en
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

Open in Telegram
7 428
Subscribers
+324 hours
+37 days
+16730 days
Posts Archive
SavitarX >CERTIFICATIONS & notes My Roadmap to Becoming a Penetration Tester & Red Team Telecom Network Pentesting Web Pentesting Wi-Fi Pentesting Basic programming >Writeups Tryhackme Cyberranges >Machines to pratice for CPTS & OSCP OSEP Link 🔗:- https://savitar.gitbook.io/mynotes @GitBook_s

Found a limit / page param? (e.g: /api/news?limit=100) It might be vulnerable to Layer 7 DoS. Try to send a long value (e.g: limit=999999999) and see what happens :) #api @GitBook_s

Got stuck during an API pentest? Expand your attack surface! If the API has mobile clients, download old versions of the APK file to explore old/legacy functionality and discover new API endpoints. Remember: companies don’t always implement security mechanisms from day one && DevOps engineers don’t often deprecate old APIs. Leverage these facts to find shadow API endpoints that don’t implement security mechanism (authorization, input filtering & rate limiting) Download old APK versions of android apps: https://apkpure.com #api @GitBook_s

Pentest for .NET apps? Found a param containing file path/name? Developers sometimes use "Path.Combine(path_1,path_2)" to create full path. Path.Combine has weird behavior: if param#2 is absolute path, then param#1 is ignored. Leverage it to control the path #api @GitBook_s

photo content
+1

Due to copyright law, all books were uploaded in one place in compressed form.

36-Web-books.zip522.57 MB

photo content

بعضی ها به خاطر کپی رایت نمیشه گزاشت کانال

فکر کنم بخاطر کپی رایت هستش

بعضی هاشون نمدونم چرا نمیان
بعضی هاشون نمدونم چرا نمیان

Common OAuth Vulnerabilities · Doyensec's Blog https://blog.doyensec.com/2025/01/30/oauth-common-vulnerabilities.html

HACKING APIS COREY J. BALL Early Access edition, 2/1/22

the_hacker_s_underground_handbook.pdf2.51 MB

'The_Hacker_Playbook_Practical_Guide_To_Penetration_Testing.pdf26.03 MB

THE HACKER PLAYBOOK 3 Practical Guide to Penetration Testing Red Team Edition Peter Kim

The Hacker Playbook 3🏴‍☠️

The Hacker Playbook 2🏴‍☠️

The Hacker Playbook 1🏴‍☠️

The Web Application Hacker’s Handbook Second Edition Finding and Exploiting Security Flaws Dafydd Stuttard Marcus Pinto