Recently I learnt few new stuff when solving SQL Injection found during pentest and also bugbounty. One of the new technique that seems new...

The number of zeros in http://127.0.0.1 doesn't matter, So we can use the following payloads to bypass SSRF protection: http://127.1 http://127.000000000000000.001 http://127.000.000.00000000000000001 ... #bugbounty #bugbountytips

Everything you need about Burp Extension Generation - rsrdesarrollo/generator-burp-extension

If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec

Content Discovery list critical once #1/3 /_session_start_/%0atest /+CSCOU+/../+CSCOE+/files/file_list.json /josso/%5C../web-console /gui/file_viewer.php?encrypt=N&target_folder=utilities&uploaded_filename=../../../../../../../etc/passwd #bugbounty #BugBountyTips…

Hello Friends,

People who aren’t familiar with townscript, it is a ticketing platform for event managers to sell their tickets online operating on 27+…

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, pas...

What is Rate Limit ?

Today I am writing about the love story between bug bounties & reconnaissance, but before I do I should say that i’m not much of an expert…

Check out my latest video on "Creating Wordlists for Pentesting & Bug Bounty Hunting". I also showed how I use @DanielMiessler's SecLists, @TomNomNom's Waybackurls, or Google's BigQuery to create my own wordlists! LMK what you think of the video! https:/…

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers - tarunkant/Gopherus

Background

TL;DR: Why investing in Electron apps might be a waste of time.