{"uuid": "f199664a-44a1-4ba0-828c-bf600d7bef60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21985", "type": "seen", "source": "https://gist.github.com/morisono/78359e46c5369d24622657f014c7fa5d", "content": "                         \u2554\u2566\u2557\u2566 \u2566  \u2554\u2557 \u252c \u252c\u250c\u2500\u2510  \u2554\u2557 \u250c\u2500\u2510\u252c \u252c\u250c\u2510\u250c\u252c\u2510\u252c \u252c  \u2566\u2550\u2557\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u252c \u252c\u252c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\u250c\u2500\u2510\n                         \u2551\u2551\u2551\u255a\u2566\u255d  \u2560\u2569\u2557\u2502 \u2502\u2502 \u252c  \u2560\u2569\u2557\u2502 \u2502\u2502 \u2502\u2502\u2502\u2502\u2502 \u2514\u252c\u2518  \u2560\u2566\u255d\u251c\u2524 \u2514\u2500\u2510\u2502 \u2502\u2502 \u2502\u251c\u252c\u2518\u2502  \u251c\u2524 \u2514\u2500\u2510\n                         \u2569 \u2569 \u2569   \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518  \u255a\u2550\u255d\u2514\u2500\u2518\u2514\u2500\u2518\u2518\u2514\u2518\u2534  \u2534   \u2569\u255a\u2550\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\u2534\u2514\u2500\u2514\u2500\u2518\u2514\u2500\u2518\u2514\u2500\u2518\n                                          \n                                           //\n                              ()==========&gt;&gt;======================================--\n                                           \\\\\n\n\n2FA Bypass\n  2fa bypass Mindmap https://www.mindmeister.com/1736437018?t=SEeZOmvt01 \n  2fa Bypass Methods https://workbook.securityboat.in/resources/web-app-pentest/business-logic-vulnerabilities/2fa-bypass\n\nAccount Takeovers\n  https://medium.com/@bathinivijaysimhareddy/tale-of-account-takeovers-part-2-9abf62de4ca3\n  https://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\n\nAdminPanelFinder\n  \nadminphpfinder\nhttps://linux\nsecurity.expert/tools/admin-page-finder-php/\nAPI Security\n  https://www.cloudflare.com/learning/security/api/owasp-api-security-top-10/\n  Shadowe apis https://www.cloudflare.com/learning/access-management/what-is-shadow-it/\n  \nApi Keys\n  https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n\nAPI Hacking \nhttps://github.com/microsoft/restler-fuzzer\nhttps://github.com/hAPI-hacker/Hacking-APIs/fork\n\nAmass\n  https://securityweekly.com/wp-content/uploads/2021/05/AmassTechSegment-0.pdf\n\nAmass Scripting\\\nhttps://github.com/OWASP/Amass/tree/master/resources/scripts\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\namass scripting https://youtu.be/H1wdBgY1rtg?t=4987\n\n  Bug Bounty for Beginners Stream#4:AMASS, Subfinder, FFUF  https://www.youtube.com/watch?v=27zMfcr2fPE\n  https://hackbotone.com/blog/amass-osint-reconnaissance-tool/ \n  https://hakluke.medium.com/haklukes-guide-to-amass-how-to-use-amass-more-effectively-for-bug-bounties-7c37570b83f7\n  https://securityonline.info/amass-subdomain-enumeration/\n  https://github.com/OWASP/Amass/releases\n\nhttps://twitter.com/jeff_foley\n\nhttps://github.com/OWASP/Amass/blob/master/doc/scripting.md\nhttps://github.com/OWASP/Amass\nhttps://gist.github.com/sillydadddy/b1726c8e8ce281d55b82d4e2a1a610e8\nhttps://twitter.com/dokkillo/status/1305566849514471424\nhttps://github.com/PatrikFehrenbach/amass-tools/blob/master/assetfinder.ads\nhttps://github.com/OWASP/Amass#top-mentions\namass enum script command https://youtu.be/H1wdBgY1rtg?t=5408\nExample of api key configuration https://www.hahwul.com/2020/09/23/amass-go-deep-in-the-sea-with-free-apis/#chaos\n[31:33 / 1:56:06]\n[How to Use Amass Efficiently by @jeff_foley #NahamCon2020](https://youtu.be/H1wdBgY1rtg?t=1974)\n[OWASP AMass Boot Camp by Jeff Foley (Caffix)](https://www.youtube.com/watch?v=OOurkCPf2-I) \nAmass Tutorial https://github.com/OWASP/Amass/blob/master/doc/tutorial.md\nhttps://github.com/vortexau/dnsvalidator\nhttps://twitter.com/owaspamass\n\nAndroid\n  https://github.com/dzmitry-savitski/android-pentest-tool\n\nAngularJS\n  https://github.com/snoopysecurity/Public/blob/master/Old%20Presentations/MWRICON%202018/README.md\n  \nAuthentication Bypass Vulnerabilities\n\nAscii \n  https://github.com/heldersepu/hs-scripts/blob/master/ascii.txt\nAsset Monitoring  \n  https://github.com/ruevaughn/assetnote\n  https://github.com/yeswehack/pwn-machine\n  https://github.com/robre/jsmon\n\nAPI Hacking\n  https://github.com/Excloudx6/31-days-of-API-Security-Tips\n  https://gist.github.com/ruevaughn/51048bccdc753596443eca95cbf39356\n  https://apexvicky.medium.com/top-10-api-bugs-where-to-find-them-5dac338b3d73\n  https://attacker-codeninja.github.io/2021-08-28-Hacking-APIs-notes-from-bug-bounty-bootcamp/\n  https://dfir.blog/unfurl/\n  https://www.slideshare.net/programmableweb/why-api-security-is-more-complicated-than-you-think-and-why-its-your-1-priority\n  \nAmazon Cognito\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html\nhttps://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/CommonParameters.html\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf \n  https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n\nBlockchain\n  https://hash.ai/@b/uniswap\n  https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b\n  https://github.com/ruby/webrick/blob/master/lib/webrick/httprequest.rb }9\n  https://twitter.com/0xAsm0d3us/status/1438149310080712709 cdC\n\n\nBlogs\n  https://respectxss.blogspot.com/\n\nBrowsers\n  Save multiple pages as a single html page https://github.com/gildas-lormeau/SingleFile\n  https://bughacking.com/best-browsers-for-hackers/\n  https://hackaday.com/2022/01/17/hack-the-web-without-a-browser/\n  https://woob.tech/\n  https://github.com/moonD4rk/HackBrowserData\n  https://resources.infosecinstitute.com/topic/ethical-hacking-top-10-browser-extensions-for-hacking/\n  https://github.com/Excloudx6/browser-compat-data\n  https://httpwg.org/specs/rfc7230.html#header.transfer-encoding\n  https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name\n  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length\n  https://stackoverflow.com/questions/978061/http-get-with-request-body?rq=1\n  https://datatracker.ietf.org/doc/html/rfc7230\n  https://groups.yahoo.com/neo/groups/rest-discuss/conversations/messages/9962\n  https://www.ietf.org/rfc/rfc2119.txt\n  https://www.elastic.co/guide/en/elasticsearch/guide/current/_empty_search.html\n  https://www.concise-courses.com/hacking-tools/web-browser-related-tools/\n  \nEthereum Hacking\nhttps://github.com/NafisiAslH/KnowledgeSharing\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n https://twitter.com/CyberWarship/sta tus/1533710785914056705\n https://github.com/heldersepu/hs-scripts/blob/master/NodeJS/web3/VestingERC20.js\n \nBroken Access Control - https://cwe.mitre.org/data/definitions/1345.html\nBusines Logic\nhttps://shahmeeramir.com/breaking-the-web-with-logics-ce22e8a9c4e2\nBrowser Extensions - Chrome\n  Collusion - https://chrome.google.com/webstore/search/collusion\n  DotGit - https://chrome.google.com/webstore/detail/dotgit/pampamgoihgcedonnphgehgondkhikel?hl=en\n  Trufflehog https://chrome.google.com/webstore/detail/trufflehog/bafhdnhjnlcdbjcdcnafhdcphhnfnhjc\n  Tracy - https://github.com/nccgroup/tracy/wiki/Example-Workflows\n  \nBrowser Extensions - Firefox\n  Cookie Editor - https://addons.mozilla.org/en-US/firefox/addon/cookie-editor/\n  Bulk URL Opener - https://addons.mozilla.org/en-GB/firefox/addon/bulkurlopener/\n  Hacktoolshttps://addons.mozilla.org/en-US/firefox/addon/hacktools/\n  Tracy https://github.com/nccgroup/tracy/wiki/Example-Workflows\n\nBug Bounty Programs\n  https://blog.bugzero.io/bug-zero-is-going-to-pay-your-security-bill-for-2022-4b6396e2ee48\n  Bulk Load Programs https://gist.github.com/brevityinmotion/b86f7475d4cd2790003326a4d3a528ba\n  Google Acquisitions   https://opensourcelibs.com/lib/google-acquisitions\n  https://github.com/The-Art-of-Hacking/h4cker/tree/master/bug-bounties#bug-bounty-platforms\n  Discovery Header DoD - https://github.com/KingOfBugbounty/Discovery-Header-Bug-Bounty\n  King Recon DoD - https://github.com/KingOfBugbounty/KingRecon_DOD\n  Bentley Bug Bounty Program - https://www.bentley.com/en/products\n  https://lostsoulofawolf.medium.com/bug-bounty-how-to-get-private-invites-60062a5d0809\n  https://github.com/Hack-with-Github\n  Shopify\n    https://www.hulkapps.com/\n  BBP (Bug Bounty Programs!)\n  https://github.com/Excloudx6/KingRecon_DOD\n  https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  https://jsfiddle.net/ruevaughn/2mnq5vgf/9/\n  https://github.com/detectify/cs-challenge\n  https://github.com/projectdiscovery/public-bugbounty-programs\n  https://app.intigriti.com/programs/redbull/redbull/detailhttps://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://huntr.dev/\n  https://gist.github.com/ruevaughn/a365c7100f8dce26e550e2e3e239e138\n  https://support.google.com/websearch/answer/2466433?hl=en\n  Dutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\n  https://gist.github.com/haxcited/e684df7f9ec210867d25f7ccac22c1d5\n  https://github.com/B3nac/Android-Reports-and-Resources\n  https://hackerone.com/alipay?type=team\n  https://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n  https://github.com/The-Art-of-Hacking/h4cker  \n  Disclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n  Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n  Open Bug Bounty - openbugbounty.com\n\nBurp Collaborator ALternatives\n  https://github.com/anshumanbh/terraform-burp-collaborator\nhttps://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/honoki/wilson-cloud-respwnder\n  Interactsh\n    https://github.com/4ARMED/interactsh\nBlogs\n  https://www.veracode.com/blog?utm_source=lpFooter&amp;utm_medium=Website\n  http://10degres.net/posts/\n  https://www.secureideas.com/blog\n  \nBrute Forcing\n  Brutesubs\n    https://github.com/anshumanbh/brutesubs\n      https://github.com/anshumanbh/brutesubs/compare/master...exploitprotocol:brutesubs:master\n      https://github.com/APTreat/brutesubs\n      https://github.com/janmasarik/brutesubs\n      https://github.com/RyanLongVA/brutesubs\n     \nChaining Vulnerabilites\n   2022-style OAuth account takeover on Facebook - $45,000 bug bounty  https://www.youtube.com/watch?v=pk7oYuz4x0Q\n  \nCertificate Transparancy\nhttps://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate/\nhttps://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.12\n   Attack Surface Management Series - EP1 - Certificate Transparency (In under 10 mins) - https://www.youtube.com/ watch?v=MGQ1GqmixY0\n\nCanaryTokens\nhttps://canarytokens.org/generate\n\nCerticiates\n  https://github.com/Echocipher/HackeroneSpider\nChecklists\n\nCheatsheet\nhttps://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet\nhttps://github.com/dgtlmoon/changedetection.io\n#### CVE\n\nCode Review\nhttps://www.youtube.com/watch?v=q5NqY2RRLj0\nhttps://www.youtube.com/watch?v=bfLQjZmD5jY&amp;feature=youtu.be\n\nCookie \nCSRF Tokens\n  https://www.veracode.com/security/csrf-token\n  \nCors\n  csors https://chawdamrunal.medium.com/insecure-cors-configuration-808437d7cfd7\n  python cors_scan.py -u example.com -p http://127.0.0.1:8080 # To use socks5 proxy, install PySocks with pip install \n  https://jakearchibald.com/2021/cors/playground/\n  \nCSP https://www.keycdn.com/support/content-security-policy  \nhttps://www.bloggersideas.com/cspisawesome/\nhttps://content-security-policy.com/\n\nCourses \n  https://web.stanford.edu/class/cs253/\n  Nehamsec Udemy Course https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec/\n  \nCharacter Encodings\nhttps://stat545.com/character-encoding.html\n\nCharles Proxy\n  Use Charles Proxy to Reverse Engiener an IOS App https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n\nChecklists \n  https://pentestbook.six2dez.com/others/web-checklist\n  https://github.com/zactly/handouts/blob/master/generic_checks.md\n  https://linuxsecurity.expert/checklists/\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n  https://github.com/zactly/handouts/blob/master/example_template.md\n  https://github.com/zactly/handouts/blob/master/conferences/locomocosec22/notes.md \n  https://github.com/AnLoMinus/Bug-Bounty/tree/main/Checklist/Web%20App\n  https://github.com/security-checklist/php-security-check-list\n  https://apexvicky.medium.com/bug-bounty-methodology-web-vulnerabilities-checklist-86175dd29987\n\nCheckout \n  https://0day.hu/\n\nCheatsheets\n  https://pentester.land/cheatsheets\n  https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html\n  https://pentester.land/cheatsheets/2019/04/15/recon-resources.html\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  \n  https://securityzines.com/#comics \n  https://github.com/EdOverflow/bugbounty-cheatsheet\n  https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html\n  \nCloud Hacking \n  https://github.com/janmasarik/generate-bucketnames\n  https://github.com/janmasarik/GCPBucketBrute\n  https://github.com/avicoder/notes/tree/master/Cloud\n  https://github.com/avicoder/notes\n  Pwned Cloud Society pdf https://www.slideshare.net/BryceKunz/pwned-cloud-society-bsidesslc-2017?from_action=save\n  Cloud Hacking  https://www.youtube.com/watch?v=ITSZ8743MUk\n  https://www.cloudvulndb.org/\nhttps://github.com/jordanpotti/CloudScraper \nhttps://github.com/appsecco/spaces-finder\n\nCode Review\n  https://raw.githubusercontent.com/zactly/handouts/master/Practical%20Secure%20Code%20Review%20-%20Whitepaper.pdf\n\nCodeql\n\nCookies\n  https://datatracker.ietf.org/doc/html/rfc6265#section-5.3w\n  https://github.com/jshttp/cookie\n\nCryptography\n  http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html#sfmt\n\nCTFs\nhttps://github.com/SecurityInnovation/Smart-Contract-CTF\n  Stripe ctf https://gist.github.com/evandrix/1901352\n  \nCWE \n  CWE-548: Exposure of Information Through Directory Listing -  https://cwe.mitre.org/data/definitions/548.html\n\n  Default creds \n    https://github.com/Viralmaniar/Passhunt\nDirectory Listing\n  Konan branch ofDeepsearch  https://github.com/rkreddypandu/Konan\n  deepsearch https://github.com/prosecurity/DeepSearch\n  Dirb  https://techyrick.com/dirb/\n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=254 \n  http://projects.webappsec.org/w/page/13246922/Directory%20Indexing\n\nDjango \n  https://blog.sonarsource.com/disclosing-information-with-a-side-channel-in-django/?utm_source=twitter&amp;utm_medium=social&amp;utm_campaign=djangodictsort&amp;utm_content=security&amp;utm_term=mofu\n  \ndns Rebinding \n  https://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nDorks\n  https://github.com/random-robbie/bugbountydork/fork\n  Aline - Dork Automator CLI - https://github.com/ferreiraklet/Aline\n  Brtwitter dork: https://mobile.twitter.com/i/events/1417062625997991936\n  https://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\n  Shifa123 BugBounty Dorks https://github.com/shifa123/bugbountyDorks/blob/master/bbdorks\n  Goop https://github.com/s0md3v/goop\n  Go-Dork \n    https://github.com/dwisiswant0/go-dork\n    https://github.com/dwisiswant0/go-dork/compare/master...babaloveyou:go-dork:master\n  https://bxmbn.medium.com/ultimate-tips-and-tricks-to-find-more-cross-site-scripting-vulnerabilities-d2913765e2d5\n  Open Bug Bounty Targets https://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n  uDork https://github.com/m3n0sd0n4ld/uDork\n  \nffuf\n  How to Ffuf https://www.bugcrowd.com/blog/how-to-ffuf-with-codingo/\n  How to use ffuf - Hacker Toolbox https://www.youtube.com/watch?v=aN3Nayvd7FU\n  Fuzzing / FFUF -&gt; 5-30-22 Nehamssec stream covered fuzzing A LOT https://www.twitch.tv/videos/1312499916\n  Protips ffuf - tips and tricks https://www.youtube.com/watch?v=uwcRBSUl8e4&amp;t=358s\n  Late to the party, or, in other words massive web enumeration using ffuf. http://0entropy.blogspot.com/2020/05/late-to-party-or-in-other-words-massive.html\n  https://gowthams.gitbook.io/bughunter-handbook/fuzzing-fuff\n  https://0xmahmoudjo0.medium.com/how-i-found-multiple-sql-injection-with-ffuf-and-sqlmap-in-a-few-minutes-9c3bb3780e8f\n \n Fingerprinting\n   Fingerpint JS https://github.com/fingerprintjs/fingerprintjs\n   Whatweb\n   Wappalyze\n   Webanalyze\n   \nFrameworks\n  axiom \n    https://github.com/pry0cc/axiom\n    https://github.com/pry0cc/axiom/blob/master/images/provisioners/default.json\n  BBRF Client - https://github.com/honoki/bbrf-client\n  BugBounty Toolkit - Hackersploit Framework - https://github.com/AlexisAhmed/BugBountyToolkit\n  Findomain https://github.com/Findomain/Findomain\n  Hive https://hexway.io/blog/new-update-hive/\n  Intrigue \n    https://core.intrigue.io/\n    https://core.intrigue.io/getting-started/\n  LazyRecon - https://github.com/nahamsec/lazyrecon\n  Mandiant - Web GUI Take decisive action with industry-leading intelligence  https://www.mandiant.com\n  MooseDojo - apt2 - Pentesters Framework nmap centered \n    apt2 https://buaq.net/go-249.html  \n    apt2 MooseDojo/apt2: automated penetration toolkit   \n\n  Nerve \n    https://github.com/PaytmLabs/nerve\n  Osmedeus \n    https://docs.osmedeus.org/workflow/default-workflow/\n    https://github.com/j3ssie/osmedeus \n    https://xploitlab.com/osmedeus-the-most-complete-reconnaissance-tool-and-vulnerability-scanning/\n    https://docs.osmedeus.org/web-ui/ \n    https://github.com/osmedeus/osmedeus-workflow/blob/main/general/subdomain.yaml \n    https://discord.com/invite/mtQG2FQsYA \n    https://docs.osmedeus.org/installation/practical-usage\n    https://docs.osmedeus.org/workflow/\n  Pwn Machine https://github.com/yeswehack/pwn-machine  \n  \n  ReconFTW - https://github.com/six2dez/reconftw\n  Recon NG\n    https://github.com/anshumanbh/domain\n    https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n    Github https://github.com/lanmaster53/recon-ng \n    Welcome to the Recon-ng Marketplace https://github.com/lanmaster53/recon-ng-marketplace\n    API Key list   https://github.com/lanmaster53/recon-ng-marketplace/wiki/API-Keys\n    Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  Reconness - https://github.com/reconness/reconness\n  Rengine - \n    https://github.com/yogeshojha/rengine\n    https://github.com/yogeshojha/rengine/commit/cf30e98e0440424019cb2cad600892ce405f850e\n    Default Config Engine Yaml file https://raw.githubusercontent.com/yogeshojha/rengine/master/default_yaml_config.yaml\n  Sniper - https://github.com/1N3/Sn1per\n  TIDoS Framework https://github.com/0xInfection/TIDoS-Framework\n  Trickest https://www.youtube.com/watch?v=fXwWinE0sSg\n  Vajra - https://github.com/r3curs1v3-pr0xy/vajra\n  WebhackerWeapons https://github.com/hahwul/WebHackersWeapons\n\nFreq\n  Removes unnecesary output and only outputs happy (for us) path https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by Realgoose. Adds a User-Agent bxss as well as robots.txt sprayer check https://github.com/takshal/freq/compare/main...RealGoose:freq:main\n  Removed unnecesary output https://github.com/takshal/freq/compare/main...dmonteirosouza:freq:main\n  Fork by kg11102 KaioGomes. Adds User-Agent firefox and Referrer Header check. Changes alert check. Ignored expired SSL Cert (Probably to skip errors) https://github.com/takshal/freq/compare/main...kg1102:freq:main\n  \n  \nGatsby\nhttps://www.gatsbyjs.com/docs/conceptual/security-in-gatsby/#key-security\nhttps://www.gatsbyjs.com/blog/2019-04-06-security-for-modern-web-frameworks/\n\nGit/Source Code Secret Finding\nhttps://github.com/auth0/repo-supervisor\nhttps://blog.gitleaks.io/finding-secrets-with-regular-expressions-d90493bb3784\n  https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning \n  https://github.com/takshal/Git-Finder \n  https://tillsongalloway.com/finding-sensitive-information-on-github/\n  https://secapps.com/tutorials/github-gist-recon\n  http://10degres.net/github-tools-collection/\n  https:// docs.github.com/en/rest/search\n  git-all-secrets\n    https://github.com/mhmdiaa/git-all-secrets\n    https://github.com/anshumanbh/git-all-secrets\n  https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf\n  https://github.com/koto/gitpillage\n  https://github.com/hisxo/gitGraber\n  https://github.com/gwen001/github-search\n  https://github.com/darkseed/gitpillage\n  Tools to Get sensitive info / secrets from https://twitter.com/soaj1664ashar/status/1176769454035939328\n  https://github.com/trufflesecurity/trufflehog\n  Why Exposed API Keys and Sensitive Data are Growing Cause for Concern https://www.programmableweb.com/news/why-exposed-api-keys-and-sensitive-data-are-growing-cause-concern/analysis/2015/01/05\n  Secret Hunting - Google Dorks, Git Dorks, Employee OSINT, etc\n  https://gist.github.com/markofu/549fbd287edf08c38e869dacc740e49de\n  https://github.com/aquasecurity/cloudsploit  \n  Trufflehog https://www.youtube.com/watch?v=aioheMi1Wko\n  https://sapt.medium.com/perform-information-gathering-using-following-tools-on-the-given-targets-cyber-sapiens-internship-12c858166008\n  +Github Wiki Auditor https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html\n  https://github.com/SmeegeSec/GitHub-Wiki-Auditor \n  https://www.kitploit.com/2022/04/gitbleedtools-for-extracting-data-from.html\n  https://github.com/phlmox/jslinkfinderv2\n  https://exposingtheinvisible.org/guides/google-dorking/ &lt;---- huge dorking guide!\n  https://github.com/phlmox/bingdork\n  \n  Git-Secrets\n   Adds supports for scanning aws, gcp, ads a gf regex pattern,   https://github.com/awslabs/git-secrets/compare/master...deshpandetanmay:git-secrets:master\n  Adds support for scaning entire drive, concept of install.uninstall, a global config file and a regex patterns file (nice!) https://github.com/awslabs/git-secrets/compare/master...dbrs:git-secrets:master\n  He adds one pattern to replace all the previous ones, and it adds a curl request. Other various changes. https://github.com/awslabs/git-secrets/compare/master...konakonall:git-secrets:master\n  \n  \n  https://github.com/toniblyx/my-arsenal-of-aws-security-tools\n  https://techvomit.net/aws-security/\n  https://github.com/gwen001/s3-bucketsdfinder.git\n  https://github.com/janmasarik/bucketsperm\n  https://github.com/phlmox/gdork\n  https://github.com/lc/secretz\n   https://github.com/kevthehermit/PasteHunter\n\ngitdump (TODO Take Notes and Implement from John Hammon Stream)\nhttps://github.com/topics/crawl?o=desc&amp;s=updated\n\nGraphql\n  https://github.com/IvanGoncharov/graphql-voyager\n  https://github.com/Escape-Technologies/graphinder\n  https://github.com/gsmith257-cyber/GraphCrawler\n  Learn Graphql https://www.gatsbyjs.com/docs/conceptual/graphql-concepts/\n  That single GraphQL issue that you keep missing https://blog.doyensec.com/2021/05/20/graphql-csrf.html\n  https://blog.assetnote.io/2021/08/29/exploiting-graphql/\n  https://twitter.com/holybugx/status/1441460070387261440?s=21\n  https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection\n  https://www.programmableweb.com/news/what-graphql-and-how-did-it-evolve-rest-and-other-api-technologies/analysis/2019/07/31\n  https://github.com/KathanP19/HowToHunt/blob/master/GraphQL/GraphQL.md\n  https://swizec.com/blog/reverse-engineer-a-graphql-api-to-automate-love-notes-codewithswiz-24/\n  https://www.youtube.com/watch?v=cvvPLlP4518&amp;feature=emb_logo\n  Graphwoof https://github.com/dolevf/graphw00f\n  Graphql Voyager https://ivangoncharov.github.io/graphql-voyager/\n  inQL graphql Burp Extension for burp [here](https://youtu.be/5qSq1S2sRC8?t=753)\n  \nGithubs \n    https://github.com/bbhunter\n\nHandson / Demos\nhttps://github.com/yandex/securitygym\n  aws test challenge http://flaws.cloud/\n  ABUH! https://darkrebel.net/metarget-framework-providing-automatic-consctions-of-vulnerable-infrastructures | metarget appv install dvwa | metarget install  cve-2021-2312\n  xss jigsaw - https://blog.innerht.ml/page/2/\n  https://google-gruyere.appspot.com/\n  https://hackxor.net/\n  https://github.com/takshal/FOR-FUN\n  Vulnrable Task Manger app https://github.com/redpointsec/vtm\nHacking Tools\n  https://reqbin.com\n  https://gist.github.com/bgoonz/524b4ea887b216b810d16429265a34a3\nHTTP\n  HTTP Pipelining in burp https://youtu.be/boHIjDHGmIo?t=204)\n\nHTTP Parameer Pollution \n  HPP  https://www.youtube.com/watch?v=QVZBl8yxVX0&amp;t=13s\n  \nHTTP Request Smuggling\n\nHTTP Security Headers https://blog.detectify.com/2019/02/05/guide-http-security-headers-for-better-web-browser-security/\nHTTP HEader Smuggling https://github.security.telekom.com/2020/05/smuggling-http-headers-through-reverse-proxies.html\nhttp headers  https://www.ibm.com/docs/en/ibm-mq/7.5?topic=headers-content-type-http-entity-header\n   \nRequest Smuggling\nhttps://github.com/ruevaughn/websocket-connection-smuggler\nhttps://portswigger.net/daily-swig/how-to-perform-an-http-header-smuggling-attack-through-a-reverse-proxy\nhttps://twitter.com/albinowax/status/1263122811683553283\nNote: kitploit guys is the hackbogtone guy\nhttps://www.kitploit.com/2021/08/http-request-smuggling-http-request.html\nhttps://hackbotone.com/blog/http-request-smuggling-detection-tool/\nhttps://www.youtube.com/watch?v=mijOcGLneLU&amp;t=303.658823s\n  Defparam Variant      - https://gist.github.com/defparam/840f7d9e31f77b3c5460c5921e0787ef/revisions\n  bbhunter mutations    - https://gist.github.com/bbhunter\n HTTP Request Smuggling - https://gist.github.com/ruevaughn/9c76260b412446f33b647c970bbb1001)\n\nHTTP Request Smuggling Tools\n  https://github.com/Sh1Yo/request_smuggler\n  \nIDOR\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  \nISS=\n\niis https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/\n\n\nIos\n  https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://havoc.app/package/crane\n  \n\nInsecure Deserialisation\nInsecure Deserialisation https://www.youtube.com/watch?v=SNi7gNkfLSM\n\nIP (INternet Protocol) https://youtu.be/C7CpfL1p6y0?t=320 \n                        \n\nJavascript\n  \ud83d\udd75\ufe0f Pinkerton is an JavaScript file crawler and secret finder developed in Python  https://github.com/oppsec/Pinkerton\n  Looking through javascript files live hacking https://youtu.be/xx5fF7i-dCQ?t=2582\n  https://www.bugbountyhunter.com/guides/?type=javascript_files\n  JAVASCRIPTRECON.md https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff\n  https://portswigger.net/research/dom-based-angularjs-sandbox-escapes\n  Javascript for hackers https://www.youtube.com/watch?v=FTeE3OrTNoA\n  https://legallybreaking.com/discussion/88/full-featured-javascript-recon-automation-jsfscan-sh\n  https://labs.detectify.com/2016/12/08/the-pitfalls-of-postmessage/  \n  Javascript Enumeration https://www.youtube.com/watch?v=IsSWbVHk11M\n  https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html\n  unminifier http://dean.edwards.name/my/\n\n\n  https://github.com/robre/scripthunter\n\nJSON Attacks - JSON https://www.youtube.com/watch?v=oUAeWhW5b8c\n\nJWT\n  https://gist.github.com/ruevaughn/328067fadf926ddb788f98cd0d2d1a71 Crack JWT\n  https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0\n  Security Weekly Unlocked: https://www.youtube.com/playlist?list=PLlPkFwQHxYE7nQtKNzjnsVyoSOu2K4l9e\n  https://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n  https://www.youtube.com/watch?v=muYmiEtPL8U JWT with bbking\n  JWT Traversal https://github.com/MoisesTapia/JwtTransversal\n\nMd5 \n  https://github.com/juuso/BozoCrack\n  \nMeg\n  https://github.com/blackhatethicalhacking/meg/compare/master...tomnomnom:meg:master\n  https://github.com/tomnomnom/meg/compare/master...3lpsy:megurl:master\n  https://github.com/tomnomnom/meg/compare/master...Cgboal:meg:master\n  https://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\n  https://github.com/tomnomnom/meg/compare/master...GwynHannay:meg:master\n  \nMethodologies (Hackers)\n   Cyberheartmi Methodology   https://gist.github.com/cyberheartmi9/1ac77d171d9b9dc9a5be45fa4f4c8dcb\n   Bug Bounty Mini Course:Automated Recon  https://www.youtube.com/watch?v=0VOWgM4klpM&amp;list=WL&amp;index=19&amp;t=53s\n   Zseanos Methodology https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf\n \n \nMime Type Sniffing\nhttps://www.keycdn.com/support/what-is-mime-sniffing\n\nMindmaps \n  List of Attack Vectors http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp\n  Huge Mind Map. Lots of resources. Has All Exploits and a lot of good info. https://www.xmind.net/m/Xy7XEW/\n  Collaborative Mindmaps - Collaborative Mind Mapping \n\nMobile\n  https://github.com/skateforever/pentest-scripts/tree/main/mobile\n  https://www.veracode.com/blog/2010/12/mobile-app-top-10-list \n  \nMootools\n  https://github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/mootools-more.md\n  mootools 1.4.5 vuln \n    https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-31812/summary\n    Vulnerable Line https://github.com/vsviridov/mootools-node/commit/0fcc500aa1be356bc8745b322e8182f38ec8f0a0#diff-c4d2ea9c35bf14dd01cf28b174dba68fca9d2d9a2ae4b63d48ee496d7e9deedbR360-R367 \n    poc https://snyk.io/test/npm/mootools/1.4.5\nNmap\n  https://tecadmin.net/scanning-open-ports-with-nmap/inif\n  nmap pwn https://gist.github.com/BU9D4DDY/3e31890ae407e7c41a00f3715d00c5d7\n\nNodejs hacking\nhttps://github.com/zactly/handouts/blob/master/node_js_generic_checks.md\n\nOneliners\n    automate prototype polution https://twitter.com/R0X4R/status/1402906185301323776\n    https://github.com/D4Vinci/One-Lin3rt\n\n  https://github.com/Excloudx6/Elsfa7110-Oneliner-bughunting\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/#ONE-LINERRECONfor_FUZZ_XSS\n  https://github.com/KingOfBugbounty/KingOfBugBountyTips/compare/master...halencarjunior:KingOfBugBountyTips:master\n  https://www.youtube.com/watch?v=ZcG8ARatgs0&amp;t=467s\n  https://giters.com/okaayfine/oneliner-bugbounty\n  https://twitter.com/ofjaaah/status/1532581839344394241\n  https://gist.github.com/cyberheartmi9/c993542044fdc45834837c3f88484a63\n  https://github.com/trimstray/the-book-of-secret-knowledge\n\nOpen Redirects\nhttps://github.com/tomnomnom/meg/compare/master...1ndianl33t:meg:master\nhttps://www.infosecmatter.com/bug-bounty-tips-1/#5-top-25-open-redirect-dorks\nhttp://www.thespanner.co.uk/2014/03/21/rpo/\nhttps://nostarch.com/download/samples/RealWorldBugHunting_Ch02_Sample.pdf\nhttps://i.blackhat.com/asia-19/Fri-March-29/bh-asia-Wang-Make-Redirection-Evil-Again-wp.pdf\nhttps://devcraft.io/2020/10/19/github-gist-account-takeover.html\nhttps://portswigger.net/web-security/oauth/lab-oauth-stealing-oauth-access-tokens-via-an-open-redirecthttps://blog.intigriti.com/hackademy/open-redirect/\nhttp request smugglin open redorect defparam https://www.youtube.com/watch?v=3tpnuzFLU8g\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/understanding-and-discovering-open-redirect-vulnerabilities/\nhttps://corneacristian.medium.com/top-25-open-redirect-bug-bounty-reports-5ffe11788794\nhttps://www.youtube.com/watch?v=4Jk_I-cw4WE\nhttps://www.youtube.com/watch?v=grkMW56WX2E\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/open_redirect_wwwist.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/openredirects.txt\n  https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Open%20Redirect/Intruder/Open-Redirect-payloads.txt\n  https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html\n  https://github.com/AnLoMinus/Bug-Bounty/blob/2d654a0a62c1194564aa841745c171c4b1374252/Checklist/Web%20App/Upload%20Function.md\nhttps://github.com/Excloudx6/open-redirect-payload-list\n * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\nhttps://giters.com/okaayfine/oneliner-bugbounty#open-redirect\nhttps://infosecwriteups.com/bugbounty-linkedln-how-i-was-able-to-bypass-open-redirection-protection-2e143eb36941\nTnom and ori https://youtu.be/SYExiynPEKM?t=2630\n\nOwasp Top 10 (2021) https://cwe.mitre.org/data/definitions/1344.html\nParams\n  More Silent wheb running https://github.com/0xecho/parameth\n  Normal Branch https://github.com/maK-/parameth\n  Docker support https://github.com/Shaked/parameth\n  \nParameter Tampering - \n  http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&amp;attackVectorId=57\n\nPayloads / POCs\n    https://github.com/knownsec/pocsuite3\nhttps://github.com/pranav77/XSS-using-SVG-file\n  https://github.com/Excloudx6/Public/tree/master/payloads\n  https://github.com/sh377c0d3/Payloads/fork\n  https://github.com/RootUp/PersonalStuff\n  https://github.com/swisskyrepo/PayloadsAllTheThings \n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2019\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2020\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open\n  https://portswigger.net/research/top-10-web-hacking-techniques-of-2021\n  https://portswigger.net/research/top-10-web-hacking-techniques\n  https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher#forgottenknowledge\n\nPOC Videos\n  https://repo.telematika.org/project/bminossi_allvideopocsfromhackerone/\n  https://github.com/zeroc00I/AllVideoPocsFromHackerOne\n\nPassword Cracking\n  https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-dg.pdf\n\nPeople \ntnom interview https://gist.github.com/ruevaughn/00638360841b2bec94149080c4f04f28\nAshar Jahvid https://twitter.com/soaj1664ashar\n\nProducts / Services \nTobuy https://order.shareit.com/cart/view | https://tryhackme.com/why-subscribe | https://findomain.app/#Pricing | https://github.com/Excloudx6/InfoSec-Black-Friday | HAKLUKE RECOMENDS https://securitytrails.com/corp/osint-toolkit?referral_code=LLDAK0F80M\n\n\nProtype Pollution\n  automate https://twitter.com/R0X4R/status/1402906185301323776\n  https://www.kitploit.com/2021/09/plution-prototype-pollution-scanner.html\n  https://github.com/dwisiswant0/ppfuzz?tag=v1.0.0\n  https://github.com/kosmosec/proto-find\n  https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution\n  https://github.com/BlackFan/client-side-prototype-pollution\n  https://research.securitum.com/prototype-pollution-and-bypassing-client-side-html-sanitizers/\n  https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf\nhttps://www.youtube.com/watch?v=Gv1nK6Wj8qM&amp;t=1558s\nppmap \n  https://blog.intigriti.com/2021/07/14/bug-bytes-131-credential-stuffing-in-bug-bounty-hijacking-shortlinks-hacker-shows/\n  https://www.geeksforgeeks.org/ppmap-a-scanner-or-exploitation-tool-written-in-go/\n  https://book.hacktricks.xyz/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution\nPrototype polution Tools\n  https://github.com/msrkp/PPScan\n\n\n\nPython\nhttps://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03?utm_source=pocket-ff-recs\n\nRails\n  https://github.com/zactly/handouts/blob/master/oss_apps.md\n  https://github.com/zactly/handouts/blob/master/materials.md\n  https://github.com/gramantin/awesome-rails#apps-made-with-rails\n  Mass Assignment https://cheatsheetseries.owasp.org/cheatsheets/Mass_Assignment_Cheat_Sheet.html\n  https://code.tutsplus.com/tutorials/mass-assignment-rails-and-you--net-31695\n  https://www.cloudbees.com/blog/preproduction-checklist-for-a-rails-app?utm_source=rubyweekly&amp;utm_medium=email\n  https://youtu.be/CIhHpkybYsY?t=1171\n  https://github.com/zactly/handouts/find/master\n  https://github.com/zactly/handouts/blob/master/conferences/virtual-appsecday-2020/skea_rails_routes.md\n  \n \nRecon\n  https://github.com/003random/003Recon\n  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  Reconmap GUI Website SaaS https://demo.reconmap.com/login\n  https://github.com/0xbharath/assets-from-spf\n  https://mavericknerd.github.io/knowledgebase/BugBountyRecon/\n  https://www.bugbountyhunter.com/methodology/zseanos-methodology.pdf   \n  https://ulir.ul.ie/bitstream/handle/10344/8278/Nuseibeh_2019_Text.pdf?sequence=2\n  https://github.com/janmasarik/resolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n\nResolvers\n  https://github.com/janmasarik/resolvers/pull/31/files\n  https://github.com/janmasarik/resolvers\n\n\nReporting\n  https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html\n\nReflected File Downloads\n Reflected File Download - A New Web Attack Vector https://www.youtube.com/watch?v=dl1BJUNk8V4\n https://blog.davidvassallo.me/2014/11/02/practical-reflected-file-download-and-jsonp/\nhttps://drive.google.com/file/d/0B0KLoHg_gR_XQnV4RVhlNl96MHM/view?resourcekey=0-NV7cTUTB48bltMEddlULLg\nhttps://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf\nhttps://www.davidsopas.com/reflected-file-download-cheat-sheet/\n\nRegexp\n  Regexp Basics https://www.youtube.com/watch?v=KJG1dETacLI\n  https://regexr.com/\n\nResources\n  https://portswigger.net/research/web-cache-entanglement\n  https://github.com/AnLoMinus/Bug-Bounty\n  https://github.com/ngalongc/bug-bounty-reference\n  https://www.youtube.com/c/krypt0muxbugbounty\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Getting_Started_with_Bug_Bounty.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Hacking_101.pdf\n  https://github.com/OWASP/www-chapter-czech-republic/blob/master/slides/Adela_Hanikova_All_roads_lead_to_domain_admin.pdf\n  https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE\n  Really good bug bounty playlist https://www.youtube.com/watch?v=FeXloh12Mnw&amp;list=PLlrnAg4kKF3r26OIyfoYQQ-YqySE3fyE_&amp;index=2\n  When looking for something ot hack https://web.archive.org/web/20210420062735/https://help.intrigue.io/reference/intrigue-core-api-endpoints\n  The 5 Hacking NewsLetter 107 - https://pentester.land/newsletter/2020/05/27/the-5-hacking-newsletter-107.html\n  Cloud Metadata - https://gist.github.com/rudSarkar/39f821249bf0d38093cafbfd23bc33ee | https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb\n  Megathread https://twitter.com/ITSecurityguard/status/1519272305729458176\n  Reset Passwprd https://docs.google.com/presentation/d/1QzBl3k3n2q44ULyfZgr_gPZexj8nF5vD8JrS5AUJRbs/edit#slide=id.gb5aea10a86_0_167\n  Bug Bounty Google Doc https://docs.google.com/presentation/d/1o7GWUOYwcd3uMwLBRG9UzARYCvfuX3VKUHfoPu38t78/edit\n  Bug Bounty Udemy Courses Tip https://twitter.com/ITSecurityguard/status/1519272305729458176 \n  https://github.com/carlospolop/PEASS-ng \n  Saturday Night Bug Bounty Bytes w/ Ch1-R0n1n  https://www.youtube.com/watch?v=xx5fF7i-dCQ\n  Nicolas Gr\u00e9goire - Hunting for Top Bounties  https://www.youtube.com/watch?v=mQjTgDuLsp4\n  Hacktify Playlist to learn hacking https://www.youtube.com/watch?v=NBCrlRqX2AY&amp;list=RDCMUCS82DNnKOhXHcGKxGzQvNSQ&amp;start_radio=1&amp;rv=NBCrlRqX2AY&amp;t=0\n  \nRNG http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ARTICLES/earticles.html  \n\nRPO (Relative Path overide) Gadgets \n  https://blog.innerht.ml/rpo-gadgets/\n  https://www2018.thewebconf.org/proceedings/\n  https://blog.acolyer.org/2018/05/28/large-scale-analysis-of-style-injection-by-relative-path-overwrite/\n  https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf\n  https://portswigger.net/research/detecting-and-exploiting-path-relative-stylesheet-import-prssi-vulnerabilities\ninurl:/.well-known/security ext:txt -hackerone -bugcrowd -synack -openbugbount\n\nSAML\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/\nhttps://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final91.pdf\nhttps://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/\n\nScanners\n  2020_3452\nhttps://www.zoomeye.org/\nhttps://searchcode.com/\nhttps://fullhunt.io/\nhttps://github.com/RustScan/RustScan\nhttps://github.com/knassar702/scant3r\n\nS3 buckets \n  https://github.com/sa7mon/S3Scanner\n   Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations https://www.youtube.com/watch?v=ITSZ8743MUk\n   https://support.cloudflare.com/hc/en-us/articles/360037983412-Configuring-an-Amazon-Web-Services-static-site-to-use-Cloudflare\n\nSecond Order Takeovers\n  Shubbs Talking about it in his 5 years of hacking talk. Good. https://youtu.be/iG7-c0YbhbM?t=1472\n\nSelf Hosting \n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  Shodan like nmap results parser (https://github.com/shivammehta007/ScanX) PBNJ(http://pbnj.sourceforge.net/) (A suite of tools to monitor change in a network over time) store NMAP Results in a database to monitor changes on a network over time and then conducts historical analysis to identify new hosts - \n\nScripts\n  LFI https://web.archive.org/web/20100228162410/http://pastie.org/840199\n  https://github.com/killswitch-GUI/PenTesting-Scripts\n\nSession Poisoning - https://en.wikipedia.org/wiki/Session_poisoning \n https://github.com/t1m4/ptl_lab\n \nSetup\n  Bug Bounty Tools Setup - https://github.com/oliveira-andre/bug_bounty_tools\n  Redherd - https://redherd.readthedocs.io/en/latest/ | https://www.youtube.com/channel/UCYSM51oldVsryhZxGdB3hXA\n\nShells\n  https://github.com/tennc/webshell/blob/master/README_EN.md\n\nSmart Contracts\n  https://github.com/SecurityInnovation/Smart-Contract-CTF\n\nSSRF\n  SSRF HTTP Bypass List https://pastebin.com/YbsKrMpf\n SSRF - Practical  by Hacktify https://www.youtube.com/watch?v=NBCrlRqX2AY\nhttps://reconshell.com/jira-mobile-ssrf-exploit/\nhttps://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/ssrf\n\n\nSubdomain Takeovers\n  https://github.com/mhmdiaa/tko-subs\n  https://github.com/mhmdiaa/second-order\nhttps://0xpatrik.com/subdomain-takeover-ns/\nhttps://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/\nhttps://www.hackerone.com/application-security/guide-subdomain-takeovers\nhttps://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75\nhttps://import.cdn.thinkific.com/359809/courses/1386931/locomotivesubdomaintakeover-210608-154821.yamll\nhttps://github.com/buckhacker/SubDomainTakeoverTools\ngithub.com/lukasikic/subzy \n    -&gt; https://gist.githubusercontent.com/ruevaughn/91d3369fdf0d93b0bdc6662c771cb7ae/raw/79e07b315e465bae1f003ec8fd40fcf5471b223b/fingerprints.json\ngithub.com/mhmdiaa/second-order\n\nSubmitting a report\nhttps://about.gitlab.com/blog/2020/09/28/top-tips-for-better-bug-bounty-reports-and-a-hacker-contest/\n\nSQL INjection\nhttps://www.cloudflare.com/learning/security/threats/sql-injection/\n\nShodan\n  Awesome Shodan Queries https://github.com/jakejarvis/awesome-shodan-queries\n  Shodan Dorks https://twitter.com/0xhunster/status/1548382647759491074/photo/1\n  Shodan CVE Dorks Kathan https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n  https://carbon.now.sh/6nEp25xrtuu53L6aquU4\n  https://twitter.com/kotylevskiy/status/1551926067908182018/photo/1\nStatus Codes\n  Web status codes https://requests.readthedocs.io/en/latest/api/#status-code-lookup\n  \nSQL Injection\nhttps://github.com/ladecruze/Exploits/blob/master/sqlexploit.js\n  https://book.hacktricks.xyz/pentesting-web/sql-injection\n  (at the bottom of the page, the image and text for 2 sqli x-forwarded-for tips) https://medium.com/pentesternepal/access-control-worth-2000-everyone-missed-this-idor-access-control-between-two-admins-9745eaf15d21\n  https://github.com/0xEval/sql2shell\n  \nSource Code Analysis\n  https://twitter.com/dhakal_ananda/status/1544574015779606529\n\nTakeovers\n  https://github.com/musana/mx-takeover\n  \nTiming Attacks\nTime Attacks http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp?antiCsrfToken=null&amp;filterCategory=9\n\nTips\n  Parse Github URls https://github.com/ruevaughn/git-url-parse\n  Randomize IPs https://gist.github.com/yehgdotnet/27114d4bb5b28ec093e6dd36e329c389\n\n  Find IP Address behind CDN\n    \t\thttps://github.com/mandatoryprogrammer/cloudflare_enum\n    https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275\n    https://zdresearch.com/finding-the-origin-ip-behind-cdns/\n    https://twitter.com/HolyBugx/status/1343156549162852352?s=20 \n  Test Shodan Queries https://app.netlas.io/responses/\n  https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248\n  https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountytips.md\n  King of Bug Bounty Tips - https://github.com/KingOfBugbounty/KingOfBugBountyTips\n  https://abhinavprasad47.github.io/bugbounty-starter-notes/\n  https://www.google.com/search?tbm=bks&amp;q=recon-ng\n  gh dork: https://github.com/topics/one-liners\n  Sqlmap tip - https://youtu.be/rVu0GUjic_g?t=2246\n  Eval command and security issues https://mywiki.wooledge.org/BashFAQ/048\n  \ud83c\udf1f Find company's owned domains (company.*) with these #googledorks: | https://twitter.com/nil0x42/status/1533094473067995137 \n  https://redhuntlabs.com/nvadr\nTodo\n    read https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning\n      https://tillsongalloway.com/finding-sensitive-information-on-github/\nTODO: Make a worldist from these Amazon Cognito API actions GetUser etc https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html\n\n\nTools\n  https://github.com/ladecruze/Subdorker/fork\n   Brute Force Tomcat https://github.com/Excloudx6/tomcter\n  Code Snippets\n    https://carbon.now.sh/snippets\n  HTML Tools (CSV To HTML, Regexpal, 50+ tools) \n    https://www.cleancss.com/join.php\n  \n\n  Arjun                 \n    https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url  \n  crobat                    \n    https://www.onsecurity.io/blog/how-i-made-rapid7s-project-sonar-searchable/\n  Dom Invader               \n    https://www.youtube.com/watch?v=GeqVMOUugqY\n  ffuf                      \n    https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391 | https://thexssrat.medium.com/what-the-fuzz-the-truth-behind-content-discovery-77cd0c0756e7\n  gf       \n    Automate GF and gau https://gist.github.com/BU9D4DDY/eea5f7580577d9bf5d009ce923bac4fe\n    https://rengine.wiki/usage/tool_conf/ \n    https://github.com/1ndianl33t/Gf-Patterns \n    https://github.com/halencarjunior/BugBuntu/wiki/Installing-Gf-Patterns \n    https://github.com/NitinYadav00/gf-patterns/fork \n    https://twitter.com/sratarun/status/1361209626478276610 \n    MORE GF TEMPLATES https://github.com/lutfumertceylan/top25-parameter/releases/tag/v1.0.7 \n    https://github.com/tomnomnom/gf/compare/master...pry0cc:jf:master | \n    https://github.com/ResistanceIsUseless/gf | \n    https://github.com/tomnomnom/gf/compare/master...medbsq:gf:master | \n    https://github.com/mrofisr/gf-patterns\n    \n  gee                       \n    Similar to Tee. More Functionality. https://github.com/hahwul/gee\n    Gee Tips https://twitter.com/hahwul/status/1360495560843689989\n  FFMPEG-AVI-m3u-xbin       - https://github.com/Excloudx6/ffmpeg-avi-m3u-xbin\n  metabigor v2              - Metabigor https://twitter.com/j3ssiejjj/status/1528687407587299330/photo/1\n  pywhat -- Identify anything. pyWhat easily lets you identify PI from pcap files\n    https://github.com/bee-san/pyWhat/fork\n  recon-ng  https://raw.githubusercontent.com/anshumanbh/domain/master/enumall.py\n  SimpleApachePathTraversal - https://github.com/MrCl0wnLab/SimplesApachePathTraversal\n  Source2Url                - \n  \n  Tmux \n    tmux or screen https://youtu.be/a8LaNydbJyA?t=6406\n\n  \n  Tracy\n    https://newsroom.nccgroup.com/\n    https://github.com/nccgroup/tracy/blob/master/src/js/database-worker.js\n    https://github.com/nccgroup/tracy\n  \n  UrlEncode/Decode\n    https://www.w3schools.com/tags/ref_urlencode.ASP\n    https://network-tools.com/url-encode/\n    https://www.url-encode-decode.com/\n\nVulnerable Things\n  https://github.com/kiwicom/xssable\n   https://github.com/janmasarik/dumb-password-rules\n https://github.com/duffn/dumb-password-rules/fork\n \n \n WhatWeb                   - https://github.com/urbanadventurer/WhatWeb\n  WFUZZ                     - https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz\nwwwwwww\nahttps://useragent.me/\n\nWordlists\nhttps://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b\n  http://web.mit.edu/~mkgray/jik/src/Attic/kerberos_password_hacker/allwords\n  https://web.archive.org/web/20201130145910/https://github.com/ptswarm/ptswarm-twitter/blob/main/2020-11-30-open-redirect-params.txt\n  https://github.com/mhmdiaa/chronos\n  https://github.com/d4rckh/gorilla\n  https://github.com/jim3ma/crunch\n  https://github.com/the-xentropy/samlists/fork\n  https://github.com/AyProductions-Team/NEXTdependencydownloader/blob/588fa54b77743f808feec88070a4a0c76ac7c993/bin/Debug/net6.0-windows/DependencyDownloader.exe.WebView2/EBWebView/ZxcvbnData/3.0.0.0/passwords.txt\n  https://gist.github.com/random-robbie/c9671939d029848df38e06c5383e6395\n  Common Config Files by Tomnomnom   https://github.com/tomnomnom/meg/blob/master/lists/configfiles\n  Short Wordlist by Tomnomnom https://gist.github.com/tomnomnom/57af04c3422aac8c6f04451a4c1daa51\n  https://github.com/giteshnxtlvl/cook\n  https://imgur.com/user/silverblack1111/New%20Folder\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/iam_user_enum/default-word-list.txt\n  https://github.com/koaj/aws-s3-bucket-wordlist\n  https://github.com/Karanxa/Bug-Bounty-Wordlists\n  FUZZ.txt good -https://gist.github.com/m4ll0k/50efec5f04179b107c9d7597eec7d23c\n  https://gist.github.com/m4ll0k/https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  Stream: Creating Target Specific Wordlist!!  https://www.youtube.com/watch?v=AF-zp6DROTs\n  API Endpoints https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d\n  https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af\n  https://wordlists.assetnote.io/\n  https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056\n  https://github.com/six2dez/OneListForAll/blob/main/onelistforallmicro.txt\n  https://gist.github.com/miguelmota/706ebaeb661e246e1b682c400d49d1c9\n  https://github.com/ghostlulzhacks/wordlist/blob/master/directory-brute-wordlist.txt\n  to harvest https://youtu.be/YO3ldj4jkJk?t=275\n  Common Bucket Names https://github.com/buckhacker/buckhacker/blob/master/resources/common-bucket-names.txt\n  https://portswigger.net/web-security/authentication/auth-lab-passwords\n  https://portswigger.net/web-security/authentication/auth-lab-usernames\n  https://github.com/SmeegeSec/SmeegeScrape\n  make a wl from js https://gist.github.com/seqrity/d67608eb6372cd6f455bfeeefa77b9c2\n  Who what where when tomnomnom - https://www.youtube.com/watch?v=W4_QCSIujQ4\n  https://pentestbook.six2dez.com/recon/webs-recon Wordlist Gen\n  https://github.com/giteshnxtlvl/cook\n  https://gitlab.com/kalilinux/packages/amass/-/tree/91a5313226ab9ebd4ecbad40622584dd6f3f7cd5/wordlists Wordlists\n\n\n  \nWriteups\n  https://github.com/kh4sh3i/bug-bounty-writeups\n  securityforeveryone.com/scan-repository\n  2022-07-15 Exploiting Arbitrary Object Instantiations in PHP without Custom Classes  https://swarm.ptsecurity.com/exploiting-arbitrary-object-instantiations/\n  https://github.com/fardeen-ahmed/Bug-bounty-Writeups\n  https://github.com/devanshbatham/Awesome-Bugbounty-Writeups\n  https://twitter.com/ITSecurityguard/status/1519272305729458176\n  https://github.com/ngalongc/bug-bounty-reference\n  \n  https://github.com/djadmin/awesome-bug-bounty\n  https://ysamm.com/#\n  https://tarekbouali.com/posts/how-i-hacked-one-of-the-biggest-airlines-group-of-the-world/\n  https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups\n  https://infosecwriteups.com/intro-to-bug-bounty-automation-tool-chaining-with-bash-13e11348016f\n  https://hacklido.com/u/excloudx\n  https://subscription.packtpub.com/book/ssnetworking-and-servers/9781788626897/7/ch07lvl1sec47/example\n  https://subscription.packtpub.com/owned\n  https://id.bugbountyhub.com/auth/realms/bugbountyhub/login-actions/authenticate?execution=a484e1a7-bc42-472b-a339-15be49996b14&amp;client_id=prod-platform&amp;tab_id=MivkVulj_p8\n  https://prashantbhatkal2000.medium.com/svg-based-stored-xss-ee6e9b240dee\n  https://github.com/phlmox/public-reports/blob/main/hackerone-one-million-reports\n  https://footstep.ninja/posts/\n  https://twitter.com/omespino/status/1489310300708900868/photo/\n  https://github.com/phlmox/public-reports\n  https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/\n  https://discord.com/channels/772850979955671103/772854181433573398/895230570366402590 Hacking Articles\n\nVhosts\n  https://github.com/Shaked/vhost-finder\n  Vhost Discovery https://github.com/projectdiscovery/tlsx#sancn-probe\n\nVPS\nhttps://github.com/bbhunter/pentest-scripts/blob/main/useful/get-tools.sh\nhttps://github.com/crawlab-team/crawlab\n  https://github.com/righettod/toolbox-pentest-web\n  google cloud official repos https://github.com/googleapis/google-cloud-ruby\n  google cloud repos https://github.com/orgs/4ARMED/repositories\n  Certifcate install   https://github.com/anshumanbh/terraform-burp-collaborator#using-a-proper-tls-certificate\n  https://github.com/orgs/4ARMED/repositories\n  Teraform Burp Colab server https://github.com/anshumanbh/terraform-burp-collaborator\n  Setup script for Regon-ng  and altdns https://github.com/jhaddix/domain\n  https://github.com/AntSwordProject/antSword\n  https://github.com/janmasarik/resolvers/blob/master/.github/workflows/main.yml\n  https://github.com/pry0cc/axiom/tree/master/images/provisioners\n  https://github.com/janmasarik/resolvers\n  Assetnote Setup and Installation   https://gist.github.com/sz3n/1fdf2f871a10d4e9180757afc8fd80e2\n  https://demo.ezxss.com/manage/dashboard\n  https://github.com/ssl/ezXSS/wiki/Installation\n  https://honoki.net/2021/07/11/wilson-cloud-respwnder/\n  https://github.com/ruevaughn/assetnote\n  https://github.com/robre/jsmon\n  Host and Deploy Assetnote https://gist.github.com/BU9D4DDY/9e023d0fae3314273302ae895ae7c5ed\n  vps_install.sh by Rajchowdhury420 https://gist.github.com/Rajchowdhury420/24fa500ebc4edbb2018860f85f93b8cf\n  https://hackingblogs.com/bug-bounty-builder-project-tool-use/\n  Beats - Lightweight shippers for Elasticsearch &amp; Logstash \n  https://github.com/nicolargo/glances\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://www.udemy.com/course/learn-website-hacking-penetration-testing-from-scratch/learn/lecture/5878090?start=0#overview\n  Pt a website onlne https://www.youtube.com/watch?v=NQP89ish9t8\n  https://www.trenchesofit.com/2021/06/14/bug-bounty-vps-build/\n  https://github.com/intrigueio/intrigue-core/wiki/Setting-up-a-Development-Environment-%28on-Ubuntu%2C-Kali%2C-Debian%29\n  https://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \n\nWhitepapers\nhttps://github.com/zactly/handouts/tree/master/conferences\n\nxss\nhttps://github.com/kiwicom/xssable\nhttps://twitter.com/soaj1664ashar\n  https://github.com/pranav77/XSS-using-SVG-file\n  https://www.openbugbounty.org/blog/devl00p/top-100-xss-dorks/\n  xss - https://threadreaderapp.com/thread/1508406052663934979.html\n  https://google-gruyere.appspot.com/\n  https://0x1.gitlab.io/web-security/Weaponised-XSS-Payloads/\n  https://infosecwriteups.com/weaponizing-reflected-xss-to-account-takeover-ae8aeea7aca3\n  https://hakluke.medium.com/upgrade-xss-from-medium-to-critical-cb96597b6cc4\n  https://github.com/hakluke/weaponised-XSS-payloads\n  https://medium.com/redteam/weaponising-angularjs-bypasses-4e59790a730a\n  https://github.com/dwisiswant0/findom-xss\n  https://www.secureideas.com/blog/2018/12/twelve-days-of-xssmas.html\n  https://www.geeksforgeeks.org/findom-xss-fast-dom-based-xss-vulnerability-scanner/?ref=rp\n  https://thexssrat.podia.com/free-labs\n  https://github.com/topics/xss\n  https://twitter.com/ofjaaah/status/1504932805431767046\n  https://portswigger.net/research/new-xss-vectors\n  https://medium.com/bugbountywriteup/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1\n  https://github.com/takshal/freq\n  https://bytemeta.vip/index.php/@takshal\n  https://github.com/takshal/freq/pull/2/commits/ca176eee65889530b4896d782419edd0e4325713\n  https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html\n  What is the best method to use dalfox?? https://attacker-codeninja.github.io/2021-09-09-portswigger-notes-on-host-header-attack/\n  https://github.sre.pub/topics/xss-scanners\n  https://medium.com/@skavans_/the-unobvious-about-xss-and-html-encoding-4e0d536a35d9\n  Al the ways you can alert js -&gt; https://gist.github.com/tomnomnom/14a918f707ef0685fdebd90545580309\n  https://github.com/wisec/domxsswiki/wiki\n  https://github.sre.pub/topics/xss-scanners\n  https://owasp.org/www-community/attacks/xss/\n  Moving beyond alert()xss https://av.tib.eu/media/49191\n  https://unescape-room.jobertabma.nl/\n  https://infosecwriteups.com/reflected-xss-on-microsoft-com-subdomains-4bdfc2c716df\n  https://github.com/danielthatcher/Cookieless-Session-Scanner session is for identifying xss as described here   https://blog.isec.pl/all-is-xss-that-comes-to-the-net/\n\nXSS Labs\nhttps://google-gruyere.appspot.com/\n\n\n\nScreenshots\nhttps://github.com/detectify/page-fetch/fork\n\nEyeballer\nhttps://github.com/BishopFox/eyeballer &lt;----- TODO BIG IG and [this](https://www.kaggle.com/datasets/altf42600/pentest-screensots)\nhttps://www.akamai.com/blog#HTTP2rs\nhttps://www.jhaddix.com/post/tooltime-2-ssl-certificate-parsers-for-recon\nRecon\nNotify -bulk - workflow to funnel everything to Notify https://youtu.be/v7FMPU3J3Qw?t=3044\nReconFTW Automation - https://youtu.be/v7FMPU3J3Qw?t=2841\nAutomation - what to do with all the subdomains  endpoints you found! https://youtu.be/v7FMPU3J3Qw?t=1864\n\nTools\nhttps://reconshell.com/awesome-bug-bounty-tools/\nhttps://reconshell.com/mobile-hackers-weapons/\nhttps://book.hacktricks.xyz/todo/more-tools\nhttps://github.com/fardeen-ahmed/Bug-bounty-Writeups#-bug-bounty-tools---\nhttps://github.com/vavkamil/awesome-bugbounty-tools#Recon\nImage upload\nhttps://github.com/barrracud4/image-upload-exploits\nhttps://hackbotone.com/blog/essential-recon-tools/\nhttps://github.com/danielthatcher/spydom\nhttps://allciber.com/web-attack-cheat-sheet/\n\nAlias / Snippet / Command Management\nhttps://github.com/nahamsec/recon_profile\nhttps://github.com/hahwul/hack-pet/commit/6405608c856551d241174d8c839c79efdff5153c\nhttps://github.com/hahwul/hack-pet\nhttps://github.com/knqyf263/pet\n\n\nhttps://github.com/anshumanbh/brutesubs\nhttps://github.com/VainlyStrain/Vailyn\n\nRECON\nhttps://gist.github.com/khanjanny/039d7c7d825a866b9020e3945e04ace9\nhttps://github.com/KathanP19/HowToHunt\nhttps://prettyrecon.com/auth/forgot_password/\n\nTweets Dorks\nhttps://twitter.com/hashtag/bugbountytips\nhttps://twitter.com/search?q=%23bugbountytips&amp;cn=ZmxleGlibGVfcmVjcw%3D%3D&amp;refsrc=email\nhttps://twitter.com/ghostlulz1337\n\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=site%3Agist.github.com+%22dalfox%22+automate\nhttps://gist.github.com/sec99\nhttps://gist.github.com/Bedrovelsen/starred\nhttps://gist.github.com/tranphuoctien/47c1242c8189b42fb4d268c548db4526\nhttps://gist.github.com/GrahamcOfBorg/601b9608c6010d9c82cf0e9535faac4b\nhttps://gist.github.com/babaloveyou\nhttps://www.google.com/search?client=firefox-b-1-d&amp;q=bug+bountny+automation\nhttps://www.reddit.com/r/bugbounty/comments/nkaz32/automation_for_bug_bounty_recon_framework/\nhttps://github.com/dirsoooo/Recon\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nCrawlers / Crawling\nhttps://github.com/Echocipher/HackeroneSpider\nxnLinkFinde\nhttps://github.com/spatie/crawler\nhttp://www.robotstxt.org/\nhttps://github.com/BruceDone/awesome-crawler\nhttps://github.com/tijme/not-your-average-web-crawler\nhttps://github.com/ghostlulzhacks/crawler\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nhttps://crawler.ninja/\n\n  \n\n\nSqli\n  https://sapt.medium.com/sqli-on-a-bugcrowd-private-program-17858b57ec61\n  http://sqlninja.sourceforge.net/download.html\n  https://w3af.org/howtos/find-cross-site-scripting-and-sql-injections\n  https://www.securedyou.com/how-to-hack-sql-database-password-cracking/\n  https://www.securedyou.com/download-havij-free-automated-sql-injection-tool/\n\nsqlmap\n  https://h1pmnh.github.io/post/advanced-sqlmap-case-study-1\n\nDefault Credentials \nhttps://github.com/Excloudx6/WebCrack\n  The Open Cloud Vulnerability &amp; Security Issue Database  https://www.cloudvulndb.org/\n  \n  https://github.com/SummitRoute/csp_security_mistakes\n  Default Cred Scanner https://github.com/ztgrace/changeme\n  \n\n  \nFile Upload\nhttps://sm4rty.medium.com/hunting-for-bugs-in-file-upload-feature-c3b364fb01ba\nhttps://github.com/almandin/fuxploider - File upload vulnerability scanner and exploitation tool. \n\n\nMonitor Server Status\nhttps://github.com/sudo-jtcsec/server-status-mon\nhttps://github.com/Excloudx6/server-status_PWN\n\nTmux https://github.com/Excloudx6/clips\n# My Bug Bounty Wiki Page\nhttps://github.com/MrM8BRH/SuperLibrary\nhttps://github.com/zeroc00I/ReconNotes\n   https://gist.github.com/ruevaughn/71c31d7f67b7d105d9f480489e02c906\n\n\nA-Z Sorting in progress\nAwsCli https://aws.plainenglish.io/aws-s3-cli-cheatsheet-9078366fca83\nWelcome to my Bug Bounty Wiki page. It's currently not organized or cleaned up at all though that's a WIP. Originally was where I was dumping links and things I needed to rememnber.\nNews Articles\nhttps://www.bbc.com/news/technology-43581624\n\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1524\n\nDeserialisation\nDeserialization example &lt;-https://youtu.be/oUAeWhW5b8c?t=1583\nAnother Deserialization example https://youtu.be/eDfGpu3iE4Q?t=266\nhttps://github.com/GerbenJavado/LinkFinder\nhttps://medium.com/@duhroach/how-png-works-f1174e3cc7b7\n\n\nhttps://github.com/beurtschipper/Depix &lt;-- unblur \n\n### A\n\nTwitter\nhttps://mobile.twitter.com/drunkrhin0/status/1344130730947825664\n\n\nhttps://kathmandupost.com/science-technology/2021/04/06/we-dream-to-be-nepal-s-first-billion-dollar-it-company\nhttps://reconwithme.com/\n\nhttps://jaeles-project.github.io/\n\nAPIs\nHuge API Resources list! https://dsopas.github.io/MindAPI/references\nhttps://thexssrat.podia.com/view/courses/free-api-testing-and-securing-guide/923506-api-top-10-videos/2699995-owasp-api-top-10-a0-to-a3\n\nhttps://www.hahwul.com/2019/07/01/easy-security-testing-with-applications-bridge-in-zap/\nhttps://github.com/PortSwigger\n\n### B\nBooks https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/BOOKS.md\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nhttps://github.com/1N3/Sn1per/blob/master/modes/normal_webporthttp.sh\nBlogs\nhttps://opsecx.com/index.php/category/blog/\n\n\nUrl FInder\nhttps://www.kitploit.com/2021/08/sigurlfind3r-reconnaissance-tool-it.html\n\n403 Bypasser\nhttps://www.kitploit.com/2021/11/4-zero-3-403401-bypass-methods-bash.html\nhttps://www.kitploit.com/2021/09/403bypasser-automates-techniques-used.html\n\nOauth\n#### Oauth Bug Bounty Cheatheet\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/oauth-2.0-vulnerabilities\nhttps://anil-pace.medium.com/json-web-tokens-vs-oauth-2-0-85dd0b32057d\n\nEmail\nhttps://www.ibm.com/docs/en/sqsp/32.0?topic=SSBRUQ_32.0.0/com.ibm.resilient.doc/install/resilient_install_defang s.htm\n\nNuclei\nNuclei : A Bug Bounty Tool https://www.youtube.com/watch?v=ZcG8ARatgs0\nhttps://www.reddit.com/r/infosec_daily/comments/lrz9bg/nuclei_tool_review/\nFinding bugs with Nuclei with PinkDraconian (Robbe Van Roey) https://www.youtube.com/watch?v=ewP0xVPW-Pk\n\nNuclei templates\nhttps://github.com/xm1k3/cent &lt;-- manage nuclei tempaltes and ibg list of templateseeeeeeeeeeeeeeeeeee\nhttps://github.com/aboul3la/nuclei-templates\nhttps://github.com/projectdiscovery/nuclei-templates/compare/master...s4e-labs:nuclei-templates:master\nhttps://github.com/projectdiscovery/nuclei-templates/discussions/693\nhttps://nuclei-templates.netlify.app/\n\ncool\nhttps://github.com/nikitastupin/param-miner-doc\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\n\n### C\n\nFuzzing\nhttps://thugcrowd.com/kiosk/ Badass Fuzzing tools / Resources\nhttps://0xn3va.gitbook.io/cheat-sheets/resources/software/fuzzing\n\nBug Bounty Videos\nMix - webpwnized https://www.youtube.com/watch?v=Y_2JVREtDFk&amp;list=RDCMUCPeJcqbi8v46Adk59plaaXg&amp;start_radio=1\nBreaking Parser Logic: Take Your Path Normalization off and Pop 0days Out! - https://www.youtube.com/watch?v=CIhHpkybYsY&amp;t=2s\nVideos\n  HackTube5 Youtube https://www.youtube.com/channel/UCiiEXWVI8XDV_SbIOYVuKog\n  GynvaelEN https://www.youtube.com/user/GynvaelEN\n  Hacktify https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ\n  Hack the Box Youtube https://www.youtube.com/channel/UCi67lRCd5qpaHwSXNJisuRQ\n  Hackerone https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw\n  Hackersploit https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q\n  Hacking Simplified https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng\n  Hacking Simplifed (smaller channel) https://www.youtube.com/channel/UCTIHXPYJ4gT7PBQK9tUmFJA\nhttps://administraitor.video/edition/Hack.lu/2019\n\nhttps://portswigger.net/news\n\nNotify - https://youtu.be/rbr7ZmBI9qs?t=278\n\nhttps://www.youtube.com/watch?v=kbi2KaAzTLg\n\nWhat after Recon? - Sup Subdomains?!\n\n\nDORK\n  https://exposingtheinvisible.org/guides/google-dorking/\nhttps://www.google.com/imgres?imgurl=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FEf6ELytWAAAswXx%3Fformat%3Djpg%26name%3D4096x4096&amp;imgrefurl=https%3A%2F%2Fmobile.twitter.com%2Fbugbountyrecon&amp;tbnid=pQu57Q5pha2WIM&amp;vet=12ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ..i&amp;docid=NghhHzdXU7Ey8M&amp;w=2480&amp;h=1302&amp;q=Bug%20bounty%20automation%20GitHub&amp;client=firefox-b-1-d&amp;ved=2ahUKEwixtNqk0vz1AhV0IX0KHWddCpQQMygLegUIARC-AQ\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nReporting\nhttps://hacktify.in/bugbounty/ &lt;---- lots of resources for reporting\n\n\n#### Ruby on Rails\nhttps://hackerone.com/reports/904059\nhttps://hackerone.com/reports/1400309\nhttps://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md\nhttps://bugbountyforum.com/resources/#ruby-on-rails\n\nFree Shodan key and nmap automatin script to search for big f5 ip acve\nhttps://learn.hacktify.in/courses/take/bug-bounty-hunting-and-penetration-testing/lessons/16862042-assets-resources\nhttps://github.com/shifa123/f5BigIPExploit/blob/master/assets\ndnmap\nhttps://github.com/vdjagilev/nmap-formatter\nhttps://www.darknet.org.uk/2016/07/dnmap-distributed-nmap-framework/?utm_source=pocket-ff-recs\nhttps://github.com/alt3kx/CVE-2021-21985_PoC/blob/main/CVE-2021-21985.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse\n# https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve2020-3452.nse\naquatone - https://gist.github.com/random-robbie/beae1991e9ad139c6168c385d8a31f7d\nhttps://www.tib.eu/en/publishing-archiving/research-data\nhttps://github.com/erbbysam/Hunting-Certificates-And-Servers/blob/master/Hunting%20Certificates%20%26%20Servers.pdf\nBug Bouty Programs\nhttps://cheatsheetseries.owasp.org/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html\nhttps://guidesmiths.github.io/cybersecurity-handbook/resources\nhttps://guidesmiths.github.io/cybersecurity-handbook/tooling\n\n\nrxrdxrhttps://platforms.disclose.io/\nhttps://cardanofeed.com/cardano-doubled-the-rewards-for-its-bug-bounty-program-49977.html\nhttps://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2022\nhttps://portswigger.net/daily-swig/cloudflare-bug-bounty-program-goes-public-with-3-000-rewards-on-offer\n\nhttps://hackerone.com/alipay?type=team\nhttps://render.alipay.com/p/c/183ecyeztvuo/dana-pay.html\n\nDisclosure Assistance w/ Hackerone https://hackerone.com/disclosure-assistance/disclosure_assistance_requests/new?type=team\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\nVDP\nDutch Gov - bug bounty scope https://gist.github.com/ruevaughn/f2d1157598a6156c3d51538b3fbd980c\nhttps://www.justice.gov/criminal-ccips/page/file/983996/download\n\"Bug Bounty programs|VDP|launch\" -&gt; Google News etc\n\n\n\n#### J\n\n\n#### L\n\nLabs\n\nLinux\nhttps://linuxsecurity.expert/resources/\n\n#### M\n\nMonitoring\nhttps://github.com/dgtlmoon/changedetection.io Monitor Website Changes\n\n### P\n\n#### Podcasts\nLinks here -&gt; https://blog.intigriti.com/2019/11/12/bug-bytes-44-new-platform-new-programs-and-a-e25k-head-csrf/\nSelfHosted Podcast https://selfhosted.show/60?t=777\n\nPrograms\nhttps://github.com/bughunterlabs/open-bounty-targets/blob/main/dorks.txt\n\n### R\n#### \n#### Reverse Shells\n\n### Rate Limit\n\n\n### T\nTop 10\n\nDNS Hijacking\nhttps://www.cloudflare.com/en-ca/learning/security/global-dns-hijacking-threat/\nhttps://github.com/mdsecresearch/Publications/blob/master/presentations/Offensive%20Development%20-%20Post-Exploitation%20Tradecraft%20in%20an%20EDR%20World%20-%20x33fcon%202020.pdf\n\nIDN Homograph\nhttps://www.akamai.com/blog/security/watch-your-step-the-prevalence-of-idn-homograph-attacks\n\n\n#### Tools\nhttps://www.xmind.net/m/Xy7XEW/# &lt;----- \nhttps://github.com/Excloudx6/PentestTools#exploitation-tools\nhttps://linuxsecurity.expert/security-tools/top-100/\nhttps://intelx.io/tools\nhttps://github.com/nccgroup/ScoutSuite/tree/master/tools\nClean Ips Script\nhttps://gist.github.com/LuD1161/bd4ac4377de548990b47b0af8d03dc78\n### D\nhttps://github.com/nccgroup/tracy\n\n#### Todo\nhetty.xyz\nhttps://www.bugbountyhunting.com/\n    \nhttps://github.com/KingOfBugbounty/KingOfBugBountyTips#scan-log4j-using- -and-log4j-scan\nhttps://medium.com/hacking-info-sec/how-to-install-and-use-bbrf-35f6aa15fbc9\n\nhttps://github.com/Excloudx6/Guide-to-SSRF\nhttps://github.com/alphaSeclab/sec-daily-2020\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png\nhttps://github.com/topics/bugbounty\nhttps://gist.github.com/R0X4R/bc08d55e368965f22c0b41ee8475ba87\nSSRF\nhttps://cheatsheetseries.owasp.org/assets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet_SSRF_Big.pdf\nNmap\nhttps://github.com/killswitch-GUI/PenTesting-Scripts/blob/master/Nmap-Strings\nhttps://www.bugcrowd.com/blog/getting-started-bug-bounty-hunter-methodology/\nhttps://github.com/SmeegeSec/Security_Headers_Nmap_Parser\n\nssh bruting\n A simple multi-threaded distributed SSH brute-forcing tool written in Python  https://github.com/k4yt3x/orbitaldump\nhttps://github.com/d3vilbug/Brutal_SSH\n\nxsshunter\nhttps://github.com/mystech7/xsshunter - duplicate within 15 min check added\n\nhttps://gosecure.github.io/security-cheat-sheet/\n\n\nhttps://twitter.com/e11i0t_4lders0n/status/1489234267687497735\nhttps://snyk.io/log4j-vulnerability-resources/\n\n\n\nhttps://gist.github.com/sminez/571bd7bafb1b88630b85c85a0cd66e3a - grep through this\ntry\nhttps://github.com/arjunshibu/gcmd\n\nhttps://splash.readthedocs.io/en/stable/scripting-tutorial.html#scripting-tutorial\nhttps://github.com/phlmox\n\nRecon\n  https://github.com/Viralmaniar/BigBountyRecon\nhttps://www.kitploit.com/2021/10/webdiscover-purpose-of-this-script-is.html\nhttps://www.cobalt.io/blog/scope-based-recon-smart-recon-tactics\n\nChecklists\nhttps://gist.github.com/jhaddix/6b777fb004768b388fefadf9175982ab\nhttps://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf\nhttps://blog.assetnote.io/2021/01/13/blind-ssrf-chains/\nhttps://gist.github.com/pdelteil/ba005609789ae14862f023da4191826d\nhttps://github.com/rails/rails/issues/37620\nSUBDOMAIN TAKEOVERS\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://www.udemy.com/course/cloud-hacking/learn/lecture/8613164?start=0#overview\nhttps://github.com/indianajson/can-i-take-over-dns\n\n\nhttps://scotthelme.co.uk/top-1-million-analysis-march-2020/\n\nFINISH Watching - https://www.youtube.com/watch?v=12gtkYbMGd4&amp;t=362s\nHARSHBROTHA - https://www.youtube.com/watch?v=UrdvDCb4Gz8\nNOTIFY - https://www.youtube.com/watch?v=rbr7ZmBI9qs\nHandle your data carefully https://www.y\noutube.com/watch?v=rbr7ZmBI9qs\n\nUserAgents\nhttps://github.com/Shaked/user-agents\nhttps://github.com/BbhunterOne/ReconChef/blob/main/recon.sh#L82\n\nScreenshots\nhttps://github.com/spatie/browsershot\n# https://github.com/maaaaz/webscreenshot\nhttps://random-robbie.github.io/bugbounty-scans/\nhttps://buaq.net/go-99375.html\nhttps://stackoverflow.com/questions/5258977/are-http-headers-case-sensitive?rq=1\n\ncheatsheets\nhttps://0xn3va.gitbook.io/cheat-sheets/\nhttps://0xn3va.gitbook.io/cheat-sheets/web-application/http-request-smuggling\n   _   _   _   _   _   _   _   _   _   _  \n  / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ / \\ \n ( F | R | A | M | E | W | O | R | K | S )\n  \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \\_/ \n\n+ ------ +\n |Articles|\n + ------ +\n\n* E.crack jwt - https://github.com/brendan-rius/c-jwt-cracker\n\nhttps://github.com/SecureAuthCorp/impacket\nNeo4j vs postgres (graphdb)\nhttps://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/\n\nAutomation script \nhttps://www.benteveo.kiwi/blog/automating-bug-bounties\nhttps://github.com/AlexisAhmed/BugBountyToolkit &lt;-- docker \nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n\n\nSecret\nhttps://www.directdefense.com/csrf-in-the-age-of-json/\n\nhttps://buaq.net/go-249.html\n\nIntentionally Vulnerable Github repo\nhttps://github.com/shifa123/githubleak\n\nhttps://wiki.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contentsfff\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\nhttps://www.udemy.com/course/web-application-ethical-hacking/learn/lecture/3305350?start=0#overview\n\n## BugBounty Programs\n---\nhttps://huntr.dev/\nhttps://www.zerodayinitiative.com/\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\n\nTatget crypto https://arlolra.github.io/otr/\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\nTodo:\nhttps://boards.greenhouse.io/cobaltio/jobs/4141074002 &lt;--- solve challenge\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n\n\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n[SSTI-XSS-Finder](https://github.com/darklotuskdb/SSTI-XSS-Finder)\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass OpenRedirects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\nXXE\nhttps://book.hacktricks.xyz/pentesting-web/xxe-xee-xml-external-entity\nhttps://app.intigriti.com/programs/dpgm/libelle/detail\nhttps://web-in-security.blogspot.com/2016/03/xxe-cheat-sheet.html\nhttps://twitter.com/infosec_au/status/1340785029899698181?lang=en\nhttps://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\nUnderstanding DTD-&lt; https://web-in-security.blogspot.com/2014/11/detecting-and-exploiting-xxe-in-saml.html\n\n\n## Owasp Top 10\n---\nhttps://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/WhatsNew.html\n### Clickjacking\nhttps://lcamtuf.blogspot.com/2011/12/x-frame-options-or-solving-wrong.html\nhttps://blog.innerht.ml/page/2/\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n\n\nParams\nConfig override using non-validated query parameter allows at least reflected XSS by injecting configuration into state \nhttps://hackerone.com/reports/1082847\n\nFuzzcon &amp; fuzzung\nhttps://twitter.com/hashtag/hacklu?src=hashtag_click\nhttps://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Fuzzing.md\n\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\nProtips and Trips\nMost of the sites use AWS nowadays...\n  AWS localhost is 169.254.169.2qqqd eede                                   4bs.com/2017/02/wallpaper-penetration-testing-and-exploit-dev-cheatsheet/\n\nhttps://githubhelp.com/topic/bugbountytips\n\n\nGithubs\nhttps://github.com/kleiton0x00?tab=stars\nhttps://github.com/fuzz-security\n\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\n\n### Twitter Tweetin'\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\nBugcrowd Subdomain Enumeration https://www.youtube.com/watch?v=La3iWKRX-tE\n\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\n\n\n\nhttps://github.com/detectify/cs-challenge\nhttps://github.com/r3curs1v3-pr0xy\n\nhttps://notsosecure.com/resources\nhttps://reconshell.com/bug-bounty-tips/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Subdomains%20Enumeration.md\n[Insecure Deserialization Part 1](https://www.youtube.com/watch?v=SNi7gNkfLSM)\n[Insecure Deserialization part 3](https://www.youtube.com/watch?v=icAKHE-iKOs)\n\nhttps://secoceans.com/blog-2/\nhttps://portswigger.net/research\nhttps://portswigger.net/blog\nhttps://portswigger.net/news\nhttps://portswigger.net/daily-swig\n\n\ncourses\nhttps://www.udemy.com/course/penetration-testing-bug-bounty-hunting-level-2-hacktify/\n\n\n\n\nhttps://spongebhav.medium.com/facebook-group-members-disclosure-e53eb83df39e\nhttps://github.com/six2dez/talks/blob/main/Gotta_ENG.pdf\n\n\n\npackets\nhttps://www.kitploit.com/2018/08/polymorph-real-time-network-packet.html\n\n\nAutomation\nhttps://gowthams.gitbook.io/bughunter-handbook/automation\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n\n\n\nhttps://pentestbook.six2dez.com/\nhttps://github.com/m4ll0k\nhttps://github.com/six2dez\nhttps://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter\nhttps://github.com/shifa123\n\nWriteups\n\n\n## BugBounty Programs\n---\n\nhttps://greedybucks.medium.com/bug-bounty-programs-beginners-should-try-fe51cebe52a5\nhttps://opensourcelibs.com/lib/google-acquisitions\nhttps://opensourcelibs.com/libs/bugbounty\nList of .gov\nhttps://github.com/cisagov/dotgov-data\n[FireBounty](https://firebounty.com) The Ultimate Vulnerability Disclosure Program. FireBounty, aggregate your bounty.\n[Disclose.io](https://disclose.io/programs/) We're here to make vulnerability disclosure safe, simple, and standardized for everyone.\n[Security Ninja txt valuess list](https://crawler.ninja/files/security-txt-values.txt)\n[Security Ninja Files List](https://crawler.ninja/files/)\n\nhttps://allabouttesting.org/\n\n\nCheatSheets\nhttps://github.com/six2dez/bitup2021_subdominions/blob/main/Cheatsheet.md\n\n### Z\n\nZap\nhttps://github.com/sepehrdaddev/zap-scripts/fork\nhttps://www.zaproxy.org/authors/thorin/\nhttps://github.com/zaproxy/zap-extensions\n\n\n\nFrameworks\nhttps://core.intrigue.io/\nReconness\nPwnmachine\naxiom\nhttps://www.mandiant.com/\nhttps://trickest.com/\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\nAutomated Scanners\n\n* [Zeus-Scanner](https://github.com/Ekultek/Zeus-Scanner)\n* [Dalfox](https://github.com/hahwul/dalfox)\n* [XSSTrike](https://github.com/s0md3v/XSStrike)\n* [SSTI-xssfinder](https://awesomeopensource.com/project/darklotuskdb/SSTI-XSS-Finder?categoryPage=47)\n\n\n\nhttps://github.com/darklotuskdb/SSTI-XSS-Finder\n  * [Learn with @DarkLotusKDB: Recon with Shodan &amp; Spyse,XSS, Bypass Op enRed irects, SSRF, BugBunty Bot!!!](https://www.youtube.com/watch?v=66HqaFCF4Kk)\n  * https://twitter.com/0xJin/status/1470748925963513863\n  * https://twitter.com/0xJin/status/1470748925963513863/photo/1\n\n\n## Owasp Top 10\n---\n\n### Clickjacking\nhttps://hackerone.com/reports/8724\n\n### CSRF\n    * https://hackerone.com/reports/44146\n   - 7-19-16 \n     * [CSRF attack on paypal.me](https://www.youtube.com/watch?v=RjS47ojRQXk&amp;t=5s)\n     * https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack/\n   - 01-18-15 https://hackerone.com/reports/44146(Make API calls on behalf of another user (CSRF protection bypass))\n### XSS\n\nPaid Services\nhttps://findomain.app/#Pricing\n\n## Resources\n---\n[Automated subdomain scanning with Findomain, PostgreSQL and Webhooks](https://medium.com/heck-the-packet/automated-subdomain-scanning-with-findomain-postgresql-and-webhooks-3e74ce9b5372)\n How to view someones IP address and connection speed! https://www.youtube.com/watch?v=SXmv8quf_xM\nRecoon \neiIaaefwaaa m\nk\n- https://kathan19.gitbook.io/howtohunt/sensitive-info-leaks/shodan_cve_dorks\n\n[PrettyRecon](https://prettyrecon.com/auth/signup)\n\n### Dorks\nhttps://ask.fm/tags/bounty\n\n### Lists\nhttps://github.com/payloadbox/xss-payload-list\n\n### Githubs\n---\n\n  - [Book of secret knowledge](https://github.com/ruevaughn/the-book-of-secret-knowledge)\n  - [Disclose/diodb](https://github.com/disclose/diodb)\n  -\n\nActive Directory\nPenttesting Active Directory https://www.xmind.net/m/5dypm8/a\nhttps://adsecurity.org/\n\n### Streams\n[Nehamsec Twitch](https://www.twitch.tv/nahamsec)\nLive Bug Bounty Hunting Speedbiker https://www.youtube.com/watch?v=9W94AKLc5g8\nWatch Live [Current] https://www.youtube.com/c/Ch1R0n1n\n### Twitter Tweetin'\nhttps://twitter.com/samwcyo/status/1529888063576584202\nhttps://twitter.com/sshell_\nhttps://mobile.twitter.com/TechnoTimLive Devops tweets\nhttps://mobile.twitter.com/drunkrhin0/status/1344130729320435712\nhttps://twitter.com/0xMstar/status/1464658472981565444{{\nhttps://twitter.com/0xJin/status/1470748925963513863\n\npodcasts\nhttps://open.spotify.com/episode/2VaH6DgbghMEiaimqdxq4Q\n### Data\n---\n\n* [Disclose.io - program List Data](https://raw.githubusercontent.com/disclose/diodb/master/program-list.json)\n\nCVE-2019-11510 Detail \n/dana-na\n\n## CVE/CVD\n---\n\nCVE [2020-3452](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter)xx\n\n- https://vuls.cert.org/confluence/display/CVD/Executive+Summary\n- https://vuls.cert.org/confluence/display/CVD/Sightings\n\n\nhttps://kathan19.gitbook.io/howtohunt/subdomain-takeover/easy_methods\nhttps://opensourcelibs.com/lib/google-acquisitions\n\n\n\nReverse shells\nhttps://github.com/wwkenwong/Pentest-note\n\nhttps://github.com/tehryanx?tab=repositories\nhttps://github.com/sawzeeyy/Sanitiz3r\nhttps://buaq.net/go-249.html\n\n\n\n s\n\n(https://github.com/Findomain/Findomain/releases)\n*   [Configuing Findomain](https://www.youtube.com/watch?v=Wpm2C1LD9ns)\n*   https://github.com/findomain/findomain/blob/master/README.md#subdomains-monitoring\n\n\nhttps://github.com/D35m0nd142/LFISuite\n\nhttps://hub.docker.com/u/secsi\ntips\n\n\n\n\nWig\nhttps://linuxsecurity.expert/tools/wig/\nxxxzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzx\u03a9xxxxxxxxxxx\u2248\u2248\nBlindElephant\nhttps://linuxsecurity.expert/tools/blindelephant/alternatives/\n\n\nhttps://ronak-9889.medium.com/denial-of-service-using-cookie-bombing-55c2d0ef808c\n\nIOT\n                https://www.youtube.com/watch?v=AKoyZLibIeo  ", "creation_timestamp": "2026-07-10T00:21:33.129193Z"}