Bug Bounty - GitBook
Ir al canal en Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Mostrar más7 461
Suscriptores
+424 horas
+357 días
+17030 días
Archivo de publicaciones
7 464
PHP Info Page Exposure.
There's a lot of sensitive information that can be obtained from an exposed PHP Info page, from configuration secrets to exposed user session cookies.
For example, when chained with XSS, this can lead to a full account takeover.
#Recon #XSS #InformationDisclosure
@GitBook_s
7 464
other ways to break out of an <option> tag.
Default:
</option></select>PAYLOAD
Alternative:
<input>PAYLOAD
<select>PAYLOAD
@GitBook_s
7 464
Expose Secrets in JS
for url in $(cat js-urls.txt); do
curl -s $url | grep -E -i "api_key|secret|token|apikey|auth"
done
Look for hardcoded API keys, JWTs, tokens — possible full account takeover or privilege escalation.
@GitBook_s
7 464
@GitBook_s/
Biscuit's Bug Bounty Playbook
Mains
Learn Android Bug Bounty
Learn Thick Client Pentesting
Bug Bounty Reports & Articles
Exploiting Technologies
https://oreobiscuit.gitbook.io/introduction
7 464
@GitBook_s/Dork King (Bug Bounty Dorks)
•Shodan Search
•API (WSDL)
•GIST github search
•Apache Config Files
•Install/Setup Files
•Apache Struts RCE
•htaccess/phpinfo()
•Security Headers
•Source Code PublicWWW
•Search GitLab and Github
•Find .php (WayBack)
•Find Subdomains (Google)
•Digital Ocean Space
•Sub-Subdomains (Google)
And more ...
Link 🔗:-
https://dorkking.blindf.com/
#googledork
7 464
@GitBook_s/my emotion❤️ afro > Your time will slow down with this music
https://youtu.be/ULrM84EJASI?si=jZ2QKavfWn2hze8O
7 464
Android roadmap by :@HackMeLocal
این رودمپ تست نفوذ برنامک های اندرویدی که قدمبهقدم شما رو جلو میبره تا به سطح متوسط و حتی بالاتر برسید
#Android #RoadMap
7 464
@GitBook_s/blog
Methods to Backdoor an AWS Account
Privilege Escalation in AWS
https://mystic0x1.github.io/categories/aws/
7 464
@GitBook_s
Awesome Vulnerable Applications.
A selection of pre-vulnerable applications, services, OS, etc. for your training or testing of various types of scanners:
- Online;
- Paid;
- Vulnerable VMs;
- Cloud Security;
- SSO - Single Sign On;
- Mobile Security;
+ OWASP Top 10;
- SQL Injection;
- XSS Injection;
- Server Side Request Forgery;
- CORS Misconfiguration;
- XXE Injection;
- Request Smuggling;
+ Technologies;
- WordPress;
- Node.js;
- Firmware;
- Uncategorized.
➡️ https://github.com/vavkamil/awesome-vulnerable-apps/
7 464
@GitBook_s
Catch HTTP, DNS, SMTP and Blind XSS callbacks
Generate bug bounty payloads instantly
Download pre-built SSRF, XXE, SVG and PDF files
Collect headers, body, IP, ASN, geo and timing evidence
Built for security researchers and bounty reports
https://pingback.sh/
7 464
@GitBook_s
What means blind in SSTI
Classic SSTI tutorials assume you can see the result. You inject {{7*7}}, the page renders 49, you confirm Jinja2, and escalate from there. Clean and satisfying.
Reality is messier. Modern apps frequently suppress template rendering errors, sanitize output before display, or route the template result into an email, a PDF, a log file, or a background job — none of which you can read. The injection is real. The output is invisible. Without an out-of-band channel, you have nothing to report.
https://pingback.sh/article-blind-ssti.html
#bugbounty #ssti
7 464
@GitBook_s/writeup
6 Years of Meta Bug Bounty Writeups in One Repository
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups
#BugBounty
7 464
Quick and Handy Git Exposed Directory Recon
"curl -I target.com/.git/config"
If .git directory is exposed — it’s a critical finding. Use GitTools to download and analyze.
Remember, combination is the key.
@GitBook_s
