Bug Bounty - GitBook
Открыть в Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Больше7 497
Подписчики
+524 часа
+577 дней
+19730 день
Архив постов
7 498
8Best #firefox addons for #Hacking
-HackBar
-Cookies Manager+
-User-Agent Switcher
-Tamper Data
-FoxyProxy Standard
-Wappalyzer:
-HttpRequester
-RESTClient:
-Tampermonkey
-XSS Me
-SQL Inject Me
-iMacros
-FirePHP
7 498
🔗 Webhooks online
http://GitBook_s.t.me
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
#webhook #http #web
7 498
🔗 Webhooks online
A selection of useful services for testing HTTP requests
🔗webhook.link
🔗webhook.site
🔗 webhook-test.com
🔗 webhook.cool
🔗webhookrelay
Example:
curl -X POST https://gitbook-s.webhook.cool -H "Content-Type: application/json" -d '{"hello": "world", "is_true": true}'
@GitBook_s
#webhook #http #web
7 498
& DNS resources
More info here
https://blog.detectify.com/industry-insights/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
#WAF
@GitBook_s
7 498
What is bug bounty methodology?
your unique approach to a target(step-by-step process).
GitBook_s
7 498
Hi guys
I have a question
Who knows the difference between brute force and spray ?
Answer in direct
7 498
Find patterns in API route naming to discover new endpoints
If you see an endpoint that exposes a resource in typical fashion such as:
GET /api/albums/<album_id>/photos/<photo_id>
Think about what other directories and endpoints there are likely to be in the API. Tools such as Burp Suite Intruder or FFUF are great here when combined with API-specific wordlists. If regular API wordlists are not finding anything, then consider using a tool like CeWL which will generate custom wordlists for individual applications. Sometimes there will be endpoints that the web app itself rarely hits, but you can send your own requests to them if you find one. These can be gold mines! In the above example, you could try looking for:
GET /api/posts/<post_id>/comment/…
GET /api/users/<user_id>/details/…
We can also provide alternative values for each section and test to see if they exist. For example, version 1 of the API may have the appropriate access controls in place, but perhaps version 2 is not fully rolled out yet. You may find that version 2 of the API is still accessible if you make calls directly to it and that it lacks the access controls as it is not finished.
/service/v1/users/<user_id>
Where:
service: application context
v1: version
users: resource
<user_id>: parameter
#IDOR
@GitBook_s7 498
Object scope: Is it private or public?
Start by looking at what objects should be publicly readable versus the ones that should not be. For instance, in an online store, product details and reviews associated with each product may be readable by the general public using the following endpoints:
GET /api/products/<product_id>
GET /api/reviews/<product_id>
However, the buyer’s private profile information should not be:
GET /api/users/<user_id>/creditcard/details
GET /api/users/<user_id>/mailingaddress/details
If the API structure looks something like the above, then you can assume that the user-related information should only be visible to that user. That is one of the best places to start testing for high-impact IDORs.
Pro tip: Don’t forget to try create/update/delete operations on objects that are publicly readable but shouldn’t be writable. Can you PUT to /api/products and change a price?
#IDOR
@GitBook_s