My First Bounty From SSRF: From Finding a Vulnerability to Cashing In

https://bugbountyguide.org/2023/01/27/how-i-owned-my-first-bounty-with-ssrf/

#bugbounty #infosec #cybersecurity

Requesting APIs using CUrl

Thread 🧵👇

https://twitter.com/Rapid_API/status/1619038188403658753?t=BjOLzFEXAD93lYKr8uw4mA&s=19

Vulnexp 90 | Day12

OS command injection

https://twitter.com/AnukulHexx/status/1619283322575912967?s=20&t=Vkiojbslm9NC6SYllP1ptA

#bugbountytips Having trouble with a WAF? For POST/PUT/PATCH requests, try inserting a useless parameter with between 8KB to 10MB of random data BEFORE your malicious payload.

Many WAFs stop processing after X payload characters, allowing anything AFTER that through the WAF

use this website frequently to generate the easy to insert payloads (copy and paste):

https://onlinefiletools.com/generate-random-text-file

Credit : ZwinK

Chat Gpt For Hacking ~ Anugrah

https://anugrahsr.in/chatgpt-for-hacking_talk/

#bugbounty #infosec #bugbountytips #cybersecurity

Web3 Decoder is a Burp Suite Extension that allows to decode "web3" JSON-RPC calls that interact with smart contracts in an EVM blockchain.

https://github.com/nccgroup/web3-decoder

#bugbounty #web3 #bugbountytips #infosec #cybersercurity

🌻 Which OSCP or eCPPTv2 ? 👇

Checkout My Tweet : Link

OSCP Preparation With Active Directory 👨‍💻

https://bugbountyguide.org/2022/11/29/oscp-preparation-with-active-directory/

Vulnexp 90 | Day18

OAuth 2.0 Pinpoints

➡️Writeups List:
➡️Top Reports:

Link: https://twitter.com/AnukulHexx/status/1621418176117633027?s=20&t=MRDGJzRhVRI3Y6PkaDI2rQ

~ OSCP Resouces ⛵👇

All Networking Services & Ports Enumeration

https://bugbountyguide.org/2022/12/24/all-network-services-ports-enumeration/