Bug Bounty - GitBook
Open in Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Show more7 510
Subscribers
+424 hours
+507 days
+19230 days
Posts Archive
7 510
đ¨âđť Linux for Hackers. File Transfers.
⢠Downloading Files from Attackerâs HTTP Server;
- Setting up the HTTP Server on the Attacker Machine;
- Downloading Files from Attackerâs HTTP Server: Curl, Wget, and Bash;
⢠Uploading Files to Attackerâs HTTP Server;
- Setting up the HTTP Server to Allow Uploads on the Attacker Machine;
- Uploading Files to Attackerâs HTTP Server: Curl and Wget;
- Uploading Files to Attackerâs HTTP Server: Browser (GUI);
⢠Downloading Files from Attackerâs FTP Server;
- Setting up the FTP Server on the Attacker Machine;
- Downloading Files from Attackerâs FTP Server;
⢠Uploading Files to Attackerâs FTP Server;
⢠Transferring Files from Attacker Using SSH;
- Transferring Files onto Victim: scp;
- Transferring Files onto Victim: sftp;
⢠Transferring Files onto Attacker Using SSH;
- Transferring Files onto Attacker: scp;
- Transferring Files onto Attacker: sftp;
⢠Transferring Files from Attacker Using Netcat;
- Transferring Files from Attacker: nc;
- Transferring Files from Attacker: bash;
⢠Transferring Files onto Attacker Using Netcat;
- Transferring Files onto Attacker: nc;
- Transferring Files onto Attacker: bash;
⢠Downloading and Uploading Files Using Meterpreter;
- Upgrading to a Meterpreter Shell: Web_Delivery Method;
- Downloading Files onto the Victim Using Meterpreter;
- Uploading Files from the Victim Using Meterpreter;
⢠Copy and Paste â cat;
- Copying a Script from Attacker and Pasting on Victim;
- Copying a File from Victim and Pasting on Attacker.
@GitBook_s
7 510
đ Top 10 web hacking techniques of 2023..
⢠Nomination - top 10 best web hacking methods in 2023. Each article deserves attention:
- Ransacking your password reset tokens;
- mTLS: When certificate authentication is done wrong;
- Smashing the state machine: the true potential of web race conditions;
- Bypass firewalls with of-CORs and typo-squatting;
- RCE via LDAP truncation on hg.mozilla.org;
- Cookie Bugs - Smuggling & Injection;
- OAuth 2.0 Redirect URI Validation Falls Short, Literally;
- Prototype Pollution in Python;
- Pretalx Vulnerabilities: How to get accepted at every conference;
- From Akamai to F5 to NTLM... with love;
- can I speak to your manager? hacking root EPP servers to take control of zones;
- Blind CSS Exfiltration: exfiltrate unknown web pages;
- Server-side prototype pollution: Black-box detection without the DoS;
- Tricks for Reliable Split-Second DNS Rebinding in Chrome and Safari;
- HTML Over the Wire;
- SMTP Smuggling - Spoofing E-Mails Worldwide;
- DOM-based race condition: racing in the browser for fun;
- You Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing Vulnerabilities;
- CVE-2022-4908: SOP bypass in Chrome using Navigation API;
- SSO Gadgets: Escalate (Self-)XSS to ATO;
- Three New Attacks Against JSON Web Tokens;
- Introducing wrapwrap: using PHP filters to wrap a file with a prefix and suffix;
- PHP filter chains: file read from error-based oracle;
- SSRF Cross Protocol Redirect Bypass;
- A New Vector For âDirtyâ Arbitrary File Write to RCE;
- How I Hacked Microsoft Teams and got $150,000 in Pwn2Own;
- AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice;
- BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover;
- MyBB Admin Panel RCE CVE-2023-41362;
- Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity;
- Code Vulnerabilities Put Skiff Emails at Riskr;
- How to break SAML if I have paws?
- JMX Exploitation Revisited;
- Java Exploitation Restrictions in Modern JDK Times;
- Exploiting Hardened .NET Deserialization;
- Unserializable, but unreachable: Remote code execution on vBulletin;
- Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework;
- Hunting for Nginx Alias Traversals in the wild;
- DNS Analyzer - Finding DNS vulnerabilities with Burp Suite;
- Oh-Auth - Abusing OAuth to take over millions of accounts;
- nOAuth: How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover;
- One Scheme to Rule Them All: OAuth Account Takeover;
- Exploiting HTTP Parsers Inconsistencies;
- New ways of breaking app-integrated LLMs;
- State of DNS Rebinding in 2023;
- Fileless Remote Code Execution on Juniper Firewalls;
- Thirteen Years On: Advancing the Understanding of IIS Short File Name (SFN) Disclosure!
- Metamask Snaps: Playing in the Sand;
- Uncovering a crazy privilege escalation from Chrome extensions;
- Code Vulnerabilities Put Proton Mails at Risk;
- Hacking into gRPC-Web;
- Yelp ATO via XSS + Cookie Bridge;
- HTTP Request Splitting vulnerabilities exploitation;
- XSS in GMAIL Dynamic Email;
- Azure B2C Crypto Misuse and Account Compromise;
- Compromising F5 BIGIP with Request Smuggling;
- One Supply Chain Attack to Rule Them All;
- Cookie Crumbles: Breaking and Fixing Web Session Integrity;
- tRPC Security Research: Hunting for Vulnerabilities in Modern APIs;
- From an Innocent Client-Side Path Traversal to Account Takeover.
@GitBook_s
7 510
đ Useful cheat sheets for pentesters and information security specialists.
⢠Cheat sheets are an excellent assistant when working with certain software or systems. With their help, you can improve your skills in a certain area and reduce the time it takes to complete tasks to get the desired result.
⢠MITM cheatsheet.
⢠Active Directory Attack.md
⢠Active Directory penetration testing cheatsheet.
⢠Cloud - AWS Pentest.md
⢠Cloud - Azure Pentest.md
⢠Cobalt Strike - Cheatsheet.md
⢠Linux - Persistence.md
⢠Linux - Privilege Escalation.md
⢠Metasploit - Cheatsheet.md
⢠Methodology and enumeration.md
⢠Network Pivoting Techniques.md
⢠Network Discovery.md
⢠Reverse Shell Cheatsheet.md
⢠Subdomains Enumeration.md
⢠Windows - Download and Execute.md
⢠Windows - Mimikatz.md
⢠Windows - Persistence.md
⢠Windows - Post Exploitation Koadic.md
⢠Windows - Privilege Escalation.md
⢠Windows - Using credentials.md
⢠Best of Python Pentest Cheatsheet.
⢠Msfvenom Cheatsheet: Windows Exploitation.
⢠Best of OSCP Cheatsheet.
⢠Red Teaming and Social-Engineering CheatSheet.
⢠OSI Model Cheatsheet.
⢠Best of Red Teaming and Blue Teaming Cheatsheet.
⢠Best of iOS Forensics Cheatsheet.
⢠Best of Android Forensics Cheatsheet.
⢠Best of Digital Forensics Cheatsheet.
⢠Port Forwarding & Tunnelling Cheatsheet.
@GitBook_s
7 510
đ cURL for OSINT.
⢠cURL Tool usage (with Grep) for OSINT (Open-Source Intelligence).
Link đ:-
⢠https://github.com/C3n7ral051nt4g3ncy/cURL_for_OSINT
@GitBook_s
7 510
Roadmap I followed to make 15,000+$ Bounties in my first 8 months of starting out and my journey
Link đ:-
https://shreyaschavhan.notion.site/Roadmap-I-followed-to-make-15-000-Bounties-in-my-first-8-months-of-starting-out-and-my-journey-98b1b9ff621645c0b97d1e774992f300
@GitBook_s
7 510
đŠâđť Bash-Oneliner.
⢠A comprehensive selection of commands, from the obvious to some little things that make life easier.
- Terminal Tricks;
- Variable;
- Math;
- Grep;
- Sed;
- Awk;
- Xargs;
- Find;
- Condition and Loop;
- Time;
- Download;
- Random;
- Xwindow;
- System;
- Hardware;
- Networking;
- Data Wrangling;
- Others.
âĄď¸ https://github.com/onceupon/Bash-Oneliner
@GitBook_s
7 510
đŠâđť Firefox. Plugins for pentester.
⢠Before delving into the specifics of browser settings, it is important to understand its importance in this area. A browser is more than just a tool for browsing websites; it is a universal tool through which professionals interact with web applications, examine data, and identify vulnerabilities.
⢠Keep a list of useful Firefox plugins. A description of each plugin can be found at the link below:
⢠Wappalyzer;
⢠Foxyproxy;
⢠Hacktool;
⢠Hackbar;
⢠Tamper data;
⢠User-agent Switcher;
⢠Cookie editor;
⢠Built with.
âĄď¸ https://www.hackingarticles.in
⢠P.S. And here there is a very voluminous mindmap, which contains many other plugins and their descriptions: https://github.com
@GitBook_s
7 510
đâ⏠NetCat command cheatsheet.
⢠NetCat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there and transmit it. The utility is a real Swiss army knife for pentesters and information security specialists, with which we can do the following:
- Scan ports;
- Forward ports;
- Collect service banners;
- Listen to the port (bind for reverse connection);
- Download and upload files;
- Output raw HTTP content;
- Create a mini-chat.
⢠In general, with the help of netcat you can replace some of the Unix utilities, so this tool can be considered a kind of combine for performing certain tasks.
@GitBook_s
7 510
đđ¨đđđĄđ˘đ đđđ˘đĄ
Kubernetes Pentesting & Security from Offensive Perspective
>Initial Access
â˘Using cloud credentials
â˘Compromised image In registry
â˘Kubeconfig file
â˘Application vulnerability
â˘Exposed sensitive interfaces
â˘SSH server running inside container
>Execution
â˘Exec inside container
â˘New container
â˘Application exploit (RCE)
â˘Sidecar injection
>Persistence
â˘Backdoor container
â˘Writable hostPath mount
â˘Kubernetes cronjob
â˘Malicious admission controller
â˘Container service account
â˘Static pods
>Privilege Escalation
â˘Privileged container
â˘Cluster-admin binding
â˘hostPath mount
â˘Access cloud resources
>Defense Evasion
â˘Clear container logs
â˘Delete events
â˘Pod name similarity
â˘Connect from proxy server
>Credential access
â˘List K8S secrets
â˘Access node information
â˘Container service account
â˘Application credentials in configuration files
â˘Access managed identity credentials
â˘Malicious admission controller
>Discovery
â˘Access Kubernetes API server
â˘Access Kubelet API
â˘Network mapping
â˘Exposed sensitive interfaces
â˘Instance Metadata API
>Lateral Movement
â˘Access cloud resources
â˘Container service account
â˘Cluster internal networking
â˘Application credentials in configuration files
â˘Writable hostPath mount
â˘CoreDNS poisoning
â˘ARP poisoning and IP spoofing
>Collection
â˘Images from a private registry
â˘Collecting data from pod
>Impact
â˘Data destruction
â˘Resource hijacking
â˘Denial of service
>Fundamentals
â˘Notes
â˘Services
â˘etcd
â˘RBAC
â˘Kubelet
â˘Namespaces
â˘Secrets
â˘Interesting Files
Link đ:-
https://kubenomicon.com
@GitBook_s
7 510
FREE Labs To Test Your PenTesting/CTF Skills
1. TryHackMe - http://tryhackme.com
2. Vulnhub - http://vulnhub.com
3. RootMe - http://root-me.org
4. OverTheWire - http://overthewire.org
5. PicoCTF - http://picoctf.com
6. Pentestlab - http://pentesterslab.com
7. Google CTF - http://capturetheflag.withgoogle.com
8. CMD Challenge - http://cmdchallenge.com
9. HackTheBox - http://hackthebox.com
10. Hacker Security - http://capturetheflag.com.br
11. CTF Komodo Security - http://ctf.komodosec.com
12. Academy Hackaflag BR - http://hackaflag.com.br
13. Attack-Defense - http://attackdefense.com
14. Hacker101 - http://ctf.hacker101.com
@GitBook_s
7 510
đŚ Red Team Attack Lab.
⢠Link to a repository, which is a virtual environment with various operating systems and vulnerabilities for Red Team practice. You can find it here: https://github.com/Marshall-Hallenbeck/red_team_attack_lab
⢠A complete list of OS can be found here. The material will be very useful for Red Team, Blue Team, pentesters and information security specialists.
@GitBook_s
7 510
đđ˘đŞ đ§đ˘ đđ¨đĄđ§
>Account Takeover Methodology
>Application Level DoS Methods
>AUTHENTICATION BYPASS
â˘2FA Bypasses
â˘OTP Bypass
>BROKEN-LINK HIJACKING
>BROKEN AUTH AND SESSION MANAGEMENT
â˘Session Based Bugs
>CMS
â˘Wordpress
â˘Moodle
>CORS
>CSRF
>Finding CVEs
>CHECKLIST
>WEB PAGE SOURCE CODE REVIEW
>EXIF GEO DATA NOT STRIPPED
>EXIF Geo Data Not Stripped
>FILE UPLOAD BYPASS
>FIND ORIGIN IP
>GRAPHQL
>HTTP DESYNC ATTACK
>HOST-HEADER ATTACK
>HTML-INJECTION
>IDOR
>JWT ATTACK
>MFA Bypass
>MISCONFIGURATIONS
>OAuth
>OPEN REDIRECTION
>PARAMETER POLLUTION
>PASSWORD RESET FUNCTIONALITY
>RATE LIMIT
>RECON
>SQLI
>SSRF
>SSTI
>SIGN UP FUNCTIONALITY
>SENSITIVE INFO LEAKS
>STATUS CODE BYPASS
>SUBDOMAIN TAKEOVER
>TABNABBING
>WAF BYPASSES
>WEAK PASSWORD POLICY
>XSS
>XXE
Link đ:-
https://kathan19.gitbook.io/howtohunt
@GitBook_s
7 510
đđđ˘đ˘đđŹđŚđđđđ
>Android Pentesting
â˘Bypass SSL Pinning for flutter apps using reFlutter Framework
â˘Easy way to bypass SSL Pinning using apk-mitm tool
>HTB
â˘Nunchucks
â˘BountyHunter
â˘Lame
â˘Bashed
â˘Netmon
â˘Seal
â˘Intelligence
â˘Bastard
>TryHackMe
â˘Attacktive Directory
>Offensive Lab
â˘FunboxEasyEnum
â˘BBSCute
>Capture The Flag (CTF)
â˘Binary Exploitation
â˘Steganography
â˘Cryptography
â˘Forensics - HTB
>Active Directory
â˘HTB-Mantis (Hard)
>Window Privilege Escalation
>Linux Privilege Escalation
>Buffer Overflow
>Cloud Pentesting
â˘Pentesting Azure Active Directory
>Web Exploitation
â˘Attacking JSON Web Token
Link đ:-
https://l33t-en0ugh.gitbook.io/infosec
@GitBook_s
7 510
ZedSec WriteUps
>PROJECTS
Security Library
>SECURITY OPERATIONS
Cyber Kill Chain
Interview Questions
>TOOLS
NMAP
>WRITE-UPS
Blue Team Labs Online
HackTheBox
LetsDefend
TryHackMe
Kusto Detective Agency
Link đ:-
https://zedsec.gitbook.io/writeups/
@GitBook_s
