One Liner XSS Bug Bounty
Massive XSS Scanning with One Linier Prompt: Pre-requirements 1. Golang 2. Gau (Get All URL) 3. Uro (delete duplicate site) 4. Dalfox (XSS Scanner) Installation […]
One Tool For All Bug Bounty Recon
Sudomy serves as a subdomain enumeration tool designed to gather subdomains and analyze domains through advanced automated reconnaissance framework. Additionally, useful for OSINT (Open-source intelligence) […]
How to Discover Sensitive Endpoints, Files, Data, Folders Bug Bounty
All bughunters want to find a P1 bug. But P1 bugs are not easy to find! Is that a true approach? I belive that if […]
Free Linux Security Courses
Studying Linux? Study Linux Security! 3 free Linux security training courses you can take right now. https://lnkd.in/dZ_eeSsM Linux Server Management and Securityhttps://lnkd.in/d2pUabQ4 Introduction to Linux […]
Bug Bounty Hint- Google Dork
Bug Bounty Hint! You can try following Google Dork to find Open Redirect or XSS endpoints Site:*.example.com inurl:return return_to return_uri redirect redirect_to redirect_uri page site […]
10 Websites That Will Help You Learn Linux Faster (they are all free)
As Bug Bounter, do we have enough knowledge about Linux? If the answer is “NO” you absoulty not a good Bug Hunter. Remember all roads […]
The best Pentest Lab for practice.
Are you looking for a platform to practice hacking? Here you go → Tryhackme → Hackthebox → Pentester Lab → tcm-security → Vulnhub → Offensive […]
SSRF Parameters For Bug Bounty
1.?host=2.?redirect=3.?uri=4.?path=5.?continue=6.?url=7.?window=8.?next=9.?data=10.?image-source=11.?n=12.?to=13.?follow=14.?u=15.?go=16.?fetch=17.?source=18.?img-src= To apply this, use BurpSuite then intercept a request then send a request to spider because visitining all the page and finally go to […]
Tips for HTTPX-How to Use HTTPX Tool Like a Master
1- Standard use httpx can be used with a target list or piped with other tools: $ httpx -list subdomains.txt $ subfinder -d ups[.]com | […]
Secrets of Automation-Kings in Bug Bounty by Jason Haddix
A thread🧵 💸Secrets of automation-kings in bug bounty💸 Finding 1day (or 1month) web exploits that haven’t made their into scanners yet can make you big […]