Available now! Telegram Research 2025 β the year's key insights 
Bug bounty Tips
Open in Telegram
π‘οΈ Cybersecurity enthusiast | π» Helping secure the digital world | π Web App Tester | π΅οΈββοΈ OSINT Specialist Admin: @laazy_hack3r
Show more5 805
Subscribers
+624 hours
+737 days
+39930 days
Posts Archive
5 805
try this amazing FFUF Oneliner that i use mostly to bypass WAfs and for good & refine results for information disclosure bugs. you can use any wordlist:
ffuf -w seclists/Discovery/Web-Content/directory-list-2.3-big.txt -u https://example.com/FUZZ -fc 400,401,402,403,404,429,500,501,502,503 -recursion -recursion-depth 2 -e .html,.php,.txt,.pdf,.js,.css,.zip,.bak,.old,.log,.json,.xml,.config,.env,.asp,.aspx,.jsp,.gz,.tar,.sql,.db -ac -c -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0" -H "X-Forwarded-For: 127.0.0.1" -H "X-Originating-IP: 127.0.0.1" -H "X-Forwarded-Host: localhost" -t 100 -r -o results.json
5 805
Exploring Deserialization Attacks and Their Effects
https://haymiz.dev/security/2024/09/07/deserialization-attacks/
5 805
A very easy bug anyone can find: https://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5
5 805
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developers: https://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5
5 805
BugBounty platforms List: https://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5
5 805
Automating the CORS Vulnerability Scan: https://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5
5 805
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1): https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5
5 805
5 805
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applications: https://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5
5 805
Subdomain Takeovers for Beginners: https://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5
5 805
XSSβββCross Site Scripting: https://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5
5 805
πJavaScript for hackers: Learn to think like a hacker
π₯ Book Details: πLink
π€ Author: Gareth Heyes
#infosec #cybersecurity #hacking #pentesting #security #book #pentest #BugBounty #BugBountyBooks
πΉ Share & Support Us πΉ
π¬ Channel : @Hide_Club
5 805
π [ Scott Sutherland @_nullbind ]
[BLOG] Hijacking SQL Server Credentials using Agent Jobs for Domain Privilege Escalation
π https://www.netspi.com/blog/technical-blog/network-pentesting/hijacking-sql-server-credentials-with-agent-jobs-for-domain-privilege-escalation/
π₯ [ tweet ]
5 805
Xss lab: https://brutelogic.com.br/gym.php
https://brutelogic.com.br/gym.php?p=gitbook
30 level
