Bug Bounty - GitBook
前往频道在 Telegram
7 456
订阅者
+1524 小时
+227 天
+18630 天
帖子存档
7 457
💠 Command Injection: Leveraging OS Commands for Exploits
🔗 https://hacklido.com/blog/989-command-injection-leveraging-os-commands-for-exploits
7 457
■■■■□ Leaking the email of any YouTube user for $10,000.
https://brutecat.com/articles/leaking-youtube-emails
7 457
► DVWA Lab16 — XSS Stored — Pentest
Published: Thu, 13 Feb 2025 11:01:38 GMT
Link: https://medium.com/p/e41788f32faf
7 457
► Day 8: Self-XSS + Login & Logout CSRF + OAuth Hijacking
Published: Thu, 13 Feb 2025 08:47:41 GMT
Link: https://medium.com/p/83c848ad9a1e
7 457
Exclusive
👻🥳HTB Academy - Senior Web Penetration Tester learning path🌐☄️ 👻🥳 Download Full Course Now
7 457
0x002
1. https://infosecwriteups.com/mastering-amass-the-ultimate-recon-toolkit-d66a56627849
2. https://infosecwriteups.com/finding-subdomains-that-are-hidden-in-the-cloud-ec54412802bf
3. https://infosecwriteups.com/how-to-uncover-hidden-attack-surfaces-recon-part-6-61e43976ed22
4. https://infosecwriteups.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698
5. https://infosecwriteups.com/finding-more-subdomains-part-3-dee1c581c49b
6. https://infosecwriteups.com/title-privacy-disclosure-on-m-facebook-com-after-add-photo-to-the-post-e7e07e2083e5
7. https://infosecwriteups.com/from-boredom-to-bounty-the-story-of-a-surprise-xss-get-reward-500-e32dfb879bfd
8. https://infosecwriteups.com/ds-store-file-a-gift-for-researchers-and-a-headache-for-website-owners-219724b99043
9. https://infosecwriteups.com/find-first-bug-for-beginner-bounty-hunters-533f2da9dab1
10. https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d
7 457
Exclusive Collection of Private Nuclei Templates
1. Akokonunes
2. Emadshanab
3. BoobooHQ
4. SirBugs
5. Linuxadi
6. 0xKayala
7. Bhataasim1
8. H0tak88r
7 457
# Path Traversal
payloads :- https://gist.github.com/SleepyLctl/63a2da730a3d5abce5013f0f510b1fe2
cheat sheet :- https://github.com/JahTheTrueGod/Directory-Traversal-Cheat-Sheet
OWASP :- https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/05-Authorization_Testing/01-Testing_Directory_Traversal_File_Include
7 457
Hacking made easy with XSSIFY: https://aravind07.medium.com/hacking-made-easy-with-xssify-9637890cd33b?source=rss------bug_bounty-5
7 457
User information disclosed via API endpoint: https://mknayek101.medium.com/user-information-disclosed-via-api-endpoint-80a1b82e3f3a?source=rss------bug_bounty-5
7 457
Humorous XSS Vulnerabilities in a Movie Website: https://medium.com/meetcyber/humorous-xss-vulnerabilities-in-a-movie-website-3600d7828661?source=rss------bug_bounty-5
现已上线!2025 年 Telegram 研究 — 年度关键洞察 
