Author name: Vivek Pandit

Top Bug Bounty Tools

The Top Bug Bounty Tools for Finding Vulnerabilities

Leave a Comment / The Art of Bug Bounty Hunting: A Comprehensive Guide / By

Table Of Content : Wordlists Google Cloud Storage Digital Ocean Command Injection XSS ΑΡΙ AWS 53 Bucket Inspecting JS Files Code Audit Frameworks Subdomain Enumeration Port Scanning Screenshots Technologies Content Discovery Links Parameters Fuzzing CORS Misconfiguration CRLF Injection CSRF Injection Directory Traversal File Inclusion GraphQL Injection Header Injection Insecure Deserialization Insecure Direct Object References Open …

The Top Bug Bounty Tools for Finding Vulnerabilities Read More »

The Most Impressive Bug Bounty Writeups

Bugs Exposed: The Most Impressive Bug Bounty Writeups

Leave a Comment / The Art of Bug Bounty Hunting: A Comprehensive Guide / By

Discover the most impressive bug bounty writeups from skilled cybersecurity researchers who have identified and disclosed vulnerabilities in diverse applications and systems. Explore their innovative techniques, strategies, and insights to improve your own cybersecurity skills and knowledge. Unlock the secrets of website reconnaissance with our comprehensive course for just $1.20 / Rs. 99 ! Unleash …

Bugs Exposed: The Most Impressive Bug Bounty Writeups Read More »

Expert Advice on Tracking Down Fugitives

Bounty Hunters’ Tips and Tricks: Expert Advice on Tracking Down Fugitives

Leave a Comment / The Art of Bug Bounty Hunting: A Comprehensive Guide / By

1. Tips For Finding Open Redirect Open redirect is probably one of the most common vulnerabilities in modern websites. Here, we are going to some some tips and tricks to find open redirect. https://example.com/dir -> [ 200 ] Here in the above example you can see that it is normal http request with status code …

Bounty Hunters’ Tips and Tricks: Expert Advice on Tracking Down Fugitives Read More »

Yellow & Black Colour Bold Quote Instagram Post

Mastering OAuth 2.0 Vulnerability: Essential Resources for Securing Your Applications

The Art of Bug Bounty Hunting: A Comprehensive Guide / By

Mastering OAuth 2.0 Vulnerability: Essential Resources for Securing Your Applications OAuth 2.0 Resources :👇 https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0 https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1 https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/ https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56 https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567 https://hackerone.com/reports/49759 https://hackerone.com/reports/131202 https://hackerone.com/reports/6017 https://hackerone.com/reports/7900 https://hackerone.com/reports/244958 https://hackerone.com/reports/405100 https://ysamm.com/?p=379 https://amolbaikar.com/facebook-oauth-framework-vulnerability/ https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9 https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295 https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74 http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5 https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893 Thanks You For Reading this 🙏 Hope You’ll like 👍 it

top 10 firefox addons for hackers

Top 10 Firefox Add-ons Every Pentester Needs to Have

The Art of Bug Bounty Hunting: A Comprehensive Guide / By

1. HackTools Hacktools is a game-changing web extension that simplifies and streamlines your web application penetration testing. With cheat sheets and an extensive array of testing tools at your fingertips, Hacktools is your one-stop-shop for XSS payloads, reverse shells, and much more. Maximize your testing efficiency and accuracy with this indispensable tool. Get started with …

Top 10 Firefox Add-ons Every Pentester Needs to Have Read More »

Understanding HTTP Response and Request: A Comprehensive Guide

Understanding HTTP Response and Request: A Comprehensive Guide

The Art of Bug Bounty Hunting: A Comprehensive Guide / By

An HTTP request is the message a client sends to the server in order to get some information or execute some action. It has two parts separated by a blank line: the header and body. The header contains all of the information related to the request itself, response expected, cookies, and other relevant control information, …

Understanding HTTP Response and Request: A Comprehensive Guide Read More »

Top OSCP Resources

Top OSCP Resources: Links to Help You Prepare for Your Penetration Testing Journey

Leave a Comment / Uncategorized / By

Useful OSCP Links   OSCP Syllabus:  https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/  Windows Privilege Escalation:  http://www.fuzzysecurity.com/tutorials/16.htmlhttps://pentest.blog/windows-privilege-escalation-methods-for-pentesters/http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.htmlhttps://toshellandback.com/2015/11/24/ms-priv-esc/  Windows Post Exploitation:  http://www.handgrep.se/repository/cheatsheets/postexploitation/WindowsPost-Exploitation.pdfMubix: https://docs.google.com/document/d/1U10isynOpQtrIK6ChuReu-K1WHTJm4fgG3joiuz43rw/edit?hl=en_US  Linux Privilege Escalation:  https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/https://speakerdeck.com/knaps/escape-from-shellcatraz-breaking-out-of-restricted-unix-shells  Linux Post Exploitation:  https://n0where.net/linux-post-exploitation/Mubix: https://docs.google.com/document/d/1ObQB6hmVvRPCgPTRZM5NMH034VDM- 1N-EWPRz2770K4/edit?hl=en_US   Metasploit  https://www.offensive-security.com/metasploit-unleashed/http://www.securitytube.net/groups?operation=view&groupId=8Postex: https://docs.google.com/document/d/1ZrDJMQkrp_YbU_9Ni9wMNF2m3nIPEA_kekq  Pivoting:  https://pentest.blog/explore-hidden-networks-with-double-pivoting/http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/  OSCP Reviews:  https://localhost.exposed/path-to-oscp/http://www.en-lightn.com/?p=941http://www.securitysift.com/offsec-pwb-oscp/https://blog.g0tmi1k.com/2011/07/pentesting-with-backtrack-pwb/http://www.jasonbernier.com/oscp-review/https://n3ko1.github.io/certification/2015/05/27/oscp—offensive-security-certified-professional/  Precompiled Exploits:  https://github.com/offensive-security/exploit-database-bin-sploits  Some of best courses recommended by us to boost your career … Unleashing the Power of Linux …

Top OSCP Resources: Links to Help You Prepare for Your Penetration Testing Journey Read More »

Learn how SSH works

Securely Connecting to Your Server: A Beginner’s Guide on How SSH Works

Leave a Comment / Uncategorized / By

Imagine that you wrote a letter to your girlfriend and And now you want to send it. And now what if your girlfriend’s father intercepts and reads your message. Now it is the time for SSH. SSH (Secure Socket Shell) is a network protocol that allows us to access and communicate with remote computers over …

Securely Connecting to Your Server: A Beginner’s Guide on How SSH Works Read More »

Capture Your Code: A Beginner's Guide to Taking Screenshots in Python

Capture Your Code: A Beginner’s Guide to Taking Screenshots in Python

Leave a Comment / Python Projects for Beginners: Practice Coding and Boost Your Skills / By

You can take a screenshot with Python. Python has a library called pyautogui, which is an automation tool. Install the library using pip: pip install pyautogui Below, we use pyautogui to take the screenshot. We then save the image and convert it from RGB to BGR using cv2 and numpy. We convert the image so …

Capture Your Code: A Beginner’s Guide to Taking Screenshots in Python Read More »

Scroll to Top
www.thecyberblogs.com