For some reason I wasn't able to make tutorial

You can watch these suggested video's to understand ChatGPT

English:
https://youtu.be/tz6FfzpCfhY

Hindi:
https://youtu.be/V9Rz4RktDvE

Uncovering Your First Blind SQLi

Bugbounty Article : https://bugbountyguide.org/2022/12/08/uncovering-your-first-blind-sql-injection-vulnerability/

#bugbounty #infosec #hacking #cybersecurity

XXE with Excel 🔥

https://www.4armed.com/blog/exploiting-xxe-with-excel/

#bugbounty #Infosec

Top 7 Google Dorks You Need to Know

🚀 Cache : This dork will show you the cached version of any website.
• cache : example• com

🚀 After : This dork will give you result after like :
• After : 2019, After : 2016 ( Use with Site Dork )

🚀 Allintext : Searches for specific text contained on any web page.
• allintext : admin

🚀 Allinurl : exactly the same as allintext, but will show pages that contain titles with "X" characters.
• allinurl : "password"

🚀 Anchor Tag : this is useful when you need to search for an exact anchor text used on any links.
• "Some_Text" Filetype : php

✨Another dork that Works like same as filetype is ext :
• "python" ext : pdf

🚀 Allinurl : It can be used to fetch results whose URL contains all the specified characters.
• allinurl :"login"

( Use these with Site Dork exclude cache )

#bugbounty #infosec #cybersecurity #hacking #hackinggroup

🔰 Best Way to Find Clint-Side Bugs

➡️ Contains : CSRF Injection, Vuln Cookie For self XSS, Bypass WAF with double encoding, Stealing Anti-CSRF token, Step by Step of how Exploit WOrks and Much More

➡️ Link : https://bugbountyguide.org/2022/12/10/best-way-to-find-clint-side-bugs/

#hacking #bugbounty #Infosec #server

🔰 The OWASP WTG4.2 Mindmap
#bugbounty #infosec

Credit : Abdelrhman Allam

➡️ Mindmap Link : https://xmind.app/m/XM7KaG/

Do Check This Out :👆

🔰 { One-Liner } - Extract all URL from Source Code

➡️ curl "https://example .com/" | grep -oP '(https*://|www\.)[^ ]*'

#bugbounty #Infosec

🔰 { One-Liner } - Extract End-Points From Js File

by @renniepak

➡️ cat main.js | grep -oh "\"\/[a-zA-Z0-9_/?=&]*\"" | sed -e 's/^"//' -e 's/"$//' | sort -u

#bugbounty #infosec

🔰 Local File Inclusion (LFI) Attack

➖ An LFI attack may lead to inform. disclosure, RCE, or even XSS).

Take a look Below : 👆

#bugbounty #infosec #cybersecurity #hacking

🔰 Offensive Security Approved OSCP Notes

🔗 https://oscpnotes.infosecsanyam.in/

#bugbounty #infosec #oscp #cybersecurity

🔰 Linux Challenge Part – 1 { Tryhackme Room }

➖https://bugbountyguide.org/2022/12/12/linux-challenge-part-1-tryhackme-room/

#bugbounty #infosec #cybersecurity #hacking

✨ 50+ Cross-site scripting (XSS) Vulnerabilities Bugcrowd Public Program

➖ https://bugbountyguide.org/2022/12/12/50-cross-site-scripting-xss-vulnerabilities-bugcrowd-public-programs/

Take A Look : 👆

✨ Grab this apportunity Guys

Free Registration For Cyber Security Certification

https://secops.group/cyber-security-certifications/

Coupon code: 100-OFF

If you want to master SSRF, open this thread!

Server-Side Request Forgery vulnerabilities are attacks that allow attackers to send arbitrary requests from the server often resulting in gaining authorized access to data!🤯


[1️⃣] Server-side request forgery by
@PortSwigger

[ https://portswigger.net/web-security/ssrf ]

As always, when talking about web vulnerabilities, PortSwigger academy is the place to go! Their labs offer a great way to practice your skills as well!

[2️⃣] SSRF in 100 seconds by
@PinkDraconian

[ https://youtu.be/3dKavgfL2pA ]

Want a quick overview of what SSRF is? Check out this video explaining SSRF in 100 seconds!

[3️⃣] SSRF Techniques mindmap

[ https://xmind.app/m/eJm7bd/# ]

A mindmap is a great way to visualize what SSRF techniques there are! We couldn't find the author of this mindmap, meaning we can't give credit. If you know who created it, let us know! 💪

[4️⃣] Bug bounty writeup by
@win3zz

[ https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204 ]

SSRF is one of the most found vulnerabilities in bug bounty. There are tons of great writeups out there, but we really liked this on granting a HUGE bounty on Facebook!

[5️⃣] SSRFMap by
@pentest_swissky

[ https://github.com/swisskyrepo/SSRFmap ]

Exploiting SSRF vulnerabilities can often be quite hard, this framework can help you out and make it a bit less time-intensive!

[6️⃣] Cheatsheet by
@pentest_swissky

[ https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Request%20Forgery/README.md ]

Want a concise overview of different SSRF filter bypasses? Check out this amazing cheatsheet!

[7️⃣] Hackademy by
@intigriti

[ https://blog.intigriti.com/hackademy/server-side-request-forgery-ssrf/ ]

Did you know that Intigriti has its very own hackademy? This is the place for you to learn about a bunch of security issues!

Post by intigriti

Open Redirect To XSS

Payloads : https://book.hacktricks.xyz/pentesting-web/open-redirect#open-redirect-to-xss

#bugbounty #infosec #cybersecurity #hacking

Big respect  for this Egyptian 🇪🇬 guy

Reads my website article for almost 40m 😲😧

🔰 Top 10 Mistakes & Myths Of Bug bounty hunting

https://bugbountyguide.org/2022/12/16/top-10-mistakes-myths-in-bug-bounty-hunting/

Complete OSCP Guide With Active Directory

Amazing Article Contains :
• lots of tips
• Recommended Tools For Active Directory
• Recommended Labs To Solve For Active Directory
• Cheatsheet
• Resources

Take 👇 : Look
https://bugbountyguide.org/index.php/2022/11/29/oscp-preparation-with-active-directory/

#bugbounty #infosec #oscp

Found Open Redirection Vulnerability in Google

I'll share POC with you soon