Bugbounty Notes 📒
Inclue OWASP Top 10 And more
#bugbounty #Infsoec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👆
Inclue OWASP Top 10 And more
#bugbounty #Infsoec
Amazing Git Repo : https://github.com/Voorivex/pentest-guide
Check This Out : 👌👆
❤9🔥1
Master OAuth 2.0 Vulnerability
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
❤12👍9🤯1😱1
One-liner Bugbounty Tips 📌
Find Subdomains TakeOver
subfinder -d HOST >> FILE; assetfinder --subs-only HOST >> FILE; amass enum -norecursive -noalts -d HOST >> FILE; subjack -w FILE -t 100 -timeout 30 -ssl -c $GOPATH/src/github.com/haccer/subjack/fingerprints.json -v 3 >> takeover ;
#bugbounty #infosec
Find Subdomains TakeOver
subfinder -d HOST >> FILE; assetfinder --subs-only HOST >> FILE; amass enum -norecursive -noalts -d HOST >> FILE; subjack -w FILE -t 100 -timeout 30 -ssl -c $GOPATH/src/github.com/haccer/subjack/fingerprints.json -v 3 >> takeover ;
#bugbounty #infosec
👍11🔥3
Gather Domains from Content-Security-Policy
#bugbounty #Infosec
curl -vs URL --stderr - | awk '/^content-security-policy:/' | grep -Eo "[a-zA-Z0-9./?=_-]*" | sed -e '/\./!d' -e '/[^A-Za-z0-9._-]/d' -e 's/^\.//' | sort -u
Look : 👆
#bugbounty #Infosec
curl -vs URL --stderr - | awk '/^content-security-policy:/' | grep -Eo "[a-zA-Z0-9./?=_-]*" | sed -e '/\./!d' -e '/[^A-Za-z0-9._-]/d' -e 's/^\.//' | sort -u
Look : 👆
👍6👌1
👍6🔥2❤1🥰1
Complete OSCP Guide With Active Directory
Amazing Article Contains :
• lots of tips
• Recommended Tools For Active Directory
• Recommended Labs To Solve For Active Directory
• Cheatsheet
• Resources
Take 👇 : Look
https://bugbountyguide.org/index.php/2022/11/29/oscp-preparation-with-active-directory/
#bugbounty #infosec #oscp
Amazing Article Contains :
• lots of tips
• Recommended Tools For Active Directory
• Recommended Labs To Solve For Active Directory
• Cheatsheet
• Resources
Take 👇 : Look
https://bugbountyguide.org/index.php/2022/11/29/oscp-preparation-with-active-directory/
#bugbounty #infosec #oscp
🔥10❤🔥5👍3🤩1
Bug Bounty Tips 👌
#bugbounty #infosec
It explains what tool you can use for whatever bug is it is
Credit: Patrik
Take a look :☝️
Wait for some time, if not clear
#bugbounty #infosec
It explains what tool you can use for whatever bug is it is
Credit: Patrik
Take a look :☝️
Wait for some time, if not clear
👍7🤩2🥰1
Unique Rate limit bypass worth 1800$ 👍
https://medium.com/@manavbankatwala29/unique-rate-limit-bypass-worth-1800-6e2947c7d972
#hacking #bugbounty #cybersecurity
https://medium.com/@manavbankatwala29/unique-rate-limit-bypass-worth-1800-6e2947c7d972
#hacking #bugbounty #cybersecurity
❤6👍2🔥2👏1
image.png
118.9 KB
The Bug Hunter's Methodology v4.0 - Recon Edition Breakdown ,thanks to @jhaddix
Check This Out :
https://www.linkedin.com/pulse/bug-hunters-methodology-v40-recon-edition-breakdown-henry-osias/?trackingId=IsAm3if31xPE2Ib6fCS02g%3D%3D
#bugbounty #infosec
Check This Out :
https://www.linkedin.com/pulse/bug-hunters-methodology-v40-recon-edition-breakdown-henry-osias/?trackingId=IsAm3if31xPE2Ib6fCS02g%3D%3D
#bugbounty #infosec
🔥3❤2
On a serious Note : Are you guys really enjoying my posts | Love you all ♥
Anonymous Poll
79%
Yes 😀
2%
No 😒
7%
Little bit
12%
So much 👌
❤16
Bug bounty Tips ☘
#bugbounty #infosec
If you Forget the subdomains for recon! go directly for the ASN & hit the network-range organization:
• A new world arises without waf’s, a lot of messy SSL certs, unprotected hosts & private hidden scopes!
#bugbounty #infosec
If you Forget the subdomains for recon! go directly for the ASN & hit the network-range organization:
• A new world arises without waf’s, a lot of messy SSL certs, unprotected hosts & private hidden scopes!
🤩8
An Amazing Tool : Meg
#bugbounty #Infosec
by
@TomNomNom
• Tool for fetching lots of URLs but still being 'nice' to servers.
• It can be used to fetch many paths for many hosts;
Git Repo :
https://github.com/tomnomnom/meg
#bugbounty #Infosec
by
@TomNomNom
• Tool for fetching lots of URLs but still being 'nice' to servers.
• It can be used to fetch many paths for many hosts;
Git Repo :
https://github.com/tomnomnom/meg
👍8😱1🤩1
😃 bug bounty Tips ⭐
Keep all your directory brute force results so when a CVE like Drupalgeddon2 comes out, you can look for previously found instances (cat dirsearch/reports// | grep INSTALL.mysql.txt | grep 200 | less)/
#bugbounty #Infosec
Keep all your directory brute force results so when a CVE like Drupalgeddon2 comes out, you can look for previously found instances (cat dirsearch/reports// | grep INSTALL.mysql.txt | grep 200 | less)/
#bugbounty #Infosec
🤔6👌2⚡1👍1
🤩4👍3🥰3❤1
Active and Passive Subdomain Enumeration
Amazing Article 📜 Contains :
Both Methods :
• Active Subdomain Enumeration
• Passive Subdomain Enumeration
Check This Out : 👇
https://bugbountyguide.org/index.php/2022/12/02/active-and-passive-subdomain-enumeration-technique/
#bugbounty #infosec
Amazing Article 📜 Contains :
Both Methods :
• Active Subdomain Enumeration
• Passive Subdomain Enumeration
Check This Out : 👇
https://bugbountyguide.org/index.php/2022/12/02/active-and-passive-subdomain-enumeration-technique/
#bugbounty #infosec
🔥8👍4🥰3