ch
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

前往频道在 Telegram
7 493
订阅者
+524 小时
+577
+19730
帖子存档
[+] Hacking Training [+] Introducing private tools [+] 0day exploits [+] Kali linux [+] Priv8 methods Join the channel 🤠🤞 :
[+] Hacking Training [+] Introducing private tools [+] 0day exploits [+] Kali linux [+] Priv8 methods Join the channel 🤠🤞 : https://t.me/WebHackers https://t.me/WebHackers https://t.me/WebHackers

#NahamCon2024: Modern WAF Bypass Techniques on Large Attack Surfaces https://www.youtube.com/watch?v=0OMmWtU2Y_g

theB10G hacking-the-scammers systematic-destruction-hacking-the-scammers-pt.-2l sql-injection-in-security-cleared-job-site xss-security-policy-bypass misi-hack-the-building-2.0-hospital-edition booked-v2.5.5-labarchives-scheduler-vulnerability ctf-writeups arcent-best-cyber-warrior-2023 bounty-hunter-writeup previse-writeup ejpt-certification-review sauna-writeup active-writeup trick-writeup graphql-query-authentication-bypass-vuln ewpt-certification-review 2022-doe-cyberforce-competition data-mining-cves-and-exploits ecpptv2-certification-review Link 🔗:- https://blog.smithsecurity.biz/ @GitBook_s

Ethical Hacking Notes >FOOTPRINTING & RECONNAISSANCE >SCANNING >ENUMERATION >VULNERABILITY ANALYSIS >SYSTEM HACKING >SNIFFING >DENIAL OF SERVICE >SESSION HIJACKING >WEB SERVER HACKING >IOT HACKING Link 🔗:- https://tzero86.gitbook.io/tzero86 @GitBook_s

📦 Hack The Box. Let's learn hacking. • A useful and large selection of HTB walkthroughs that will help improve your skills and gain new knowledge in various aspects of pentesting. ➡️ https://0xdf.gitlab.io

TryHackMe CTF Collection Vol. 2 🐞 Source: InfoSec Write-ups

Vuln-web-lab 🐞 Source: InfoSec Write-ups

Vulnerable Lab: lab.awh.zdresearch.com

📝 HackerOne reports. • Keep links to a very comprehensive and useful repository that includes top HackerOne reports. The repo is constantly kept up to date, which will help you learn a lot of new and useful things (options for exploiting various vulnerabilities, attack vectors, etc.). https://github.com/reddelexc/hackerone-reports Tops 100:Top 100 upvoted reports;Top 100 paid reports. Tops by bug type: • Top XSS reports;Top XXE reports;Top CSRF reports;Top IDOR reports;Top RCE reports;Top SQLi reports;Top SSRF reports;Top Race Condition reports;Top Subdomain Takeover reports;Top Open Redirect reports;Top Clickjacking reports;Top DoS reports;Top OAuth reports;Top Account Takeover reports;Top Business Logic reports;Top REST API reports;Top GraphQL reports;Top Information Disclosure reports;Top Web Cache reports;Top SSTI reports;Top Upload reports;Top HTTP Request Smuggling reports;Top OpenID reports;Top Mobile reports;Top File Reading reports;Top Authorization Bypass reports;Top Authentication Bypass reports;Top MFA reports. Tops by program:Top Mail.ru reports;Top HackerOne reports;Top Shopify reports;Top Nextcloud reports;Top Twitter reports;Top X (formerly Twitter) reports;Top Uber reports;Top Node.js reports;Top shopify-scripts reports;Top Legal Robot reports;Top U.S. Dept of Defense reports;Top Gratipay reports;Top Weblate reports;Top VK.com reports;Top New Relic reports;Top LocalTapiola reports;Top Zomato reports;Top Slack reports;Top ownCloud reports;Top GitLab reports;Top Ubiquiti Inc. reports;Top Automattic reports;Top Coinbase reports;Top Verizon Media reports;Top Starbucks reports;Top Paragon Initiative Enterprises reports;Top PHP (IBB) reports;Top Brave Software reports;Top Vimeo reports;Top OLX reports;Top concrete5 reports;Top Phabricator reports;Top Localize reports;Top Qiwi reports;Top WordPress reports;Top The Internet reports;Top Open-Xchange reports; @GitBook_s

Awesome Vulnerable Applications. • A selection of pre-vulnerable applications, services, OS, etc. for your training or testing of various types of scanners: - Online; - Paid; - Vulnerable VMs; - Cloud Security; - SSO - Single Sign On; - Mobile Security; + OWASP Top 10; - SQL Injection; - XSS Injection; - Server Side Request Forgery; - CORS Misconfiguration; - XXE Injection; - Request Smuggling; + Technologies; - WordPress; - Node.js; - Firmware; - Uncategorized. ➡️ https://github.com/vavkamil/awesome-vulnerable-apps/ @GitBook_s

Methodology Bullet Proof Strategy >Enumeration >Exploitation >Privilege Escalation Elevated Post Exploitation >Active Directory >Walkthroughs Cert Pictures :) >Python Lessons Bash Lessons >C# Programming Link 🔗:- https://lyethar.gitbook.io/methodology @GitBook_s

OWASP MASTG >OVERVIEW >GENERAL MOBILE APP TESTING GUIDE >ANDROID TESTING GUIDE >IOS TESTING GUIDE >APPENDIX Link 🔗:- https://mobile-security.gitbook.io/mobile-security-testing-guide @GitBook_s

UBG Hacking Team About UBG >Site Contributors >CTF Writeups >Blog Posts >Attacks Detection >MISC. Link 🔗:- notes.ubg-hacking.team @GitBook_s

𝗣𝗘𝗡𝗧𝗘𝗦𝗧𝗜𝗡𝗚 𝗡𝗢𝗧𝗘𝗦 📚 >Active Directory   •Initial Access   •Internal Enumeration & Lateral Movement   •Privilege Escalation to Domain Admin using Known Exploits   •Domain Trusts >Privilege Escalation   •Linux Privilege Escalation   •Windows Privilege Escalation >Protocols and Services   •DNS/FTP/IMAP   •IPMI/MSSQL   •MySQL/NFS   •Oracle TNS   •POP3/RDP   •SMB   •SMTP/SNMP >Fuzzing >Information Gathering >Utilities, Scripts and Payloads   •Shells and Payloads   •Metasploit Framework   •File Transfers   •Pivoting, Tunneling, Port Forwarding   •Password Attacks >Web Applications Attacks   •File Uploads   •HTTP Verb Tampering   •Insecure Direct Object References (IDOR)   •Local File Inclusion (LFI)   •Remote File Inclusion (RFI)   •OS Command Injection   •Cross Site Scripting (XSS)   •SQL Injection   •XML External Entities (XXE) >Web Application Technologies   •Drupal   •Gitlab   •CGI Applications   •Jenkins   •Joomla   •Microsoft IIS   •osTicket   •PRTG Network Monitor   •Splunk   •Tomcat   •WordPress Link 🔗:- https://sfoffo.gitbook.io/sfoffo-pentesting-notes @GitBook_s

coffeetohack Introduction Methodology >Cheatsheet >Framework/Application >Windows PrivEsc >Linux PrivEsc >Buffer Overflow Initial Shell Exploits Privesc Exploits Cisco Packet Tracer >Active Directory OSINT Link 🔗:- https://coffeetohack.gitbook.io/coffeetohack @GitBook_s

The Open League hackathon ▪️TON Foundation Launches The Open League Hackathon: A fast-track entry into the Open League with over $150 million in rewards and various incentives for users. ▪️Hackathon runs from April to June and its prize fund is 2 million dollars. ▪️Participants build new applications and use cases for the Web3 world, including GameFi and Web3 social networks, DeFi and e-commerce on TON and Telegram. Why participate in this hackathon? 2 million dollar prize fund. ▪️Fast track to participate in The Open League with 50,000 Toncoin support to boost your token cash pool. The best projects can receive financial assistance from the $500,000 fund provided by TON Ventures. ▪️An opportunity to meet TON Foundation members and TON Venture Fund Managers during Gateway in Dubai. Projects participating in the Open League pilot season have seen triple-digit growth in the number of active users, token holders, market capitalization, and transaction volume on the TON decentralized exchange. This is while only 1 million Toncoins were allocated for the trial season. In the next season, the rewards will increase 30 times: 30 million Toncoin rewards for 3 months. Can you and your team win the competition? It's time to build in TON! Register now! https://dorahacks.io/hackathon/the-open-league-hackathon/detail

jesusgavancho - Writeups The Great Escape Lookback Outlook NTLM Leak Year of the Fox PS Eclipse Eavesdropper Tony the Tiger Intro to Offensive Security MD2PDF Content Security Policy Agent T Introduction to Flask Atlas Bugged Sigma Intro to Cloud Security Holo CCT2019 Opacity Empline Phishing Emails 5 BlueTeam Tempest hackerNote Watcher CMesS HA Joker CTF OWASP Top 10 2021 Metasploit Oh My WebServer Road Anonymous Ollie Training for New Analyst Tokyo Ghoul Dependency Management KoTH Food CTF Android Malware Analysis Intro To Pwntools AD Certificate Templates CVE 2022 26923 Basic Static Analysis Introduction To Honeypots Intro to Pipeline Automation Intro to Containerisation ARP Spoofing Mindgames Brute Force Heroes SQLMAP Insekube TakeOver Boiler CTF GoldenEye Splunk 3 Tempus Fugit Durius Warzone 1 OWASP API Security Top 10 2 Temple AllSignsPoint2Pwnage OWASP API Security Top 10 1 Secret Recipe NoNameCTF Binex Jack Tactical Detection Jurassic Park DX1 Liberty Island Brute Biblioteca Napping Kubernetes for Everyone Oday Osiris Set NoSQL injection Basics Warzone 2 Atlassian, CVE 2022 26134 Jason VulnNet: Roasted VulnNet Internal VulnNet Node Brooklyn Nine Nine Thompson The Cod Caper Neighbour ColddBox Easy Library All in One Poster Gallery Cat Pictures Boogeyman 1 Corridor Team Ra 2 Advent of Cyber 2022 Bookstore Intro to Malware Analysis TheHive Project Velociraptor KAPE Lunizz CTF Linux Forensics DFIR An Introduction Benign Cyborg Year of the rabbit Blaster Easy Peasy Couch Chocolate Factory REmux The Tmux Spring4Shell Dirty Pipe OverlayFS Pwnkit CTF collection Vol.2 Gotta Catch'em All! Break Out The Cage Bolt Source AttackerKB Intro to Defensive Security Careers in Cyber OSI Model Packets&Frames Extending Your Network How websites work Putting it all together Operating System Security Network Security Security Operations Network Services Network Services 2 Active Directory Basics Attacking Kerberos Subdomain Enumeration Authentication Bypass IDOR File Inclusion Masterminds SSRF Command Injection Cross site Scripting Burp Suite Extender Burp Suite Intruder Surfer Willow Conti Unattended Tardigrade Link 🔗:- https://jesusgavancho.gitbook.io/writeups/ @GitBook_s