Bug Bounty - GitBook
رفتن به کانال در Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
نمایش بیشتر7 470
مشترکین
+1024 ساعت
+417 روز
+18130 روز
آرشیو پست ها
7 470
■■■□□ Tools for searching emails for a specific domain:
snov.io/email-finder
experte.com/email-finder
github.com/Josue87/EmailFinder
github.com/GiJ03/Infoga
infoga.io
findemail.io
hunter.io/domain-search
anymailfinder.com/email-finder-by-domain
minelead.io
#osint
7 470
■■■■□ A Big company Admin Panel takeover $4500.
Exploit (uses just a semi-colon):
example.com/;/adminhttps://medium.com/@nanwinata/a-big-company-admin-panel-takeover-4500-9520a6c83430
7 470
■□□□□ Hacking with cURL.
https://manasharsh.medium.com/hacking-with-curl-unleash-the-cli-beast-fdf13ec342cc
7 470
■■■■■ CSRF Bypass Using Domain Confusion Leads To ATO.
https://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722
7 470
■■■■□ New Encoding Technique Jailbreaks ChatGPT-4o To Write Exploit Codes.
https://cybersecuritynews.com/encoding-technique-jailbreaks-chatgpt-4o/
7 470
■■■■□ Comprehensive Bug Bounty Hunting Methodology (2024 Edition).
https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66
7 470
■■■■□ HTTP Security Headers : A complete guide to HTTP headers.
https://www.darkrelay.com/post/http-security-headers
7 470
■■■□□ CSRF + POST Body Param Reflection = POST-Based XSS.
https://blog.bhuwanbhetwal.com.np/csrf-post-body-param-reflection-post-based-xss-a-brainfuck
7 470
■■■■□ From HTTP to RCE - How to leave backdoor in IIS.
https://cicada-8.medium.com/from-http-to-rce-how-to-leave-backdoor-in-iis-cbef8249eba9
7 470
■■■■■ Hackers now use ZIP file concatenation to evade detection.
https://www.bleepingcomputer.com/news/security/hackers-now-use-zip-file-concatenation-to-evade-detection/
7 470
■□□□□ Exploiting OS Command Injection — A Real-World Scenario.
https://medium.com/@m_kasim2/exploiting-os-command-injection-a-real-world-scenario-4a2db1733137
7 470
■■■■□ Email verification bypass using race condition.
https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208
7 470
■■■□□ A Firefox Web Extension to improve the discovery of DOM XSS.
https://github.com/swoops/eval_villain
7 470
■■■■□ The Indonesian🇮🇩 hacker group "INDOHAXSEC TEAM" has created a web-based version of WannaCry ransomware called "WannaCry 2.0," imitating North Korea's Lazarus group. They have hacked multiple websites, encrypting them and demanding Bitcoin as ransom.
7 470
These Two Tools Helped Me Earn $40K in Bounties
https://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd
7 470
From book:
I have had the opportunity to work with what I believe to be some of the best pene‐
tration testers and bug bounty hunters in the world. Through my conversations with them and my analysis of how they do their work, I’ve come to realize this topic is
much more important than many other books make it out to be. For many of the top
bug bounty hunters in the world, expert-level reconnaissance ability is what differen‐
tiates “great” hackers from “good” hackers. In other words, it’s one thing to have a fast
car (in this case, perhaps knowing how to build exploits), but without knowing the
most efficient route to the finish line, you may not win the race. A slower car could
make it to the finish line in less time than a fast one if a more efficient path is taken.
7 470
The difference between a good hacker and a great hacker is in Recon
#web application security
@GitBook_s
7 470
🧑💻 آموزش مفاهیم تست نفوذ را با ما تجربه کنید :
[+] تست نفوذ شبکه و وب را بصورت تخصصی یاد بگیر .
[+] زبان ++C برای هکرها و فراتر !
[+]ابزار نویسی و اکسپلویت نویسی با پایتون را صفر تا صد پیاده سازی کنید.
[+]مفاهیم پایه امنیت را با ما یاد بگیر .
[+]نکات و ابزار ها و کار با ابزارهای امنیتی و مقاله های امنیت را در کانال ما دنبال کنید .
[+]پیش نیازهای ورود به دنیای تست نفوذ را با ما تجربه کنید و مشاوره بگیرید.
[+]چگونه و از کجا هک را شروع کنیم ؟قبلاً فیلم هکرهایی را تماشا کرده اید؟
[+] اندروید هکینگ
[+] اصول اولیه PowerShell و جاوا اسکریپت رو برای تست نفوذ یاد بگیرید.
[+] مقدمه ای بر امنیت سایبری
و کلی مباحث و مفاهیم دیگر را با ما تجربه کنید .
به دنیای آموزش رایگان تست نفوذ خوش اومدید .
@hakfateam
