Weaponizing XSS For Fun & Profit

https://saadahmedx.medium.com/weaponizing-xss-for-fun-profit-a1414f3fcee9
Complete Bug Bounty
Cheat Sheet 👌🔥

XSS
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xss.md
https://github.com/ismailtasdelen/xss-payload-list

SQLi
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/sqli.md

SSRF
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/ssrf.md
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery

CRLF
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crlf.md
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection

CSV-Injection
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/csv-injection.md
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSV%20Injection

Command Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20Injection

Directory Traversal
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Directory%20Traversal

LFI
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/lfi.md
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion

XXE
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xxe.md

Open-Redirect
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/open-redirect.md

RCE
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/rce.md

Crypto
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crypto.md

Template Injection
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/template-injection.md
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection

XSLT
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xslt.md

Content Injection
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/content-injection.md

LDAP Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection

NoSQL Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/NoSQL%20Injection

CSRF Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSRF%20Injection

GraphQL Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection

IDOR
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Direct%20Object%20References

ISCM
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Source%20Code%20Management

LaTex Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LaTeX%20Injection

OAuth
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/OAuth

XPATH Injection
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20Injection

Bypass Upload Tricky
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files

Source:- Today Cyber News
https://0xffsec.com/handbook/
https://drive.google.com/file/d/1wYa4QrQHBlH-FSj5UcvKbD5522N2R4FX/view?usp=drivesdk

Keep learning.... , Keep developing.... , & Keep hunting....😎😎

Cryptography and Network Security: Principles and Practice 7th Global Edition http://www.cs.vsb.cz/ochodkova/courses/kpb/cryptography-and-network-security_-principles-and-practice-7th-global-edition.pdf

https://www.instagram.com/p/CZwWKYIg14A/?utm_medium=copy_link


Don't miss this post if you are preparing for coding interview !

🍺 Google Search alternatives 🍺


• DuckDuckGo
• SearX. Find an instance here, or use any of these:
- searx.everdot.org
- search.privacytools.io
- searx.lukesmith.xyz
• YaCy (to use it, you need to install the app)
• Mojeek

► 'YouTube' alternatives:

• PeerTube. Find an instance here, or use any of these:
- diode.zone
- bittube.video
- tube.piweb.be
- video.liberta.vip

• MediaGoblin. Find an instance here, or use any of these:
- media.libreplanet.org
- goblinrefuge.com

► 'Gmail' alternatives
(E-mail providers which don't offer at least 1 free of charge plan weren't listed)

• Tutanota.com
• ProtonMail.com
• Disroot
• Mailfence.com

► 'Google Chrome' alternatives
(We don't recommend any Chromium-based browsers and browsers that use the Blink browser engine)

• Firefox (you must tweak it first)
• LibreWolf
• Waterfox
• GNOME Web (Epiphany)
• Pale Moon

► 'Google Maps' alternatives

• OpenStreetMap.org
• OsmAnd,net
• Qwant Maps

► 'Google Earth' alternatives

• Marble
• WorldWind
• ossimPlanet
• GeoMapApp

———————————

Emids is hiring Associate Software Engineer

For 2022/2021 grads

https://www.emids.com/careers/career/?gh_jid=4728572003&gh_src=f83ad6de3us

Go Careers:
Atoa is hiring NodeJS Developer Intern

For 2022 grads

Check out this job at Atoa: https://www.linkedin.com/jobs/view/3008546899

Merkle EMEA is hiring Backend Developer Intern

For 2022/2023/2024 grads

Apply - https://www.merkleinc.com/emea/careers/all-openings/743999789064105

Does anyone ever just get overwhelmed by how much you have to learn? Some days I’m so confident in my skills and other days I feel like I know nothing

India's 100 Unicorn List ❤️

Connect with employees of these companies on LinkedIn & ask for referrals if you have relevant technical skills 🎁