Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guide
Bug bounty programs and penetration testing (pentesting) are popular ways for ethical hackers to make money while helping companies enhanceβ¦
β€14π2
β‘οΈTiny-XSS-Payloads - A collection of tiny XSS Payloads that can be used in different contexts.
β tinyxss.terjanq.me
#xss #BugBounty #CyberSecurity
β tinyxss.terjanq.me
#xss #BugBounty #CyberSecurity
π11
β‘You can use #httpx to request any path and see the status code and other details on the go, filter, or matcher flags if you want to be more specific.
β httpx -path /swagger-api/ -status-code -content-length
β httpx -path /swagger-api/ -status-code -content-length
π16π₯6β€1
Fuxploider: a free tool for finding and exploiting flaws in file upload forms. It spots allowed file types and finds out the best way to upload malicious files onto a website.
https://t.co/uP1HxJIdpC
https://t.co/uP1HxJIdpC
β€7π4
Using theHarvester with the Netlas Module π
In our latest article, we demonstrate how to leverage the theHarvester framework integrated with Netlas to efficiently discover subdomains.
π Read now: https://netlas.io/blog/theharvester_and_netlas/
In our latest article, we demonstrate how to leverage the theHarvester framework integrated with Netlas to efficiently discover subdomains.
π Read now: https://netlas.io/blog/theharvester_and_netlas/
netlas.io
Using theHarvester with Netlas - Netlas Blog
In this article we will look at using theHarvester tool to find subdomains with the Netlas integration.
β€5π3
π Free Tool for Finding Open S3 Buckets and Files
π― Purpose:Search for open Amazon S3 buckets and locate potentially interesting files efficiently.
β Tool Links:
Explore Open S3 Buckets: https://buckets.grayhatwarfare.com
π Why This is Useful:Helps identify misconfigured S3 buckets.
Uncover sensitive data or files accidentally exposed to the public.
π― Purpose:Search for open Amazon S3 buckets and locate potentially interesting files efficiently.
β Tool Links:
Explore Open S3 Buckets: https://buckets.grayhatwarfare.com
π Why This is Useful:Helps identify misconfigured S3 buckets.
Uncover sensitive data or files accidentally exposed to the public.
β€10π3π₯2
π Happy New Year, Brut Fam! π
2024 was incredibleβtogether, we shared 1,500+ resources and grew to an 8.5K+ community! Your support makes it all worthwhile.
πͺ
If youβve found value in this journey, you can support me with a β: https://buymeacoffee.com/brutsecurity
Wishing you a safe, successful, and prosperous 2025! Letβs make it even bigger and better! π
2024 was incredibleβtogether, we shared 1,500+ resources and grew to an 8.5K+ community! Your support makes it all worthwhile.
πͺ
If youβve found value in this journey, you can support me with a β: https://buymeacoffee.com/brutsecurity
Wishing you a safe, successful, and prosperous 2025! Letβs make it even bigger and better! π
β€14π₯3π€1
π1
β‘οΈSqliSniper: Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
β https://github.com/danialhalo/SqliSniper
β https://github.com/danialhalo/SqliSniper
π8β€5
Learn from a proven bug hunter with extensive experience on platforms like Bugcrowd, HackerOne, and Immunefi.
Harsh D Ranjan is a recognized expert in bug bounty programs with verified profiles:
β’ Bugcrowd
β’ HackerOne
β’ Immunefi
β’ In-depth exploration of bug bounty methodologies
β’ Practical guidance for platforms like Bugcrowd, HackerOne, and Immunefi
β’ Real-world examples of impactful vulnerability reports
β’ Hands-on practice to prepare you for live bug bounty programs
π Class Timings: Tuesday & Wednesday, 3:00β5:00 PM IST
π Duration: 2β3 months
π₯ Max Slots: 10 participants per batch
π DM on WhatsApp to Book Your Slot: https://wa.link/7j7p6g
β’ Direct mentorship from an experienced bug hunter
β’ Small class size for personalized attention
β’ Gain skills for earning through bug bounty programs
Please open Telegram to view this post
VIEW IN TELEGRAM
1π₯5β€1π1πΏ1
β‘οΈWant to download 100+ Bug Bounty Tips collected from X?
β Download the PDF from here - https://t.iss.one/brutsecurity/767
#BugBounty #bugbountytips
β Download the PDF from here - https://t.iss.one/brutsecurity/767
#BugBounty #bugbountytips
π7π₯3
β‘οΈGoSearch - OSINT tool for searching people's digital footprint and leaked passwords across various social networks, written in Go.
β https://github.com/ibnaleem/gosearch
#bugbounty #bugbountytips #cybersecurity
β https://github.com/ibnaleem/gosearch
#bugbounty #bugbountytips #cybersecurity
π8β€4π₯2
π On-Site Request Forgery (OSRF): An Overview
π¨On-Site Request Forgery (OSRF) is a lesser-known but impactful vulnerability similar to Cross-Site Request Forgery (CSRF). While both involve unauthorized actions performed on behalf of an authenticated user, the fundamental distinction lies in the request origin.
- CSRF: The attacker initiates requests from their controlled domain to exploit a victim's authenticated session.
- OSRF: The requests originate from the vulnerable application itself, and the attacker controls where the requests are directed.
---
π Where to Find OSRF Vulnerabilities
1. Reflected Inputs in
Look for inputs that can be reflected in attributes like
π If the input can be manipulated, it may allow the attacker to direct requests to their desired endpoints.
2. Sensitive Endpoints Using the GET Method
Endpoints performing sensitive actions with GET requests are prime targets for OSRF. For example:
If such endpoints exist and can be controlled via reflected input, they may be exploited for OSRF.
β οΈ Best Practices for Prevention
1. Avoid GET Methods for Sensitive Actions
Use POST methods for actions involving sensitive changes, as they require more intentional execution.
2. Validate and Sanitize Inputs
Ensure all user inputs, especially those reflected in attributes like
3. Implement Content Security Policies (CSP)
CSPs can limit where resources like images or iframes can be loaded from, reducing the risk of external request manipulation.
4. Monitor and Audit Application Behavior
Regularly test your application for unusual or unintended request behaviors to identify vulnerabilities early.
This additional layer of security awareness helps ensure OSRF vulnerabilities are addressed alongside CSRF for a more robust application defense.
Learn More: https://github.com/daffainfo/AllAboutBugBounty/blob/master/On%20Site%20Request%20Forgery.md
π¨On-Site Request Forgery (OSRF) is a lesser-known but impactful vulnerability similar to Cross-Site Request Forgery (CSRF). While both involve unauthorized actions performed on behalf of an authenticated user, the fundamental distinction lies in the request origin.
- CSRF: The attacker initiates requests from their controlled domain to exploit a victim's authenticated session.
- OSRF: The requests originate from the vulnerable application itself, and the attacker controls where the requests are directed.
---
π Where to Find OSRF Vulnerabilities
1. Reflected Inputs in
src Attributes Look for inputs that can be reflected in attributes like
src. Example vulnerable tags: html
<img src="OUR_INPUT_HERE">
<video width="400" height="200" controls src="OUR_INPUT_HERE">
<audio src="OUR_INPUT_HERE">
<iframe src="OUR_INPUT_HERE">
π If the input can be manipulated, it may allow the attacker to direct requests to their desired endpoints.
2. Sensitive Endpoints Using the GET Method
Endpoints performing sensitive actions with GET requests are prime targets for OSRF. For example:
GET /settings.php?remove_account=1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0
If such endpoints exist and can be controlled via reflected input, they may be exploited for OSRF.
β οΈ Best Practices for Prevention
1. Avoid GET Methods for Sensitive Actions
Use POST methods for actions involving sensitive changes, as they require more intentional execution.
2. Validate and Sanitize Inputs
Ensure all user inputs, especially those reflected in attributes like
src, are properly validated and sanitized. 3. Implement Content Security Policies (CSP)
CSPs can limit where resources like images or iframes can be loaded from, reducing the risk of external request manipulation.
4. Monitor and Audit Application Behavior
Regularly test your application for unusual or unintended request behaviors to identify vulnerabilities early.
This additional layer of security awareness helps ensure OSRF vulnerabilities are addressed alongside CSRF for a more robust application defense.
Learn More: https://github.com/daffainfo/AllAboutBugBounty/blob/master/On%20Site%20Request%20Forgery.md
GitHub
AllAboutBugBounty/On Site Request Forgery.md at master Β· daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc) - daffainfo/AllAboutBugBounty
π8β€3π₯1
Please open Telegram to view this post
VIEW IN TELEGRAM
π10β€4