Bug Bounty - GitBook
Open in Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Show more7 430
Subscribers
+324 hours
+37 days
+16730 days
Posts Archive
7 430
Fuzz for directories without killing the host:
cat subdomains.txt | while read -r host;do bash http://fuzy,sh $host;done
7 430
a simple dork that find every VDP in worl wide 😎
body="/responsible-disclosure" || body="/.well-known/security.txt") && port="443"
credit: http://x.com/darkshadow2bd
7 430
I am dropping a PDF " Behavioral Mindset" as I promised earlier to share something on mentality & thought processing of Hackers,
The below pdf isnt just a random PDF, it's a mindset weapon. It’s straight from years of raw study. No show-off, No theory dump, to the point buisness, Just mindset flow, and real thought process behind how a hacker thinks and operates.
If you’ve already touched the basics and now feel stuck or limited this might be the shift you need.
Read it, and share the feedback.
7 430
here are some tips that are used to easily find sql-Injection 100%
/?q=1
/?q=1'
/?q=1"
/?q=[1]
/?q[]=1
/?q=1`
/?q=1\
/?q=1/*'*/
/?q=1/*!1111'*/
/?q=1''asd'' <== concat string
7 430
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
https://github.com/Az0x7/vulnerability-Checklist
7 430
🐞 COMPLETE BUG BOUNTY TOOL List
dnscan
Knockpy
Sublist3r
massdns
nmap
masscan
EyeWitness
DirBuster
dirsearch
Gitrob
git-secrets
sandcastle
GoogD0rker
Wayback Machine
waybackurls
Sn1per
XRay
wfuzz
patator
datasploit
hydra
changeme
MobSF
Apktool
dex2jar
sqlmap
oxmlxxe
XXE Injector
The JSON Web Token Toolkit
ground-control
ssrfDetector
LFISuit
GitTools
dvcs-ripper
tko-subs
HostileSubBruteforcer
Race the Web
ysoserial
PHPGGC
CORStest
retire-js
getsploit
Findsploit
bfac
WPScan
CMSMap
Amass
Extra Tools
7 430
https://bountyos.github.io
🖥
BountyOS, a new Linux distro for different cybersecurity tasks, is based on Debian 12 and have more than 75 tools. For bounty hunters or cyber investigators.
7 430
فایل شنیداری شرح حملات XXE
از یاشار شاهینزاده (یکی از اعضای اصلی گروه پژوهشی آفسک)
براساس اسلایدهای آماده شده: goo.gl/Gaoon7
@offsecmag
7 430
فایل شنیداری شرح حملات XXE
از یاشار شاهینزاده (یکی از اعضای اصلی گروه پژوهشی آفسک)
براساس اسلایدهای آماده شده: goo.gl/Gaoon7
@offsecmag
Available now! Telegram Research 2025 — the year's key insights 
