Skip to content

Instantly share code, notes, and snippets.

@nsiddiqui25

nsiddiqui25/BBHT - THE HUNT (-) BEGIN(s) AGAIN

Forked from ruevaughn/Bug Bounty Resources.txt
Created July 19, 2022 20:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save nsiddiqui25/c83e79f69a8c89dae8dab7065567a9e6 to your computer and use it in GitHub Desktop.
Save nsiddiqui25/c83e79f69a8c89dae8dab7065567a9e6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
BBHT - THE HUNT (-) BEGIN(s) AGAIN
TODO
My Urls
/
Regexp patterns
https://regexr.com/
Python
https://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03?utm_source=pocket-ff-recs
Rails
https://www.cloudbees.com/blog/preproduction-checklist-for-a-rails-app?utm_source=rubyweekly&utm_medium=email
https://youtu.be/CIhHpkybYsY?t=1171
xss - https://threadreaderapp.com/thread/1508406052663934979.html
B
Browsers
https://github.com/Excloudx6/browser-compat-data
https://httpwg.org/specs/rfc7230.html#header.transfer-encoding
https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length
https://stackoverflow.com/questions/978061/http-get-with-request-body?rq=1
https://datatracker.ietf.org/doc/html/rfc7230
https://groups.yahoo.com/neo/groups/rest-discuss/conversations/messages/9962
https://www.ietf.org/rfc/rfc2119.txt
https://www.elastic.co/guide/en/elasticsearch/guide/current/_empty_search.html
d
sd
2FA Bypass -
2fa bypass Mindmap - https://www.mindmeister.com/1736437018?t=SEeZOmvt01
2fa Bypass Methods - https://workbook.securityboat.in/resources/web-app-pentest/business-logic-vulnerabilities/2fa-bypass
Android
https://github.com/dzmitry-savitski/android-pentest-tool
Authentication Bypass Vulnerabilities
API Hacking
https://gist.github.com/ruevaughn/51048bccdc753596443eca95cbf39356
https://apexvicky.medium.com/top-10-api-bugs-where-to-find-them-5dac338b3d73
https://attacker-codeninja.github.io/2021-08-28-Hacking-APIs-notes-from-bug-bounty-bootcamp/
https://dfir.blog/unfurl/
https://www.slideshare.net/programmableweb/why-api-security-is-more-complicated-than-you-think-and-why-its-your-1-priority
Blockchain
https://hash.ai/@b/uniswap
https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b
https://github.com/ruby/webrick/blob/master/lib/webrick/httprequest.rb }9
https://twitter.com/0xAsm0d3us/status/1438149310080712709
Blogs
https://respectxss.blogspot.com/
Ethereum Hacking
https://twitter.com/CyberWarship/status/1533710785914056705
Broken Access Control - https://cwe.mitre.org/data/definitions/1345.html
Browser Extensions - Chrome
Collusion - https://chrome.google.com/webstore/search/collusion
DotGit - https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en
Trufflehog https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc
Browser Extensions - Firefox
Cookie Editor - https://addons.mozilla.org/en-US/firefox/addon/cookie-editor/
Bulk URL Opener - https://addons.mozilla.org/en-GB/firefox/addon/bulkurlopener/
Hacktoolshttps://addons.mozilla.org/en-US/firefox/addon/hacktools/
Bug Bounty Programs
Discovery Header DoD - https://github.com/KingOfBugbounty/Discovery-Header-Bug-Bounty
King Recon DoD - https://github.com/KingOfBugbounty/KingRecon_DOD
Bentley Bug Bounty Program - https://www.bentley.com/en/products
https://lostsoulofawolf.medium.com/bug-bounty-how-to-get-private-invites-60062a5d0809
https://github.com/Hack-with-Github
Blog
https://www.veracode.com/blog?utm_source=lpFooter&utm_medium=Website
http://10degres.net/posts/
CSRF TOken - https://www.veracode.com/security/csrf-token
Courses
https://web.stanford.edu/class/cs253/
Character Encodings
https://stat545.com/character-encoding.html
Cheatsheets
Cheatsheets
https://securityzines.com/#comics <---- Very Cool Cheatsheets printouts etc. \
https://github.com/EdOverflow/bugbounty-cheatsheet
Cookies
https://datatracker.ietf.org/doc/html/rfc6265#section-5.3w
https://github.com/jshttp/cookie
CWE
CWE-548: Exposure of Information Through Directory Listing - https://cwe.mitre.org/data/definitions/548.html
Directory Listing
http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&attackVectorId=254 | http://projects.webappsec.org/w/page/13246922/Directory%20Indexing
Dorks
Aline - Dork Automator CLI - https://github.com/ferreiraklet/Aline
Brtwitter dork: https://mobile.twitter.com/i/events/1417062625997991936
🌟 Find company's owned domains (company.*) with these #googledorks: | https://twitter.com/nil0x42/status/1533094473067995137
Shifa123 BugBounty Dorks https://github.com/shifa123/bugbountyDorks/blob/master/bbdorks
Goop https://github.com/s0md3v/goop
Open Bug Bounty Targets https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt
uDork https://github.com/m3n0sd0n4ld/uDork
Frameworks
BBRF Client - https://github.com/honoki/bbrf-client
LazyRecon - https://github.com/nahamsec/lazyrecon
Osmedeus - https://github.com/j3ssie/osmedeus | https://docs.osmedeus.org/web-ui/ | https://github.com/osmedeus/osmedeus-workflow/blob/main/general/subdomain.yaml | https://discord.com/invite/mtQG2FQsYA | https://docs.osmedeus.org/installation/practical-usage/
Sniper - https://github.com/1N3/Sn1per
Reconness - https://github.com/reconness/reconness
Recon NG - https://github.com/lanmaster53/recon-ng | https://github.com/lanmaster53/recon-ng-marketplace
ReconFTW - https://github.com/six2dez/reconftw
Rengine - https://github.com/yogeshojha/rengine
Vajra - https://github.com/r3curs1v3-pr0xy/vajra eeewwwff
Git/Source Code Secret Finding
http://10degres.net/github-tools-collection/
https://docs.github.com/en/rest/search
https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
https://github.com/koto/gitpillage
https://github.com/hisxo/gitGraber
https://github.com/gwen001/github-search
https://github.com/darkseed/gitpillage
Tools to Get sensitive info / secrets from https://twitter.com/soaj1664ashar/status/1176769454035939328
https://github.com/trufflesecurity/trufflehog
Why Exposed API Keys and Sensitive Data are Growing Cause for Concern https://www.programmableweb.com/news/why-exposed-api-keys-and-sensitive-data-are-growing-cause-concern/analysis/2015/01/05
Graphql
https://www.programmableweb.com/news/what-graphql-and-how-did-it-evolve-rest-and-other-api-technologies/analysis/2019/07/31
https://github.com/KathanP19/HowToHunt/blob/master/GraphQL/GraphQL.md
https://www.youtube.com/watch?v=cvvPLlP4518&feature=emb_logo
handson / demos
ABUH! https://darkrebel.net/metarget-framework-providing-automatic-consctions-of-vulnerable-infrastructures | metarget appv install dvwa | metarget install cve-2021-2312
xss jigsaw - https://blog.innerht.ml/page/2/
HTTP Request Smuggling
Defparam Variant - https://gist.github.com/defparam/840f7d9e31f77b3c5460c5921e0787ef/revisions
bbhunter mutations - https://gist.github.com/bbhunter
HTTP Request Smuggling - https://gist.github.com/ruevaughn/9c76260b412446f33b647c970bbb1001)
HTTP Rquest Smuggling Tools
https://github.com/Sh1Yo/request_smuggler
IDOR
https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21
ISS=
iis https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/
Ios
https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21
https://havoc.app/package/crane
Javascript Vulnerabilities
Javascript Enumeration https://www.youtube.com/watch?v=IsSWbVHk11M
https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html
https://github.com/Excloudx6/jsmon
https://github.com/robre/scripthunter
JSON Attacks - JSON https://www.youtube.com/watch?v=oUAeWhW5b8c
JWT
https://gist.github.com/ruevaughn/328067fadf926ddb788f98cd0d2d1a71 Crack JWT
https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0
Security Weekly Unlocked: https://www.youtube.com/playlist?list=PLlPkFwQHxYE7nQtKNzjnsVyoSOu2K4l9e
https://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d
https://www.youtube.com/watch?v=muYmiEtPL8U JWT with bbking
JWT Traversal https://github.com/MoisesTapia/JwtTransversal
Mass Assignment https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html
https://code.tutsplus.com/tutorials/mass-assignment-rails-and-you--net-31695
Mindmaps
List of Attack Vectors http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp
Huge Mind Map. Lots of resources. Has All Exploits and a lot of good info. https://www.xmind.net/m/Xy7XEW/
Collaborative Mindmaps - Collaborative Mind Mapping
Mobile
https://www.veracode.com/blog/2010/12/mobile-app-top-10-list
Owasp Top 10 (2021) https://cwe.mitre.org/data/definitions/1344.html
Parameter Tampering -
http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&attackVectorId=57
POC
https://github.com/RootUp/PersonalStuff
https://github.com/swisskyrepo/PayloadsAllTheThings
Products / Services
Tobuy https://order.shareit.com/cart/view | https://tryhackme.com/why-subscribe | https://findomain.app/#Pricing | https://github.com/Excloudx6/InfoSec-Black-Friday | HAKLUKE RECOMENDS https://securitytrails.com/corp/osint-toolkit?referral_code=LLDAK0F80M
Recon
Reconmap GUI Website SaaS https://demo.reconmap.com/login
Reporting
https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html
Resources
cloud metadata - https://gist.github.com/rudSarkar/39f821249bf0d38093cafbfd23bc33ee | https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb
Megathread https://twitter.com/ITSecurityguard/status/1519272305729458176
reset pass https://docs.google.com/presentation/d/1QzBl3k3n2q44ULyfZgr_gPZexj8nF5vD8JrS5AUJRbs/edit#slide=id.gb5aea10a86_0_167
bug bounty https://docs.google.com/presentation/d/1o7GWUOYwcd3uMwLBRG9UzARYCvfuX3VKUHfoPu38t78/edit
Bug Bounty Udemy Courses Tip https://twitter.com/ITSecurityguard/status/1519272305729458176
https://github.com/carlospolop/PEASS-ng
RPO (Relative Path overide) Gadgets - https://blog.innerht.ml/rpo-gadgets/
Self Hosting
Shodan like nmap results parser (https://github.com/shivammehta007/ScanX) PBNJ(http://pbnj.sourceforge.net/) (A suite of tools to monitor change in a network over time) store NMAP Results in a database to monitor changes on a network over time and then conducts historical analysis to identify new hosts -
Scripts
LFI https://web.archive.org/web/20100228162410/http://pastie.org/840199
https://github.com/killswitch-GUI/PenTesting-Scripts
Session Poisoning - https://en.wikipedia.org/wiki/Session_poisoning
https://github.com/t1m4/ptl_lab
Setup
Bug Bounty Tools Setup - https://github.com/oliveira-andre/bug_bounty_tools
Redherd - https://redherd.readthedocs.io/en/latest/ | https://www.youtube.com/channel/UCYSM51oldVsryhZxGdB3hXA
Shodan
Awesome Shodan Queries https://github.com/jakejarvis/awesome-shodan-queries
Shodan Dorks https://twitter.com/0xhunster/status/1548382647759491074/photo/1
Shodan CVE Dorks Kathan https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks
Status Codes
Web status codes https://requests.readthedocs.io/en/latest/api/#status-code-lookup
SQL Injection
https://book.hacktricks.xyz/pentesting-web/sql-injection
(at the bottom of the page, the image and text for 2 sqli x-forwarded-for tips) https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21
https://github.com/0xEval/sql2shell
Source Code Analysis
https://twitter.com/dhakal_ananda/status/1544574015779606529
Takeovers
https://github.com/musana/mx-takeover
Timing Attacks
Time Attacks http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp?antiCsrfToken=null&filterCategory=9
Tips
https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248
https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountytips.md
King of Bug Bounty Tips - https://github.com/KingOfBugbounty/KingOfBugBountyTips
https://abhinavprasad47.github.io/bugbounty-starter-notes/
https://www.google.com/search?tbm=bks&q=recon-ng
gh dork: https://github.com/topics/one-liners
Sqlmap tip - https://youtu.be/rVu0GUjic_g?t=2246
Eval command and security issues https://mywiki.wooledge.org/BashFAQ/048
Tools
HTML Tools (CSV To HTML, Regexpal, 50+ tools) https://www.cleancss.com/join.php
Arjun - https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url
crobat - https://www.onsecurity.io/blog/how-i-made-rapid7s-project-sonar-searchable/
Dom Invader - https://www.youtube.com/watch?v=GeqVMOUugqY
ffuf - https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 | https://thexssrat.medium.com/what-the-fuzz-the-truth-behind-content-discovery-77cd0c0756e7
gf - https://rengine.wiki/usage/tool_conf/ | https://github.com/1ndianl33t/Gf-Patterns | https://github.com/halencarjunior/BugBuntu/wiki/Installing-Gf-Patterns | https://github.com/NitinYadav00/gf-patterns/fork | https://twitter.com/sratarun/status/1361209626478276610 | MORE GF TEMPLATES ----> https://github.com/lutfumertceylan/top25-parameter/releases/tag/v1.0.7 | https://github.com/tomnomnom/gf/compare/master...pry0cc:jf:master | https://github.com/ResistanceIsUseless/gf | https://github.com/tomnomnom/gf/compare/master...medbsq:gf:master | https://github.com/mrofisr/gf-patterns
gee - Similar to Tee. More Functionality. https://github.com/hahwul/gee
- Gee Tips https://twitter.com/hahwul/status/1360495560843689989
FFMPEG-AVI-m3u-xbin - https://github.com/Excloudx6/ffmpeg-avi-m3u-xbin
metabigor v2 - Metabigor https://twitter.com/j3ssiejjj/status/1528687407587299330/photo/1
SimpleApachePathTraversal - https://github.com/MrCl0wnLab/SimplesApachePathTraversal
Source2Url -
WhatWeb - https://github.com/urbanadventurer/WhatWeb
WFUZZ - https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz
Wordlists
https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056
Writeups
securityforeveryone.com/scan-repository
2022-07-15 Exploiting Arbitrary Object Instantiations in PHP without Custom Classes https://swarm.ptsecurity.com/exploiting-arbitrary-object-instantiations/
https://github.com/fardeen-ahmed/Bug-bounty-Writeups
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
https://twitter.com/ITSecurityguard/status/1519272305729458176
https://github.com/ngalongc/bug-bounty-reference
https://github.com/djadmin/awesome-bug-bounty
https://ysamm.com/#
https://tarekbouali.com/posts/how-i-hacked-one-of-the-biggest-airlines-group-of-the-world/
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups
https://infosecwriteups.com/intro-to-bug-bounty-automation-tool-chaining-with-bash-13e11348016f
https://hacklido.com/u/excloudx
https://subscription.packtpub.com/book/networking-and-servers/9781788626897/7/ch07lvl1sec47/example
https://subscription.packtpub.com/owned
https://id.bugbountyhub.com/auth/realms/bugbountyhub/login-actions/authenticate?execution=a484e1a7-bc42-472b-a339-15be49996b14&client_id=prod-platform&tab_id=MivkVulj_p8
https://prashantbhatkal2000.medium.com/svg-based-stored-xss-ee6e9b240dee
https://github.com/phlmox/public-reports/blob/main/hackerone-one-million-reports
https://footstep.ninja/posts/
https://twitter.com/omespino/status/1489310300708900868/photo/
https://github.com/phlmox/public-reports
https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/
https://discord.com/channels/772850979955671103/772854181433573398/895230570366402590 Hacking Articles
Vhosts
Vhost Discovery https://github.com/projectdiscovery/tlsx#sancn-probe
xss
https://twitter.com/ofjaaah/status/1504932805431767046
https://portswigger.net/research/new-xss-vectors
https://medium.com/bugbountywriteup/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1
https://github.com/takshal/freq
https://bytemeta.vip/index.php/@takshal
https://github.com/takshal/freq/pull/2/commits/ca176eee65889530b4896d782419edd0e4325713
https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html
What is the best method to use dalfox?? https://attacker-codeninja.github.io/2021-09-09-portswigger-notes-on-host-header-attack/
https://github.sre.pub/topics/xss-scanners
https://medium.com/@skavans_/the-unobvious-about-xss-and-html-encoding-4e0d536a35d9
Gists
Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! https://github.com/bee-san/pyWhat/fork
Eyeballer
https://github.com/BishopFox/eyeballer <----- TODO BIG IG and [this](https://www.kaggle.com/datasets/altf42600/pentest-screensots)
https://www.akamai.com/blog#HTTP2rs
https://www.jhaddix.com/post/tooltime-2-ssl-certificate-parsers-for-recon
Recon
Notify -bulk - workflow to funnel everything to Notify https://youtu.be/v7FMPU3J3Qw?t=3044
ReconFTW Automation - https://youtu.be/v7FMPU3J3Qw?t=2841
Automation - what to do with all the subdomains endpoints you found! https://youtu.be/v7FMPU3J3Qw?t=1864
Tools
https://reconshell.com/awesome-bug-bounty-tools/
https://reconshell.com/mobile-hackers-weapons/
https://book.hacktricks.xyz/todo/more-tools
https://github.com/fardeen-ahmed/Bug-bounty-Writeups#-bug-bounty-tools---
https://github.com/vavkamil/awesome-bugbounty-tools#Recon
Image upload
https://github.com/barrracud4/image-upload-exploits
https://hackbotone.com/blog/essential-recon-tools/
https://github.com/danielthatcher/spydom
https://allciber.com/web-attack-cheat-sheet/
Alias / Snippet / Command Management
https://github.com/nahamsec/recon_profile
https://github.com/hahwul/hack-pet/commit/6405608c856551d241174d8c839c79efdff5153c
https://github.com/hahwul/hack-pet
https://github.com/knqyf263/pet
Wordlists
FUZZ.txt good -https://gist.github.com/m4ll0k/50efec5f04179b107c9d7597eec7d23c
https://gist.github.com/m4ll0k/https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d
Wordlists
Stream: Creating Target Specific Wordlist!! https://www.youtube.com/watch?v=AF-zp6DROTs
feeee q
API Endpoints https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d
https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af
https://wordlists.assetnote.io/
https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056
https://github.com/six2dez/OneListForAll/blob/main/onelistforallmicro.txt
https://gist.github.com/miguelmota/706ebaeb661e246e1b682c400d49d1c9
https://github.com/ghostlulzhacks/wordlist/blob/master/directory-brute-wordlist.txt
to harvest https://youtu.be/YO3ldj4jkJk?t=275
Common Bucket Names https://github.com/buckhacker/buckhacker/blob/master/resources/common-bucket-names.txt
https://portswigger.net/web-security/authentication/auth-lab-passwords
https://portswigger.net/web-security/authentication/auth-lab-usernames
https://github.com/SmeegeSec/SmeegeScrape
make a wl from js https://gist.github.com/seqrity/d67608eb6372cd6f455bfeeefa77b9c2
Who what where when tomnomnom - https://www.youtube.com/watch?v=W4_QCSIujQ4
https://pentestbook.six2dez.com/recon/webs-recon Wordlist Gen
https://github.com/giteshnxtlvl/cook
https://gitlab.com/kalilinux/packages/amass/-/tree/91a5313226ab9ebd4ecbad40622584dd6f3f7cd5/wordlists Wordlists
https://github.com/anshumanbh/brutesubs
Proxy
https://github.com/neex/tcp-over-http
hetty.xyz
Sqli
https://sapt.medium.com/sqli-on-a-bugcrowd-private-program-17858b57ec61
http://sqlninja.sourceforge.net/download.html
https://w3af.org/howtos/find-cross-site-scripting-and-sql-injections
https://www.securedyou.com/how-to-hack-sql-database-password-cracking/
https://www.securedyou.com/download-havij-free-automated-sql-injection-tool/
sqlmap
https://h1pmnh.github.io/post/advanced-sqlmap-case-study-1
cors https://chawdamrunal.medium.com/insecure-cors-configuration-808437d7cfd7
Default C
https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys
https://github.com/SummitRoute/csp_security_mistakes
File Upload
https://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba
https://github.com/almandin/fuxploider - File upload vulnerability scanner and exploitation tool.
Default Cred Scanner
https://github.com/Excloudx6/changeme
Monitor Server Status
https://github.com/sudo-jtcsec/server-status-mon
https://github.com/Excloudx6/server-status_PWN
Tmux https://github.com/Excloudx6/clips
# My Bug Bounty Wiki Page
https://github.com/MrM8BRH/SuperLibrary
https://github.com/zeroc00I/ReconNotes
https://gist.github.com/ruevaughn/71c31d7f67b7d105d9f480489e02c906
Scanners
https://github.com/RustScan/RustScan
https://github.com/knassar702/scant3r
http headers
https://www.ibm.com/docs/en/ibm-mq/7.5?topic=headers-content-type-http-entity-header
A-Z Sorting in progress
AwsCli https://aws.plainenglish.io/aws-s3-cli-cheatsheet-9078366fca83
Welcome to my Bug Bounty Wiki page. It's currently not organized or cleaned up at all though that's a WIP. Originally was where I was dumping links and things I needed to rememnber.
News Articles
https://www.bbc.com/news/technology-43581624
Deserialisation
Deserialization example <-https://youtu.be/oUAeWhW5b8c?t=1583
Another Deserialization example https://youtu.be/eDfGpu3iE4Q?t=266
https://github.com/GerbenJavado/LinkFinder
https://medium.com/@duhroach/how-png-works-f1174e3cc7b7
https://github.com/beurtschipper/Depix <-- unblur
### A
Amass
https://hackbotone.com/blog/amass-osint-reconnaissance-tool/
https://hakluke.medium.com/haklukes-guide-to-amass-how-to-use-amass-more-effectively-for-bug-bounties-7c37570b83f7
https://securityonline.info/amass-subdomain-enumeration/
https://github.com/OWASP/Amass/releases
Twitter
https://mobile.twitter.com/drunkrhin0/status/1344130730947825664
https://twitter.com/jeff_foley
https://github.com/OWASP/Amass/blob/master/doc/scripting.md
https://github.com/OWASP/Amass
https://gist.github.com/sillydadddy/b1726c8e8ce281d55b82d4e2a1a610e8
https://twitter.com/dokkillo/status/1305566849514471424
https://github.com/PatrikFehrenbach/amass-tools/blob/master/assetfinder.ads
https://github.com/OWASP/Amass#top-mentions
amass enum script command https://youtu.be/H1wdBgY1rtg?t=5408
Example of api key configuration https://www.hahwul.com/2020/09/23/amass-go-deep-in-the-sea-with-free-apis/#chaos
[31:33 / 1:56:06]
[How to Use Amass Efficiently by @jeff_foley #NahamCon2020](https://youtu.be/H1wdBgY1rtg?t=1974)
[OWASP AMass Boot Camp by Jeff Foley (Caffix)](https://www.youtube.com/watch?v=OOurkCPf2-I)
Amass Tutorial https://github.com/OWASP/Amass/blob/master/doc/tutorial.md
https://github.com/vortexau/dnsvalidator
https://twitter.com/owaspamass
https://kathmandupost.com/science-technology/2021/04/06/we-dream-to-be-nepal-s-first-billion-dollar-it-company
https://reconwithme.com/
Amass Scripting\
https://github.com/OWASP/Amass/tree/master/resources/scripts
https://github.com/OWASP/Amass/blob/master/doc/scripting.md
amass scripting https://youtu.be/H1wdBgY1rtg?t=4987
https://jaeles-project.github.io/
APIs
Huge API Resources list! https://dsopas.github.io/MindAPI/references
https://thexssrat.podia.com/view/courses/free-api-testing-and-securing-guide/923506-api-top-10-videos/2699995-owasp-api-top-10-a0-to-a3
https://www.hahwul.com/2019/07/01/easy-security-testing-with-applications-bridge-in-zap/
https://github.com/PortSwigger
### B
Books https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/BOOKS.md
https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html
https://guidesmiths.github.io/cybersecurity-handbook/resources
https://guidesmiths.github.io/cybersecurity-handbook/tooling
https://github.com/1N3/Sn1per/blob/master/modes/normal_webporthttp.sh
Blogs
https://opsecx.com/index.php/category/blog/
Url FInder
https://www.kitploit.com/2021/08/sigurlfind3r-reconnaissance-tool-it.html
403 Bypasser
https://www.kitploit.com/2021/11/4-zero-3-403401-bypass-methods-bash.html
https://www.kitploit.com/2021/09/403bypasser-automates-techniques-used.html
Oauth
#### Oauth Bug Bounty Cheatheet
https://0xn3va.gitbook.io/cheat-sheets/web-application/oauth-2.0-vulnerabilities
https://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d
Email
https://www.ibm.com/docs/en/sqsp/32.0?topic=SSBRUQ_32.0.0/com.ibm.resilient.doc/install/resilient_install_defang s.htm
Nuclei
Nuclei : A Bug Bounty Tool https://www.youtube.com/watch?v=ZcG8ARatgs0
https://www.reddit.com/r/infosec_daily/comments/lrz9bg/nuclei_tool_review/
Finding bugs with Nuclei with PinkDraconian (Robbe Van Roey) https://www.youtube.com/watch?v=ewP0xVPW-Pk
Nuclei templates
https://github.com/xm1k3/cent <-- manage nuclei tempaltes and ibg list of templateseeeeeeeeeeeeeeeeeee
https://github.com/aboul3la/nuclei-templates
https://github.com/projectdiscovery/nuclei-templates/compare/master...s4e-labs:nuclei-templates:master
https://github.com/projectdiscovery/nuclei-templates/discussions/693
https://nuclei-templates.netlify.app/
cool
https://github.com/nikitastupin/param-miner-doc
rxrdxrhttps://platforms.disclose.io/
https://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html
https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022
https://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer
### C
CanaryTokens
https://canarytokens.org/generate
Checklists
https://github.com/security-checklist/php-security-check-list
https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987
Cheatsheet
https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
https://github.com/dgtlmoon/changedetection.io
#### CVE
Code Review
https://www.youtube.com/watch?v=q5NqY2RRLj0
https://www.youtube.com/watch?v=bfLQjZmD5jY&feature=youtu.be
POC Videos
https://repo.telematika.org/project/bminossi_allvideopocsfromhackerone/
https://github.com/zeroc00I/AllVideoPocsFromHackerOne
Fuzzing
https://thugcrowd.com/kiosk/ Badass Fuzzing tools / Resources
https://0xn3va.gitbook.io/cheat-sheets/resources/software/fuzzing
Bug Bounty Videos
Mix - webpwnized https://www.youtube.com/watch?v=Y_2JVREtDFk&list=RDCMUCPeJcqbi8v46Adk59plaaXg&start_radio=1
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out! - https://www.youtube.com/watch?v=CIhHpkybYsY&t=2s
Videos
https://administraitor.video/edition/Hack.lu/2019
https://portswigger.net/news
Notify - https://youtu.be/rbr7ZmBI9qs?t=278
https://www.youtube.com/watch?v=kbi2KaAzTLg
What after Recon? - Sup Subdomains?!
DORK
https://www.google.com/imgres?imgurl=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FEf6ELytWAAAswXx%3Fformat%3Djpg%26name%3D4096x4096&imgrefurl=https%3A%2F%2Fmobile.twitter.com%2Fbugbountyrecon&tbnid=pQu57Q5pha2WIM&vet=12ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ..i&docid=NghhHzdXU7Ey8M&w=2480&h=1302&q=Bug%20bounty%20automation%20GitHub&client=firefox-b-1-d&ved=2ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ
https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt
Reporting
https://hacktify.in/bugbounty/ <---- lots of resources for reporting
#### Ruby on Rails
https://hackerone.com/reports/904059
https://hackerone.com/reports/1400309
https://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md
https://bugbountyforum.com/resources/#ruby-on-rails
Free Shodan key and nmap automatin script to search for big f5 ip acve
https://learn.hacktify.in/courses/take/bug-bounty-hunting-and-penetration-testing/lessons/16862042-assets-resources
https://github.com/shifa123/f5BigIPExploit/blob/master/assets
dnmap
https://github.com/vdjagilev/nmap-formatter
https://www.darknet.org.uk/2016/07/dnmap-distributed-nmap-framework/?utm_source=pocket-ff-recs
https://github.com/alt3kx/CVE-2021-21985_PoC/blob/main/CVE-2021-21985.nse
# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse
# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve2020-3452.nse
aquatone - https://gist.github.com/random-robbie/beae1991e9ad139c6168c385d8a31f7d
https://www.tib.eu/en/publishing-archiving/research-data
https://github.com/erbbysam/Hunting-Certificates-And-Servers/blob/master/Hunting%20Certificates%20%26%20Servers.pdf
Bug Bouty Programs
https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html
https://guidesmiths.github.io/cybersecurity-handbook/resources
https://guidesmiths.github.io/cybersecurity-handbook/tooling
rxrdxrhttps://platforms.disclose.io/
https://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html
https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022
https://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer
https://hackerone.com/alipay?type=team
https://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html
Disclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team
* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)
https://github.com/detectify/cs-challenge
https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt
Dutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c
"Bug Bounty programs|VDP|launch" -> Google News etc
#### J
Javascript
JAVASCRIPTRECON.md https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff
https://portswigger.net/research/dom-based-angularjs-sandbox-escapes
Javascript for hackers https://www.youtube.com/watch?v=FTeE3OrTNoA
https://legallybreaking.com/discussion/88/full-featured-javascript-recon-automation-jsfscan-sh
https://labs.detectify.com/2016/12/08/the-pitfalls-of-postmessage/
https://portswigger.net/researcword
h/dom-based-angularjs-sandbox-escapes
https://portswigger.net/research/dom-based-angularjs-sandbox-escapes
#### L
Labs
Linux
https://linuxsecurity.expert/resources/
#### M
Monitoring
https://github.com/dgtlmoon/changedetection.io Monitor Website Changes
### P
#### Podcasts
Links here -> https://blog.intigriti.com/2019/11/12/bug-bytes-44-new-platform-new-programs-and-a-e25k-head-csrf/
SelfHosted Podcast https://selfhosted.show/60?t=777
Programs
https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt
### R
####
#### Reverse Shells
### Rate Limit
### T
Top 10
------- ACCOUNT TAKEOVERS-----------
https://medium.com/@bathinivijaysimhareddy/tale-of-account-takeovers-part-2-9abf62de4ca3
https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods
https://opensourcelibs.com/lib/google-acquisitions
API Security
https://www.cloudflare.com/learning/security/api/owasp-api-security-top-10/
Shadowe apis https://www.cloudflare.com/learning/access-management/what-is-shadow-it/
Cors
https://jakearchibald.com/2021/cors/playground/
DNS Hijacking
https://www.cloudflare.com/en-ca/learning/security/global-dns-hijacking-threat/
https://github.com/mdsecresearch/Publications/blob/master/presentations/Offensive%20Development%20-%20Post-Exploitation%20Tradecraft%20in%20an%20EDR%20World%20-%20x33fcon%202020.pdf
ffuf
How to use ffuf - Hacker Toolbox https://www.youtube.com/watch?v=aN3Nayvd7FU
Fuzzing / FFUF -> 5-30-22 Nehamssec stream covered fuzzing A LOT https://www.twitch.tv/videos/1312499916
Protips ffuf - tips and tricks https://www.youtube.com/watch?v=uwcRBSUl8e4&t=358s
Late to the party, or, in other words massive web enumeration using ffuf. http://0entropy.blogspot.com/2020/05/late-to-party-or-in-other-words-massive.html
https://gowthams.gitbook.io/bughunter-handbook/fuzzing-fuff
https://0xmahmoudjo0.medium.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-9c3bb3780e8f
IDN Homograph
https://www.akamai.com/blog/security/watch-your-step-the-prevalence-of-idn-homograph-attacks
Insecure Deserialisation
Insecure Deserialisation https://www.youtube.com/watch?v=SNi7gNkfLSM
#### Protype Pollution
https://www.kitploit.com/2021/09/plution-prototype-pollution-scanner.html
https://github.com/BlackFan/client-side-prototype-pollution
https://research.securitum.com/prototype-pollution-and-bypassing-client-side-html-sanitizers/
https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf
#### Prototype polution Tools
https://github.com/msrkp/PPScan
Sensitive Info
https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks
SSRF
https://reconshell.com/jira-mobile-ssrf-exploit/
https://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/ssrf
Subdomain Takeovers
https://0xpatrik.com/subdomain-takeover-ns/
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
https://www.hackerone.com/application-security/guide-subdomain-takeovers
https://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75
https://import.cdn.thinkific.com/359809/courses/1386931/locomotivesubdomaintakeover-210608-154821.yamll
https://github.com/buckhacker/SubDomainTakeoverTools
github.com/lukasikic/subzy
-> https://gist.githubusercontent.com/ruevaughn/91d3369fdf0d93b0bdc6662c771cb7ae/raw/79e07b315e465bae1f003ec8fd40fcf5471b223b/fingerprints.json
github.com/mhmdiaa/second-order
SQL INjection
https://www.cloudflare.com/learning/security/threats/sql-injection/
XSS
Al the ways you can alert js -> https://gist.github.com/tomnomnom/14a918f707ef0685fdebd90545580309
https://github.com/wisec/domxsswiki/wiki
https://github.sre.pub/topics/xss-scanners
https://owasp.org/www-community/attacks/xss/
Moving beyond alert()xss https://av.tib.eu/media/49191
https://unescape-room.jobertabma.nl/
https://infosecwriteups.com/reflected-xss-on-microsoft-com-subdomains-4bdfc2c716df
#### Tools
https://www.xmind.net/m/Xy7XEW/# <-----
https://github.com/Excloudx6/PentestTools#exploitation-tools
https://linuxsecurity.expert/security-tools/top-100/
https://intelx.io/tools
https://github.com/nccgroup/ScoutSuite/tree/master/tools
Clean Ips Script
https://gist.github.com/LuD1161/bd4ac4377de548990b47b0af8d03dc78
### D
Dirb
https://techyrick.com/dirb/
https://github.com/nccgroup/tracy
#### Todo
hetty.xyz
https://www.bugbountyhunting.com/
https://github.com/KingOfBugbounty/KingOfBugBountyTips#scan-log4j-using- -and-log4j-scan
https://medium.com/hacking-info-sec/how-to-install-and-use-bbrf-35f6aa15fbc9
https://github.com/Excloudx6/Guide-to-SSRF
https://github.com/alphaSeclab/sec-daily-2020
https://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png
https://github.com/topics/bugbounty
https://gist.github.com/R0X4R/bc08d55e368965f22c0b41ee8475ba87
SSRF
https://cheatsheetseries.owasp.org/assets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet_SSRF_Big.pdf
Nmap
https://github.com/killswitch-GUI/PenTesting-Scripts/blob/master/Nmap-Strings
https://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology/
https://github.com/SmeegeSec/Security_Headers_Nmap_Parser
ssh bruting
A simple multi-threaded distributed SSH brute-forcing tool written in Python https://github.com/k4yt3x/orbitaldump
https://github.com/d3vilbug/Brutal_SSH
xsshunter
https://github.com/mystech7/xsshunter - duplicate within 15 min check added
https://gosecure.github.io/security-cheat-sheet/
https://twitter.com/e11i0t_4lders0n/status/1489234267687497735
https://snyk.io/log4j-vulnerability-resources/
https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/
HTTP HEader Smuggling
https://github.security.telekom.com/2020/05/smuggling-http-headers-through-reverse-proxies.html
Request Smuggling
https://github.com/ruevaughn/websocket-connection-smuggler
https://portswigger.net/daily-swig/how-to-perform-an-http-header-smuggling-attack-through-a-reverse-proxy
https://twitter.com/albinowax/status/1263122811683553283
Note: kitploit guys is the hackbogtone guy
https://www.kitploit.com/2021/08/http-request-smuggling-http-request.html
https://hackbotone.com/blog/http-request-smuggling-detection-tool/
https://www.youtube.com/watch?v=mijOcGLneLU&t=303.658823s
https://gist.github.com/sminez/571bd7bafb1b88630b85c85a0cd66e3a - grep through this
try
https://github.com/arjunshibu/gcmd
https://splash.readthedocs.io/en/stable/scripting-tutorial.html#scripting-tutorial
https://github.com/phlmox
Recon
https://www.kitploit.com/2021/10/webdiscover-purpose-of-this-script-is.html
https://www.cobalt.io/blog/scope-based-recon-smart-recon-tactics
Checklists
https://gist.github.com/jhaddix/6b777fb004768b388fefadf9175982ab
https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf
https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/
https://gist.github.com/pdelteil/ba005609789ae14862f023da4191826d
https://github.com/rails/rails/issues/37620
SUBDOMAIN TAKEOVERS
https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods
https://www.udemy.com/course/cloud-hacking/learn/lecture/8613164?start=0#overview
https://github.com/indianajson/can-i-take-over-dns
RECON
https://gist.github.com/khanjanny/039d7c7d825a866b9020e3945e04ace9
https://github.com/KathanP19/HowToHunt
https://prettyrecon.com/auth/forgot_password/
Oneliners
https://github.com/KingOfBugbounty/KingOfBugBountyTips/compare/master...halencarjunior:KingOfBugBountyTips:master
https://www.youtube.com/watch?v=ZcG8ARatgs0&t=467s
https://giters.com/okaayfine/oneliner-bugbounty
https://twitter.com/ofjaaah/status/1532581839344394241
https://gist.github.com/cyberheartmi9/c993542044fdc45834837c3f88484a63
https://github.com/trimstray/the-book-of-secret-knowledge
Tweets Dorks
https://twitter.com/hashtag/bugbountytips
https://twitter.com/search?q=%23bugbountytips&cn=ZmxleGlibGVfcmVjcw%3D%3D&refsrc=email
https://twitter.com/ghostlulz1337
https://www.google.com/search?client=firefox-b-1-d&q=site%3Agist.github.com+%22dalfox%22+automate
https://gist.github.com/sec99
https://gist.github.com/Bedrovelsen/starred
https://gist.github.com/tranphuoctien/47c1242c8189b42fb4d268c548db4526
https://gist.github.com/GrahamcOfBorg/601b9608c6010d9c82cf0e9535faac4b
https://gist.github.com/babaloveyou
https://www.google.com/search?client=firefox-b-1-d&q=bug+bountny+automation
https://www.reddit.com/r/bugbounty/comments/nkaz32/automation_for_bug_bounty_recon_framework/
https://github.com/dirsoooo/Recon
https://gowthams.gitbook.io/bughunter-handbook/automation
Crawlers / Crawling
https://github.com/spatie/crawler
http://www.robotstxt.org/
https://github.com/BruceDone/awesome-crawler
https://github.com/tijme/not-your-average-web-crawler
https://github.com/ghostlulzhacks/crawler
https://scotthelme.co.uk/top-1-million-analysis-march-2020/
https://crawler.ninja/
https://scotthelme.co.uk/top-1-million-analysis-march-2020/
FINISH Watching - https://www.youtube.com/watch?v=12gtkYbMGd4&t=362s
HARSHBROTHA - https://www.youtube.com/watch?v=UrdvDCb4Gz8
NOTIFY - https://www.youtube.com/watch?v=rbr7ZmBI9qs
Handle your data carefully https://www.y
outube.com/watch?v=rbr7ZmBI9qs
UserAgents
https://github.com/BbhunterOne/ReconChef/blob/main/recon.sh#L82
Screenshots
https://github.com/spatie/browsershot
# https://github.com/maaaaz/webscreenshot
https://random-robbie.github.io/bugbounty-scans/
https://buaq.net/go-99375.html
https://stackoverflow.com/questions/5258977/are-http-headers-case-sensitive?rq=1
cheatsheets
https://0xn3va.gitbook.io/cheat-sheets/
https://0xn3va.gitbook.io/cheat-sheets/web-application/http-request-smuggling
_ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( F | R | A | M | E | W | O | R | K | S )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
* reconftw -
* Reconness
* BBHT
https://github.com/hahwul/WebHackersWeapons
https://github.com/yeswehack/pwn-machine
https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
https://core.intrigue.io/
Reconness
Vajra - https://github.com/r3curs1v3-pr0xy/vajra
Hive https://hexway.io/blog/new-update-hive/
Pwnmachine
axiom
https://www.mandiant.com
https://github.com/AlexisAhmed/BugBountyToolkit
https://github.com/nahamsec/lazyrecon
https://github.com/yogeshojha/rengine/commit/cf30e98e0440424019cb2cad600892ce405f850e
https://github.com/0xInfection/TIDoS-Framework
https://buaq.net/go-249.html MooseDojo/apt2: automated penetration toolkit
_..._
.-'_..._''.
__.....__ .' .' '.\ __.....__ . _..._ .--. _..._
.-'' '. / .' .-'' '. .'| .' '. |__|.' '. .--./)
/ .-''"'-. `. . ' .-,.--. / .-''"'-. `. .| < | . .-. . .| .--. .-. ./.''\\
/ /________\ \| | | .-. / /________\ \ .' |_ | | | ' ' | .' |_ | | ' ' | | | |
_ | || | | | | | |.' | | | .'''-. _ _ | | | | .' || | | | |\`-' /
.' |\ .-------------'. ' | | | \ .-------------'--. .-' | |/.'''. \ | ' / || | | |'--. .-'| | | | |/("'`
. | | '-.____...---. \ '. .| | '- \ '-.____...---. | | | / | | .' | .' || | | | | | | | | | |\ '---.
.'.'| |//`. .' '. `._____.-'/| | `. .' | | | | | | / | / || | | | | | |__| | | | /'""'.\
.'.'.-' / `''-...... -' `-.______ / | | `''-...... -' | '.' | | | | | `'. || | | | | '.' | | | ||| ||
.' \_.' ` |_| | / | '. | '.' .'| '/ | | | | / | | | |\'. __//
`'-' '---' '---'`-' `--''--' '--' `'-' '--' '--' `'---'
Secret Hunting - Google Dorks, Git Dorks, Employee OSINT, etc
https://gist.github.com/markofu/549fbd287edf08c38e869dacc740e49de
https://github.com/aquasecurity/cloudsploit
Trufflehog https://www.youtube.com/watch?v=aioheMi1Wko
+ --- +
|Tools|
https://sapt.medium.com/perform-information-gathering-using-following-tools-on-the-given-targets-cyber-sapiens-internship-12c858166008
+Github Wiki Auditor
https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html
https://github.com/SmeegeSec/GitHub-Wiki-Auditor
https://www.kitploit.com/2022/04/gitbleedtools-for-extracting-data-from.html
https://github.com/phlmox/jslinkfinderv2
https://exposingtheinvisible.org/guides/google-dorking/ <---- huge dorking guide!
https://github.com/phlmox/bingdork
https://github.com/awslabs/git-secrets
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
https://techvomit.net/aws-security/
https://github.com/gwen001/s3-bucketsdfinder.git
https://github.com/phlmox/gdork
https://github.com/lc/secretz
https://github.com/kevthehermit/PasteHunter
+ ------ +
|Articles|
+ ------ +
* E.crack jwt - https://github.com/brendan-rius/c-jwt-cracker
Neo4j vs postgres (graphdb)
https://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/
Automation script
https://www.benteveo.kiwi/blog/automating-bug-bounties
https://github.com/AlexisAhmed/BugBountyToolkit <-- docker
https://gowthams.gitbook.io/bughunter-handbook/automation
Secret
https://www.directdefense.com/csrf-in-the-age-of-json/
https://buaq.net/go-249.html
Intentionally Vulnerable Github repo
https://github.com/shifa123/githubleak
https://wiki.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contentsfff
https://pentestbook.six2dez.com/
https://github.com/m4ll0k
https://github.com/six2dez
https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter
https://github.com/shifa123
https://www.udemy.com/course/web-application-ethical-hacking/learn/lecture/3305350?start=0#overview
VPS
https://gist.github.com/Rajchowdhury420/24fa500ebc4edbb2018860f85f93b8cf
https://hackingblogs.com/bug-bounty-builder-project-tool-use/
Beats - Lightweight shippers for Elasticsearch & Logstash
https://github.com/nicolargo/glances
https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29
https://www.udemy.com/course/learn-website-hacking-penetration-testing-from-scratch/learn/lecture/5878090?start=0#overview
Pt a website onlne https://www.youtube.com/watch?v=NQP89ish9t8
https://www.trenchesofit.com/2021/06/14/bug-bounty-vps-build/
https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29
https://github.com/AlexisAhmed/BugBountyToolkit <-- docker
### To Deploy your own
https://demo.ezxss.com/manage/dashboard
https://github.com/ssl/ezXSS/wiki/Installation
## BugBounty Programs
---
https://huntr.dev/
https://www.zerodayinitiative.com/
https://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5
https://opensourcelibs.com/lib/google-acquisitions
https://opensourcelibs.com/libs/bugbounty
List of .gov
Tatget crypto https://arlolra.github.io/otr/
https://github.com/cisagov/dotgov-data
[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.
[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.
[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)
[Security Ninja Files List](https://crawler.ninja/files/)
https://allabouttesting.org/
Todo:
https://boards.greenhouse.io/cobaltio/jobs/4141074002 <--- solve challenge
CheatSheets
https://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md
Automated Scanners
* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)
* [Dalfox](https://github.com/hahwul/dalfox)
* [XSSTrike](https://github.com/s0md3v/XSStrike)
* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)
[SSTI-XSS-Finder](https://github.com/darklotuskdb/SSTI-XSS-Finder)
* [Learn with @DarkLotusKDB: Recon with Shodan & Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)
* https://twitter.com/0xJin/status/1470748925963513863
* https://twitter.com/0xJin/status/1470748925963513863/photo/1
XXE
https://book.hacktricks.xyz/pentesting-web/xxe-xee-xml-external-entity
https://app.intigriti.com/programs/dpgm/libelle/detail
https://web-in-security.blogspot.com/2016/03/xxe-cheat-sheet.html
https://twitter.com/infosec_au/status/1340785029899698181?lang=en
https://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html
Understanding DTD-< https://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html
## Owasp Top 10
---
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/WhatsNew.html
### Clickjacking
https://lcamtuf.blogspot.com/2011/12/x-frame-options-or-solving-wrong.html
https://blog.innerht.ml/page/2/
https://hackerone.com/reports/8724
### CSRF
* https://hackerone.com/reports/44146
- 7-19-16
* [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&t=5s)
* https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/
- 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))
### XSS
Paid Services
https://findomain.app/#Pricing
## Resources
---
Params
Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state
https://hackerone.com/reports/1082847
Fuzzcon & fuzzung
https://twitter.com/hashtag/hacklu?src=hashtag_click
https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Fuzzing.md
Recoon
eiIaaefwaaa m
k
- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks
[PrettyRecon](https://prettyrecon.com/auth/signup)
### Dorks
https://ask.fm/tags/bounty
### Lists
https://github.com/payloadbox/xss-payload-list
Protips and Trips
Most of the sites use AWS nowadays...
AWS localhost is 169.254.169.254 so don't use 127.0.0.1 there!
https://sniferl4bs.com/2017/02/wallpaper-penetration-testing-and-exploit-dev-cheatsheet/
https://githubhelp.com/topic/bugbountytips
https://github.com/Excloudx6/open-redirect-payload-list
https://www.openbugbounty.org/blog/devl00p/top-100-xss-dorks/
### Githubs
---
- [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)
- [Disclose/diodb](https://github.com/disclose/diodb)
-
### Streams
[Nehamsec Twitch](https://www.twitch.tv/nahamsec)
### Twitter Tweetin'
https://twitter.com/0xMstar/status/1464658472981565444{{
https://twitter.com/0xJin/status/1470748925963513863
podcasts
https://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q
### Data
---
Bugcrowd Subdomain Enumeration https://www.youtube.com/watch?v=La3iWKRX-tE
CVE-2019-11510 Detail
/dana-na
## CVE/CVD
---
CVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx
- https://vuls.cert.org/confluence/display/CVD/Executive+Summary
- https://vuls.cert.org/confluence/display/CVD/Sightings
https://github.com/detectify/cs-challenge
https://github.com/r3curs1v3-pr0xy
https://notsosecure.com/resources
https://reconshell.com/bug-bounty-tips/
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Subdomains%20Enumeration.md
[Insecure Deserialization Part 1](https://www.youtube.com/watch?v=SNi7gNkfLSM)
[Insecure Deserialization part 3](https://www.youtube.com/watch?v=icAKHE-iKOs)
https://secoceans.com/blog-2/
https://portswigger.net/research
https://portswigger.net/blog
https://portswigger.net/news
https://portswigger.net/daily-swig
courses
https://www.udemy.com/course/penetration-testing-bug-bounty-hunting-level-2-hacktify/
https://spongebhav.medium.com/facebook-group-members-disclosure-e53eb83df39e
https://github.com/six2dez/talks/blob/main/Gotta_ENG.pdf
packets
https://www.kitploit.com/2018/08/polymorph-real-time-network-packet.html
Automation
https://gowthams.gitbook.io/bughunter-handbook/automation
[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)
https://pentestbook.six2dez.com/
https://github.com/m4ll0k
https://github.com/six2dez
https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter
https://github.com/shifa123
Writeups
## BugBounty Programs
---
https://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5
https://opensourcelibs.com/lib/google-acquisitions
https://opensourcelibs.com/libs/bugbounty
List of .gov
https://github.com/cisagov/dotgov-data
[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.
[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.
[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)
[Security Ninja Files List](https://crawler.ninja/files/)
https://allabouttesting.org/
CheatSheets
https://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md
### Z
Zap
https://github.com/sepehrdaddev/zap-scripts/fork
https://www.zaproxy.org/authors/thorin/
https://github.com/zaproxy/zap-extensions
Frameworks
https://core.intrigue.io/
Reconness
Pwnmachine
axiom
https://www.mandiant.com/
https://trickest.com/
(https://github.com/Findomain/Findomain/releases)
* [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)
* https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring
Automated Scanners
* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)
* [Dalfox](https://github.com/hahwul/dalfox)
* [XSSTrike](https://github.com/s0md3v/XSStrike)
* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)
[SSTI-XSS-Finder](https://github.com/darklotuskdb/SSTI-XSS-Finder)
* [Learn with @DarkLotusKDB: Recon with Shodan & Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)
* https://twitter.com/0xJin/status/1470748925963513863
* https://twitter.com/0xJin/status/1470748925963513863/photo/1
## Owasp Top 10
---
### Clickjacking
https://hackerone.com/reports/8724
### CSRF
* https://hackerone.com/reports/44146
- 7-19-16
* [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&t=5s)
* https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/
- 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))
### XSS
Paid Services
https://findomain.app/#Pricing
## Resources
---
[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)
How to view someones IP address and connection speed! https://www.youtube.com/watch?v=SXmv8quf_xM
Recoon
eiIaaefwaaa m
k
- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks
[PrettyRecon](https://prettyrecon.com/auth/signup)
### Dorks
https://ask.fm/tags/bounty
### Lists
https://github.com/payloadbox/xss-payload-list
### Githubs
---
- [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)
- [Disclose/diodb](https://github.com/disclose/diodb)
-
Active Directory
Penttesting Active Directory https://www.xmind.net/m/5dypm8/a
https://adsecurity.org/
### Streams
[Nehamsec Twitch](https://www.twitch.tv/nahamsec)
Live Bug Bounty Hunting Speedbiker https://www.youtube.com/watch?v=9W94AKLc5g8
### Twitter Tweetin'
https://twitter.com/samwcyo/status/1529888063576584202
https://twitter.com/sshell_
https://mobile.twitter.com/TechnoTimLive Devops tweets
https://mobile.twitter.com/drunkrhin0/status/1344130729320435712
https://twitter.com/0xMstar/status/1464658472981565444{{
https://twitter.com/0xJin/status/1470748925963513863
podcasts
https://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q
### Data
---
* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)
CVE-2019-11510 Detail
/dana-na
## CVE/CVD
---
CVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx
- https://vuls.cert.org/confluence/display/CVD/Executive+Summary
- https://vuls.cert.org/confluence/display/CVD/Sightings
https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods
https://opensourcelibs.com/lib/google-acquisitions
Reverse shells
https://github.com/wwkenwong/Pentest-note
https://github.com/tehryanx?tab=repositories
https://github.com/sawzeeyy/Sanitiz3r
https://buaq.net/go-249.html
s
(https://github.com/Findomain/Findomain/releases)
* [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)
* https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring
https://github.com/D35m0nd142/LFISuite
https://hub.docker.com/u/secsi
tips
adminphpfinder
https://linux
security.expert/tools/admin-page-finder-php/
Wig
https://linuxsecurity.expert/tools/wig/
xxxzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzxΩxxxxxxxxxxx≈≈
BlindElephant
https://linuxsecurity.expert/tools/blindelephant/alternatives/
https://ronak-9889.medium.com/denial-of-service-using-cookie-bombing-55c2d0ef808c
IOT
https://www.youtube.com/watch?v=AKoyZLibIeo
Raw
BBP
Private Programs
BBP (Bug Bounty Programs!)
https://github.com/Excloudx6/KingRecon_DOD
https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt
Geico
https://jsfiddle.net/ruevaughn/2mnq5vgf/9/
https://github.com/detectify/cs-challenge
'https://github.com/projectdiscovery/public-bugbounty-programs
https://app.intigriti.com/programs/redbull/redbull/detailhttps://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138
https://huntr.dev/
https://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138
https://support.google.com/websearch/answer/2466433?hl=en
Dutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c
https://gist.github.com/haxcited/e684df7f9ec210867d25f7ccac22c1d5
https://github.com/B3nac/Android-Reports-and-Resources
https://hackerone.com/alipay?type=team
https://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html
https://github.com/The-Art-of-Hacking/h4cker
Disclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team
* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)
Raw
Burp
Good Information https://yw9381.github.io/Burp_Suite_Doc_en_us/burp/documentation/desktop/tools/proxy/options/index.html
Burp Extension https://parsiya.net/blog/2019-04-06-hiding-options-an-adventure-in-dealing-with-burp-proxy-in-an-extension/
Send any traffic through burp. https://github.com/jrmdev/mitm_relay
https://github.com/fuzz-security
https://www.kitploit.com/2022/06/mitmintercept-little-bit-less-hackish.html
https://youtu.be/cqM-MdPkaWo?t=412 <--- Burp Find and Replace rule to do vhost hopping
https://github.com/w0ot-net/ParamScraper
https://stackoverflow.com/questions/tagged/burp?tab=Votes
https://securityzines.gumroad.com/l/burp-plugin-dev
todo
https://www.youtube.com/watch?v=sNtxbv7nxJA&t=32s
https://github.com/mdsecresearch/BurpSuiteSharpener
https://burpbounty.net/burp-bounty-ekoparty-2020/
https://parsiya.net/blog/2019-04-06-hiding-options-an-adventure-in-dealing-with-burp-proxy-in-an-extension/
https://hakin9.org/blind-xss-in-practice-advanced-bug-hunting-with-burp-suite-tutorial-free-course-content/
https://www.youtube.com/watch?v=KoaSRi3tmck
https://www.youtube.com/watch?v=35jw4dJtRz0&t=230s
#Eko2020 Bounty Hunters | Eduardo Garcia Melia: Burp Bounty - Scan Check Builder https://www.youtube.com/watch?v=t4caslqATi8
https://tryhackme.com/room/burpsuitebasics
https://mrxn.net/?tag=burpsuite
https://github.com/topics/burp-extensions
https://www.youtube.com/watch?time_continue=11&v=35jw4dJtRz0&feature=emb_logo
https://https://www.youtube.com/watch?time_continue=11&v=35jw4dJtRz0&feature=emb_logogithub.com/Mr-xn/BurpSuite-collections
https://github.com/volkandindar/agartha
https://twitter.com/Pethuraj/status/1530773159355379712?cxt=HBwWgMCjsf-Es74qAAAA&cn=ZmxleGlibGVfcmVjcw%3D%3D&refsrc=email
https://github.com/BurpsuiteExtensions
https://github.com/Team-Firebugs/Burp-LFI-tests
https://github.com/1N3/IntruderPayloads
2018 Burp Hacks for Bounty Hunters - James Kettle shares his setup - https://www.youtube.com/watch?v=boHIjDHGmIo
BUG BOUNTY :- Burp Suite Bug Bounty Web Hacking learn from Scratch :- Complete Burp Suite Tutorial https://www.youtube.com/watch?v=AH1UcYwxKak
https://www.secureideas.com/blog/2015/08/introducing-burp-correlator.html\
https://github.com/redhuntlabs/BurpSuite-Asset_Discover
https://github.com/m4ll0k/SecretFinder/tree/master/BurpSuite-SecretFinder
https://www.secureideas.com/blog/2015/05/tip-running-burpsuite-on-mac.html
https://osxdaily.com/2013/06/04/change-icon-mac/
https://github.com/elkokc/reflector
https://github.com/snoopysecurity/awesome-burp-extensions
https://portwswigger.net/burp/documentation/desktop/functions/generate-csrf-poc
Jamies Kettle burp
https://youtu.be/boHIjDHGmIo?t=204
[http pippelining in burp](https://youtu.be/boHIjDHGmIo?t=204)
[Wordlists in burp](https://youtu.be/boHIjDHGmIo?t=378)
[Grep Extract w intruder](https://youtu.be/boHIjDHGmIo?t=427)
[Adding your own active scan check](https://youtu.be/boHIjDHGmIo?t=543)
https://import.cdn.thinkific.com/359809/BurpsuiteResourcePDF-201107-173314.pdf
https://portswigger.net/burp/pro/video-tutorials?utm_source=burp_suite_professional&utm_medium=embedded_browser&utm_campaign=burp_support
Burp
https://portswigger.net/blog/burp-suite-professional-feature-roundup
https://portswigger.net/news
https://youtu.be/rbr7ZmBI9qs?t=278
https://www.hahwul.com/2019/12/29/run-other-application-on-burp-suiteburp/
https://github.com/PortSwigger
Burp api Tip https://youtu.be/5qSq1S2sRC8?t=731
[Burp Active Scan by Jason Haddix]
He runs an [Active Scan using burp suite](https://youtu.be/uKWu6yhnhbQ?t=4370). He toggles 50 threads, see link for more.
Burp
https://infosecwriteups.com/leveraging-burp-suite-extension-for-finding-http-request-smuggling-2c0b5321f06d
burp etc https://www.youtube.com/playlist?list=PL8j1j35M7wtI4IvNS7ItrM8dTYXx2nYfX
echo "Burp Extensions" && echo "Burp Extension Basic Auth Decoder Bypass: https://learn.hacktify.in/courses/take/hacktify-special-chapter-1/downloads/25003636-burpsuite-decode-basic-auth-extension" >> $README
curl https://import.cdn.thinkific.com/359809/courses/1386931/firstextension-210608-160308.py -o $HOME/basic-auth-decoder.py
Burp Extensions
https://github.com/CoreyD97?tab=repositorwies
https://github.com/xnl-h4ck3r/burp-extensions/fork
https://github.com/xnl-h4ck3r/burp-extensions
https://www.kitploit.com/2019/08/iprotate-extension-for-burp-suite-which.html
https://github.com/InitRoot/BurpJSLinkFinder
https://bugbountyforum.com/tools/proxy-plugins/ Burp
https://github.com/arbazkiraak/BurpBLH Burp
https://github.com/0xDexter0us/Scavenger
https://github.com/danielthatcher/spydom <--- the postmessage alerts that burp is always complaining about, use this to view them.
Building an extension resources
*---> https://github.com/w0ot-net/ParamScraper/blob/master/ParamScraper.py
#### Burp
Burp Cheat Sheet https://www.sans.org/posters/burp-suite-cheat-sheet/
https://www.hackingarticles.in/burp-suite-for-pentester-burps-project-management/
https://github.com/Net-hunter121/API-Wordlist#usage <----- hack apis with burp
[Autorize](https://youtu.be/5qSq1S2sRC8?t=852)
https://www.kitploit.com/2022/05/graphql-threat-matrix-graphql-threat.html
inQL graphql Burp Extension for burp [here](https://youtu.be/5qSq1S2sRC8?t=753)
Extender
https://www.trenchesofit.com/2022/01/16/burp-suite-custom-parameter-handler/
Burp
https://github.com/nccgroup/BurpSuiteHTTPSmuggler
https://portswigger.net/burp/documentation/collaborator/deploying
https://import.cdn.thinkific.com/359809/BurpsuiteResourcePDF-201107-173314.pdf
https://portswigger.net/blog/burp-suite-professional-feature-roundup
My Burp Extensions
https://portswigger.net/bappstore/aaaa60ef945341e8a450217a54a11646
https://github.com/nccgroup/WCFDSer-ng
https://github.com/GoSecure/csp-auditor
https://github.com/SmeegeSec/Burp-Importer
Flow by Marcin Woloszyn
https://www.hackingarticles.in/burp-suite-for-pentester-burps-project-management/
https://kalilinuxtutorials.com/nuclei-burp-plugin/
oast testin g
https://portswigger.net/burp/application-security-testing/oast
https://www.udemy.com/course/web-application-ethical-hacking/learn/lecture/3305350?start=0#overview
https://portswigger.net/blog/a-modern-elastic-design-for-burp-collaborator-server
https://portswigger.net/blog/burp-suite-roadmap-for-2022
https://portswigger.net/blog/burp-suite-certification-prices-hacked-for-black-friday
https://portswigger.net/blog/the-mystery-of-the-missing-mac-release
Burp Documentation https://portswigger.net/burp/documentation/desktop/functions/generate-csrf-poc
#### [Burp](https://gist.github.com/ruevaughn/a6da987379f5593d0ab4a878fe1b6baf/575fd3933296ea1eb734fe4e69bd99a01c6d425e#file-burp-L2)
**https://apps.burpsuite.guide/**
**https://securityzines.com/flyers/burp.html**
Burp api Tip https://youtu.be/5qSq1S2sRC8?t=731
https://github.com/InitRoot/BurpJSLinkFinder
https://github.com/tristanlatr/burpa
https://github.com/mdsecresearch/BurpSuiteSharpener
Raw
ZAP and other proxies
Use Charles PRoxy to Reverse Engiener an IOS APp https://www.youtube.com/watch?v=cvvPLlP4518&feature=emb_logo
List of API Requests in Charles https://youtu.be/cvvPLlP4518?t=682
Zap videos By Hawhul
https://www.youtube.com/watch?v=GK46fsCL7kk
python cors_scan.py -u example.com -p http://127.0.0.1:8080 # To use socks5 proxy, install PySocks with pip install PySocks
https://www.zaproxy.org/docs/developer/quick-start-build/
Zap Website
https://www.zaproxy.org/docs/docker/about/
Zap Scripts - https://github.com/sepehrdaddev/zap-scripts
Zap Extensin Wiki - https://github.com/zaproxy/zap-extensions/wiki
https://www.charlesproxy.com/
torsocks proxy torsocks gitls -l user.list) or -tor op
https://www.kitploit.com/2022/06/mitmintercept-little-bit-less-hackish.html
https://www.telerik.com/fiddler
http://tinyproxy.github.io/
https://unix.stackexchange.com/questions/36627/how-to-telnet-via-proxy-authentication
https://mitmproxy.org/
https://github.com/abhinavsingh/proxy.py
https://blog.intigriti.com/2021/05/05/bug-bytes-121-free-burp-collaborator-alternative-hacking-chrome-extensions-28k-facebook-oauth-account-takeover/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment