUAE2xjQ?format=png&name=large

Offensive Security Approved OSCP Notes

Link : https://web.archive.org/web/20221129191056/https://oscpnotes.infosecsanyam.in/My_OSCP_Preparation_Notes.html

#bugbounty #OSCP #infosec #pentest

Cross Origin Resource Sharing (CORS)🔥

Include :
Blogs / Articles , Tools and Mind Maps

Link :
https://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/cors

PWK – Penetration Testing With Kali Linux Penetration Testing With Kali Linux . This ebook teaches not only the skills, but also the mindset required for successful penetration testing.

It's Equivalent to bible in Penetration Testing Field

Link : https://abhishekmeena.gumroad.com/l/oscp

☝🏻 USE DISCOUNT CODE : Awesome

🏹AWS S3 Bucket Tools 💢

• s3brute - s3 brute force tool

• s3-bucket-finder - Find aws s3 buckets and extract datas.

• bucket-stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs.

• slurp - Enumerate S3 buckets via certstream, domain, or keywords.

• lazys3 - A Ruby script to bruteforce for AWS s3 buckets using different permutations.

• cred_scanner - A simple file-based scanner to look for potential AWS access and secret keys in files

• DumpsterDiver - A tool used to analyze big volumes of various file types in search of harcoded secrets like keys (AWS Access Key, Azuer Share Key or SSH keys) or passwords.

• S3Scanner - Scan for open AWS S3 buckets and dump the contents

Top Disclosed HackerOne reports 😀

Link : https://github.com/reddelexc/hackerone-reports

#bugbounty #Infosec #Hacked

APi Pentesting Writeup or Trick #bugbounty #infosec

Link : https://drive.google.com/file/d/1iMGqUUpaiQrEys4IOETwgxti8AiShomZ/view

Security headers 🔥

Learn more about headers that can keep your site safe and quickly look up the most important details.

Link : https://web.dev/security-headers/

#bugbounty #infosec

Huge Bugbounty Mindmap 🌵

Download : https://2003700811-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M5x1LJiRQvXWpt04_ee%2F-MG33U1tPKkztqqfsks0%2F-MG33dIgvN3YUZUMnKCs%2Fimage.png?alt=media&token=b9e7d007-78ff-4f6f-9b9b-03c39dd5cffa

#bugbounty #Infosec

Accidental $70k Google Pixel Lock Screen Bypass

https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/

#Security #Pentesting #SecurityEveryday #bugbounty