en
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

Open in Telegram
7 461
Subscribers
+424 hours
+357 days
+17030 days
Posts Archive
🔖Top 25 JavaScript path files used to store sensitive information in Web Application⬇️ 01. /js/config.js 02. /js/credentials.js 03. /js/secrets.js 04. /js/keys.js 05. /js/password.js 06. /js/api_keys.js 07. /js/auth_tokens.js 08. /js/access_tokens.js 09. /js/sessions.js 10. /js/authorization.js 11. /js/encryption.js 12. /js/certificates.js 13. /js/ssl_keys.js 14. /js/passphrases.js 15. /js/policies.js 16. /js/permissions.js 17. /js/privileges.js 18. /js/hashes.js 19. /js/salts.js 20. /js/nonces.js 21. /js/signatures.js 22. /js/digests.js 23. /js/tokens.js 24. /js/cookies.js 25. /js/topsecr3tdonotlook.js

How a Cross-Site Scripting Vulnerability Led to Account Takeover https://www.hackerone.com/vulnerability-management/xss-deep-dive

How a Business Logic Vulnerability Led to Unlimited Discount Redemption https://www.hackerone.com/vulnerability-management/stripe-business-logic-error-bug

Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal · Doyensec's Blog https://blog.doyensec.com/2025/01/09/cspt-file-upload.html

AWS Security Configuration Review and Best Practices https://www.hackerone.com/penetration-testing/aws-security-configuration

_penetration testing .pdf1.27 KB

LDAP Injection.pdf1.88 MB

Get the hash of favicon of website (by url or file) and search it in Shodan, Censys and Virustotal. favihash.com
Get the hash of favicon of website (by url or file) and search it in Shodan, Censys and Virustotal. favihash.com

⚡️Bug Bounty Helper ✅dorks.faisalahmed.me
⚡️Bug Bounty Helper ✅dorks.faisalahmed.me