We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br>
8
8
9
-
## Current Version: 2020.08
9
+
If you are interested in learning about top bug bounty hunters in the community check out my [Live Recon VODs](https://www.youtube.com/playlist?list=PLKAaMVNxvLmAkqBkzFaOxqs3L66z2n8LA).
10
+
## Current Version: 2020.12
10
11
11
-
[Changelog: See what's new!](/assets/changelog.md) 📣
12
12
13
13
---
14
14
## Table of Contents
skipped 2 lines
17
17
- [Setup](/assets/setup.md)
18
18
- [Tools](/assets/tools.md)
19
19
- [Labs & Testing Environments](/assets/labs.md)
20
+
- [Talks](/assets/talks.md)
20
21
- [Vulnerability Types](/assets/vulns.md)
21
22
- [Mobile Hacking](/assets/mobile.md)
22
23
- [Smart Contracts](/assets/smartcon.md)
skipped 5 lines
28
29
- [Mindset & Mental Health](/assets/health.md)
29
30
30
31
---
31
-
If you have more questions or suggestions, check our [NahamSec's Discord](https://discord.gg/9jZxjQ5)!<br>
32
+
If you have more questions or suggestions, check out [NahamSec's Discord](https://discord.gg/9jZxjQ5)!<br>
32
33
Also, feel free to check out the other resources:
33
-
- Nahamsec on [YouTube](https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw) and on [Twitch](https://www.twitch.tv/nahamsec)
34
+
- Nahamsec on [YouTube](https://www.youtube.com/NahamSec) and on [Twitch](https://www.twitch.tv/nahamsec)
- [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross)
17
18
- "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues."
18
19
19
20
### HTTP basics
20
21
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
21
-
- All in one resource:https://www.hacker101.com/sessions/web_in_depth
22
+
- [All in one resource](https://www.hacker101.com/sessions/web_in_depth)
Recon is a common terminology used in bug bounties. It’s great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work.
- [What is an IP?](https://commotionwireless.net/docs/cck/networking/learn-networking-basics/)
40
+
- [What are ports?](https://www.utilizewindows.com/list-of-common-network-port-numbers/)
41
+
- [What is DNS?](https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records--cms-24704)
42
+
- [Intermediate Security Testing with Kali Linux 2](http://www.penguintutor.com/linux/basic-network-reference)
51
43
- [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
52
44
53
45
54
46
### Programming Basics
55
47
Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical.
56
-
57
-
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step.
58
-
If you prefer an interactive tool to learn about Javascript, I highly recommend Codecademy!
59
-
https://www.codecademy.com/learn/learn-html
60
-
https://www.w3schools.com/html/
61
-
62
-
- JavaScript: Once you have familiarized yourself with HTML, you should understand Javascript since you will be using it to exploit XSS vulnerabilities. The usage of Javascript isn’t just limited to when you are exploring XSS, so it’s a very handy programming language to know.
63
-
If you prefer an interactive tool to learn about Javascript, I highly recommend Codecademy! https://www.codecademy.com/learn/introduction-to-javascript
64
-
48
+
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step. If you prefer an interactive tool to learn about JavaScript, I highly recommend [Codecademy](http://ssqt.co/mQfH8zl) or [W3Schools](https://www.w3schools.com/html/)!
49
+
- JavaScript: Once you have familiarized yourself with HTML, you should understand JavaScript since you will be using it to exploit XSS vulnerabilities. The usage of JavaScript isn’t just limited to when you are exploring XSS, so it’s a very handy programming language to know.
50
+
If you prefer an interactive tool to learn about JavaScript, I highly recommend [CodeCademy](http://ssqt.co/mQfH8zl)!
65
51
- SQL: You may have guessed It already, but you won’t be able to exploit complex SQL injection vulnerabilities before having any SQL knowledge.
66
-
As always, if you prefer an interactive course, feel free to use Codecademy!
52
+
As always, if you prefer an interactive course, feel free to use [CodeCademy](http://ssqt.co/mQfH8zl)!
If you are looking into getting started with Bug Bounties with a focus on web, I highly recommend learning the nuts and bolts of what make a website work.
77
+
78
+
- [Installing Apache, MySQL, PHP on Windows 10](https://codebriefly.com/how-to-setup-apache-php-mysql-on-windows-10/)
79
+
- [Installing Apache, MySQL, PHP on Ubuntu](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04)
80
+
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk)
81
+
82
+
After creating your own web server, I highly recommend installing a CMS (like Wordpress or drupal) on your localhost to understand how it all works.
83
+
84
+
### Linux Basics
85
+
- [Install WSL on Windows 10](https://ubuntu.com/wsl)
86
+
- [Basics Linux Commands](https://www.hostinger.com/tutorials/linux-commands)
87
+
- [How to use curl](https://flaviocopes.com/http-curl/)
- This free course teaches the absolute basics of Linux, hardware, networking, operating systems, and scripting. Designed to get a complete beginner over the first big learning hurdles and so they can move on to anything else and succeed.
- Here, you will find a range of teaching materials that have been developed by members of the Q-Step Centre. If you have any questions, please contact [email protected] or [email protected]. Details of Q-Step workshops and events can be found at https://socialsciences.exeter.ac.uk/q-step/events.
96
+
97
+
### Bug Bounty Basics
98
+
- [Bug bounty reports that stand out, how to write one?](https://thehackerish.com/bug-bounty-reports-that-stand-out-how-to-write-one/)
99
+
- [Bug Bounty Report Templates by @ZephrFish](https://github.com/ZephrFish/BugBountyTemplates/blob/master/Blank.md)
100
+
- [Hacker101- Writing Good Reports](https://www.youtube.com/watch?v=z60CFFFyZWE)
101
+
- [List of Bug Bounty Platforms](https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountyplatforms.md)
This page is designated to hosts blog posts on particular vulnerability and techniques that have led to a bounty. If you would like to learn more about specific vulnerability types, please visit [Vulnerability Types](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/assets/vulns.md)!
- [Basic Bug Bounty FAQ](http://blog.oath.ninja/basic-bug-bounty-faq/) - by [@thedawgyg](https://twitter.com/thedawgyg)
skipped 1 lines
31
55
- [WTF is a Bug Bounty?](https://www.ceos3c.com/hacking/ethical-hacking-diaries-1-wtf-is-a-bug-bounty/) - by ceos3c
32
56
- [How to Set up Certificate-Based SSH for Bug Hunting](https://medium.com/@c0ldbr3w/how-to-set-up-certificate-based-ssh-for-bug-hunting-bonus-ef4af95fca05) - by Mack Staples
33
57
- [XSS in Google Colaboratory + CSP bypass](https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html) by Michał Bentkowski
34
-
- [Zseano’s notes on hacking & mentoring](https://blog.intigriti.com/2020/04/29/bug-business-3-zseanos-notes-on-hacking-mentoring/) by Intigriti & Zseano
35
-
- [MY BUG BOUNTY JOURNEY!](https://www.youtube.com/watch?v=ug7FzoByLFc) by Farah Hawa
58
+
- [zseano’s notes on hacking & mentoring](https://blog.intigriti.com/2020/04/29/bug-business-3-zseanos-notes-on-hacking-mentoring/) by Intigriti & Zseano
59
+
36
60
## XSS
37
61
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
38
-
39
-
- [XSS on Google Search - Sanitizing HTML in The Client?](https://www.youtube.com/watch?v=lG7U3fuNw3A) - LiveOverflow
- [Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program](https://samcurry.net/cracking-my-windshield-and-earning-10000-on-the-tesla-bug-bounty-program/) - [Sam Curry](https://twitter.com/samwcyo)
42
63
- [Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty](https://medium.com/bugbountywriteup/effortlessly-finding-cross-site-script-inclusion-xssi-jsonp-for-bug-bounty-38ae0b9e5c8a) - [@th3_hidd3n_mist](https://twitter.com/th3_hidd3n_mist)
43
64
- [Microsoft Edge (Chromium) - EoP via XSS to Potential RCE](https://leucosite.com/Edge-Chromium-EoP-RCE/) - [@Qab](https://twitter.com/qab)
44
65
- [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh
- [How to solve the INTIGRITI Easter XSS challenge using only Chrome Devtools](https://www.youtube.com/watch?v=IhPsBMBDFcg) - by STÖK
47
67
- [Found Stored Cross-Site Scripting — What’s Next? — Privilege Escalation like a Boss](https://medium.com/bugbountywriteup/found-stored-cross-site-scripting-whats-next-privilege-escalation-like-a-boss-d-8fb9e606ce60) - by Harsh Bothra
48
68
- [Bypassing WAF to perform XSS](https://medium.com/bugbountywriteup/bypassing-waf-to-perform-xss-2d2f5a4367f3) - by Kleitonx00
49
-
69
+
- [Facebook DOM Based XSS using postMessage](https://ysamm.com/?p=493)
50
70
51
71
### DOM XSS
52
72
- [Persistent DOM-based XSS in https://help.twitter.com via localStorage](https://hackerone.com/reports/297968) - harisec
skipped 10 lines
63
83
- [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár
64
84
65
85
## SSRF
66
-
- [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019
67
86
- [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
87
+
- [Pivoting from blind SSRF to RCE with HashiCorp Consul](https://www.kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html)
68
88
- [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - Sayed Abdelhafiz
69
89
- [Piercing the Veal](https://medium.com/@d0nut/piercing-the-veal-short-stories-to-read-with-friends-4aa86d606fc5) - by d0nut
90
+
- [CVE-2020-13379 - Unauthenticated Full-Read SSRF in Grafana](https://rhynorater.github.io/CVE-2020-13379-Write-Up)
70
91
- [MY EXPENSE REPORT RESULTED IN A SERVER-SIDE REQUEST FORGERY (SSRF) ON LYFT](https://www.nahamsec.com/posts/my-expense-report-resulted-in-a-server-side-request-forgery-ssrf-on-lyft) - by nahamsec
71
-
72
-
73
-
## Vulnerability Scanning
74
-
- [NMAP For Vulnerability Discovery](https://www.peerlyst.com/posts/nmap-for-vulnerability-discovery-sachin-wagh) - Sachin Wagh
92
+
- [How I found SSRF on TheFacebook.com](https://w00troot.blogspot.com/2017/12/how-i-found-ssrf-on-thefacebookcom.html)
93
+
- [How I made $31500 by submitting a bug to Facebook](https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204)
94
+
- [A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!](https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf)
75
95
76
96
## Token / Authentication
77
97
- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal
78
98
- [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - Ananda Dhakal
- [NMAP For Vulnerability Discovery](https://www.peerlyst.com/posts/nmap-for-vulnerability-discovery-sachin-wagh) - Sachin Wagh
80
101
- [Subdomain Takeover to Authentication bypass](https://hackerone.com/reports/335330) - by geekboy
81
102
- [Ability to know the presence of a person in a private event even if the guest list is hidden.](https://bugreader.com/index.php?pageNav=vivekps143%40193) - by [Vivek PS](https://bugreader.com/vivekps143)
103
+
- [Zero-day in Sign in with Apple](https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/)
82
104
83
105
84
106
## SQL Injection
skipped 4 lines
89
111
- [Blind SQL Injection on windows10.hi-tech.mail.ru](https://hackerone.com/reports/786044) - Просто душка (api_0)
90
112
- [How to Hack Database Links in SQL Server!](https://blog.netspi.com/how-to-hack-database-links-in-sql-server/) - Antti Rantasaari
91
113
92
-
## Mobile
93
-
### iOS
94
-
- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - spaceraccoon
95
-
### Android
96
-
- [A deep dive into reversing Android pre-Installed apps](https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf) and the [BlackHat Talk](https://www.youtube.com/watch?v=U6qTcpCfuFc) - Maddie Stone
97
-
98
114
## HTTP Desync
99
115
- [HTTP Desync Attacks: Request Smuggling Reborn](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn) in combination with this [report](https://hackerone.com/reports/510152) - [James Kettle](https://twitter.com/albinowax)
100
116
- [HTTP Request Smuggling on vpn.lob.com](https://hackerone.com/reports/694604) - 0X0 (painreigns)
skipped 5 lines
106
122
- [A Tale of Exploitation in Spreadsheet File Conversions](https://buer.haus/2019/10/18/a-tale-of-exploitation-in-spreadsheet-file-conversions/) - [@bbuerhaus](https://twitter.com/bbuerhaus)//[@daeken](https://twitter.com/daeken)//[@erbbysam](https://twitter.com/erbbysam)//[@smiegles](https://twitter.com/smiegles)
107
123
- [External XML Entity via File Upload (SVG)](https://0xatul.github.io/posts/2020/02/external-xml-entity-via-file-upload-svg/) - by 0xatul
108
124
109
-
110
-
## Automation
111
-
- [Fasten your Recon process using Shell Scripting](https://medium.com/bugbountywriteup/fasten-your-recon-process-using-shell-scripting-359800905d2a) - Mohd Shibli
112
-
- [Beginner’s Guide to recon automation](https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb) - Ashish Jha
113
-
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - STÖK & Fisher
114
-
- [gitGraber: A tool to monitor GitHub in real-time to find sensitive data](https://blog.yeswehack.com/2019/10/08/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-data/) - by [@adrien_jeanneau](https://twitter.com/adrien_jeanneau) & [@R_Marot](https://twitter.com/R_marot)
115
-
116
-
## Buffer Overflow
117
-
- [Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty](https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/) - [Sam Curry](https://twitter.com/samwcyo)
118
-
- [Writing a Simple Buffer Overflow Exploit](https://www.youtube.com/watch?v=oS2O75H57qU) - LiveOverflow
119
-
120
125
## IDOR
121
126
- [Steal Earning of Airbnb hosts by Adding Bank Account/Payment Method](https://www.indoappsec.in/2019/12/airbnb-steal-earning-of-airbnb-hosts-by.html) - [Vijay Kumar ](https://twitter.com/IndoAppSec)
122
127
- [GraphQL IDOR leads to information disclosure](https://medium.com/@R0X4R/graphql-idor-leads-to-information-disclosure-175eb560170d) - [@R0X4R](https://twitter.com/R0X4R)
123
128
- [From Multiple IDORs leading to Code Execution on a different Host Container](https://www.rahulr.in/2019/10/idor-to-rce.html?m=1) - [@Rahul_R95](https://twitter.com/Rahul_R95)
124
129
- [Automating BURP to find IDORs](https://medium.com/cyberverse/automating-burp-to-find-idors-2b3dbe9fa0b8) - [Aditya Soni](https://medium.com/@hetroublemakr)
125
-
- [Another image removal vulnerability on Facebook](https://blog.darabi.me/2020/06/image-removal-vulnerability-on-facebook.html)-byPouya
130
+
- [Another image removal vulnerability on Facebook](https://blog.darabi.me/2020/06/image-removal-vulnerability-on-facebook.html)
131
+
- [Stealing Your Private YouTube Videos, One Frame at a Time](https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/)
126
132
127
133
## GraphQL
128
134
- [Private System Note Disclosure using GraphQL](https://hackerone.com/reports/633001) - Ron Chan
skipped 4 lines
133
139
- [My First RCE (Stressed Employee gets me 2x bounty)](https://medium.com/@abhishake100/my-first-rce-stressed-employee-gets-me-2x-bounty-c4879c277e37) - [Abhishek Yadav](https://medium.com/@abhishake100)
134
140
- [How dangerous is Request Splitting, a vulnerability in Golang or how we found the RCE in Portainer and hacked Uber](https://medium.com/@andrewaeva_55205/how-dangerous-is-request-splitting-a-vulnerability-in-golang-or-how-we-found-the-rce-in-portainer-7339ba24c871) - by Andrewaeva
135
141
136
-
## Recon
142
+
## Automation&Recon
143
+
- [How to: Recon & Content Discovery](https://www.hackerone.com/blog/how-to-recon-and-content-discovery)
137
144
- [Subdomain Recon Using Certificate Search Technique](https://www.r00tpgp.com/2020/01/subdomain-recon-using-certificate.html?m=0)
138
-
- [Notes about Nahamsecs Recon Sessions](https://mavericknerd.github.io/knowledgebase/nahamsec/recon_session_1/) - [maverickNerd](https://github.com/maverickNerd)
145
+
- [Notes about NahamSec's Recon Sessions](https://mavericknerd.github.io/knowledgebase/nahamsec/recon_session_1/) - [maverickNerd](https://github.com/maverickNerd)
139
146
- [10 Recon Tools For Bug Bounty](https://medium.com/@hackbotone/10-recon-tools-for-bug-bounty-bafa8a5961bd) - Anshuman Pattnaik
140
147
- [Recon: Create a methodology and start your subdomain enumeration](https://failednuke.info/2020/recon-create-a-methodology-and-start-your-subdomain-enumeration/) - by FailedNuke
141
148
- [THEY SEE ME SCANNIN’, THEY HATIN’: A BEGINNER’S GUIDE TO NMAP](https://securityqueens.co.uk/they-see-me-scannin-they-hatin-a-beginners-guide-to-nmap/) - by Sophia (https://twitter.com/SecQueens)
149
+
- [Fasten your Recon process using Shell Scripting](https://medium.com/bugbountywriteup/fasten-your-recon-process-using-shell-scripting-359800905d2a) - Mohd Shibli
150
+
- [Beginner’s Guide to recon automation](https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb) - Ashish Jha
151
+
- [gitGraber: A tool to monitor GitHub in real-time to find sensitive data](https://blog.yeswehack.com/2019/10/08/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-data/) - by [@adrien_jeanneau](https://twitter.com/adrien_jeanneau) & [@R_Marot](https://twitter.com/R_marot)
142
152
143
153
## Smart Contracts
144
154
- [Steal collateral during `end` process, by earning DSR interest after `flow](https://hackerone.com/reports/672664)(Listed as Business Logic Error)
skipped 1 lines
146
156
147
157
## API
148
158
- [31 Days of API Security Tips](https://github.com/smodnix/31-days-of-API-Security-Tips) - [smodnix](https://github.com/smodnix)
- [Hacking GitHub with Unicode's dotless 'i'](https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/)
skipped 2 lines
154
165
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
155
166
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
156
167
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
157
-
- [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) by [@leonishan_](https://twitter.com/leonishan_)
158
168
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) by [James Kettle](https://twitter.com/albinowax)
159
169
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) by Github
160
170
- [URL link spoofing (Slack)](https://hackerone.com/reports/481472) by Akaki Tsunoda (akaki)
161
171
- [Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts](https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts/) by Sam Curry
162
172
- [The Secret sauce of bug bounty](https://medium.com/bugbountywriteup/the-secret-sauce-of-bug-bounty-bdcc2e2d45af) by Mohamed Slamat
173
+
- [Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty](https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/) - [Sam Curry](https://twitter.com/samwcyo)
174
+
## Mobile
175
+
### iOS
176
+
- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - spaceraccoon
177
+
### Android
178
+
- [A deep dive into reversing Android pre-Installed apps](https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf) and the
- [CTFChallenge](https://ctfchallenge.co.uk) | Web CTF based on real vulnerabilities
13
+
- [XSS-Game](https://xss-game.appspot.com/) | Learning Platform for XSS
14
+
- [Hacksplaining](https://www.hacksplaining.com/)
15
+
16
+
17
+
#### Premium
18
+
- [Pentesterlab](https://pentesterlab.com/referral/olaL4k8btE8wqA) | Good Labs with a broad variety of Topics, some very good Web Application Exercises
19
+
- [BugBountyHunter](https://www.bugbountyhunter.com/) | Learn how to test for security vulnerabilities on web applications
20
+
21
+
#### Misc
22
+
- [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337
23
+
- [Will it CORS?](https://httptoolkit.tech/will-it-cors/) | Tell this magic CORS machine what you want, and it'll tell you exactly what to do
24
+
- [XSS Labs from PwnFunction](https://xss.pwnfunction.com/) Great Labs in a beautiful layout
Here you find listings to useful media creations that can help beginners in different ways.
5
+
If you are interested in interviews with the top hackers and bug bounty hunters, check out NahamSec's [Live Recon Stream](https://www.youtube.com/playlist?list=PLKAaMVNxvLmAkqBkzFaOxqs3L66z2n8LA)
5
6
7
+
- [Discord Servers](#Discord-Servers)
6
8
- [YouTube Channels](#Youtube-Channels)
7
9
- [Streamers](#Streamers)
8
10
- [Podcasts](#Podcasts)
9
11
- [Books](#Books)
10
12
- [Twitter](#Twitter)
11
-
- [Discord Servers](#Discord-Servers)
12
13
- [Misc](#Misc)
13
14
14
15
---
15
16
17
+
## Discord Servers
18
+
- [Nahamsec](https://discord.gg/d6dENAq)
19
+
- [Hacker101](https://discord.gg/WrCTm8h)
20
+
- [TryHackMe](https://discord.gg/KsAEejZ)
21
+
- [HackTheBox](https://discord.gg/FrRJ3Z8)
22
+
- [TheCyberMentor](https://discord.gg/)
23
+
- [AshF0x - The F0xbox](https://discord.gg/RCTy5zS)
24
+
- [The Mayor](https://discord.gg/EN2ya9h)
25
+
- [Ceos3c](https://discord.gg/SBK3hkR)
26
+
- [InsiderPhD](https://discord.gg/rdQcSk7a)
27
+
16
28
## Youtube Channels
17
29
- [Curated List of YT Channels](https://threader.app/thread/1248351836672872456) by TCM
18
30
- [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs
skipped 6 lines
25
37
- [DEFCONConference](https://www.youtube.com/user/DEFCONConference/videos) - Tons of Talks from Defcon.
26
38
- [Jason Haddix](https://www.youtube.com/channel/UCk0f0svao7AKeK3RfiWxXEA) - VODs of his Stream
27
39
- [rwxrob](https://www.twitch.tv/rwxrob) - Linux God
- [The Red Team Village](https://www.twitch.tv/redteamvillage)
39
53
40
54
## Podcasts
41
55
- [Darknet Diaries](https://darknetdiaries.com/) by [Jack Rhysider](https://twitter.com/jackrhysider)
skipped 15 lines
57
71
- [Black Hat Python](https://nostarch.com/blackhatpython) by Justin Seitz
58
72
- [The Linux Command Line](https://nostarch.com/tlcl2) by William Shotts
59
73
60
-
In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offfers great book deals for an awesome price, so have a eye out for those.
74
+
In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offers great book deals for an awesome price, so have a eye out for those.
61
75
62
76
## Twitter
63
77
skipped 1 lines
65
79
66
80
The following list does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
|[@0xacb](https://twitter.com/0xacb) | André Baptista | 🇵🇹 Security researcher and bug bounty hunter living somewhere between 3D and 7D. Freedφm. 1128350274
|[@0xInfection](https://twitter.com/0xInfection) | Pinaki | I am just an infected geek. 🤠
89
+
|[@0xpatrik](https://twitter.com/0xpatrik) | Patrik Hudak | Outcome over ego.
90
+
|[@0xteknogeek](https://twitter.com/0xteknogeek) | Joel Margolis | Engineer by day, researcher by night • 50% grad of @RITtigers • ProdSec @Uber • DISTURBANCE • Views and opinions are my own.
|[@1ndianl33t](https://twitter.com/1ndianl33t) | Shiv chouhan | Web & Mobile Application Security Researcher | Hackerone | Bugcrowd |Apk Mod | Graphics Designer |CEH | CHFI | SEO | CCNA | CCNP |https://t.co/GueVYZ7uLi
93
+
|[@adrien_jeanneau](https://twitter.com/adrien_jeanneau) | Adrien | Cybersecurity Lover - I love to break things (and I'm paid for that) - Bug Hunter - Creator of gitGraber https://t.co/DKteWrVYt2 #InfoSec #BugBounty
|[@Agarri_FR](https://twitter.com/Agarri_FR) | Nicolas Grégoire | Web hacker && Official Burp Suite Pro trainer https://t.co/oaXuAFhYWp…Follow @MasteringBurp for free tips and tricks
96
+
|[@ajxchapman](https://twitter.com/ajxchapman) | Alex Chapman | Bug Hunter | Vulnerability Researcher | On Recovery | DMs Open
97
+
|[@akita_zen](https://twitter.com/akita_zen) | Akita 🇦🇷 | bugbounty hunter & zen monk
98
+
|[@albinowax](https://twitter.com/albinowax) | James Kettle | Director of Research at PortSwigger Web Security aka @Burp_Suite
99
+
|[@alicanact60](https://twitter.com/alicanact60) | Ali Tütüncü | Bug Researcher
100
+
|[@Almroot](https://twitter.com/Almroot) | Fredrik N. Almroth | Co-Founder, Researcher and Head of Engineering at @detectify. Coder of stuff, breaker of things. PGP/MIT: 0xEDF8D9828B06A7F7
101
+
|[@Alra3ees](https://twitter.com/Alra3ees) | Emad Shanab | A Lawyer & A noooob. Every Law has its own Bugs. I have no Facebook. https://t.co/n9U5HPkWcV https://t.co/46EDOU8gnq
102
+
|[@alxbrsn](https://twitter.com/alxbrsn) | Alex Birsan |
|[@anshuman_bh](https://twitter.com/anshuman_bh) | Anshuman Bhartiya | I love Security, Automation, Innovation, Challenges and Changes. My opinions here, not my employers. https://t.co/RyQUQzkYzm
|[@ArchAngelDDay](https://twitter.com/ArchAngelDDay) | Douglas Day | Born again. Libertarian. Bug Bounty Hunter. Crypto Enthusiast.Views are correct. BTC to 3Jo3Yn7Xt3SYUmm49LiqF1nsKwa9R9wNhi for bugbounty mentorship
109
+
|[@arneswinnen](https://twitter.com/arneswinnen) | Arne Swinnen | IT Security. Bug Bounty Hunter.
110
+
|[@atul_hax](https://twitter.com/atul_hax) | Atul | I love pwn, reading RFCs, and I just dabble on the keyboard until things happen but Emacs gave me carpal tunnel.
111
+
|[@avlidienbrunn](https://twitter.com/avlidienbrunn) | Mathias Karlsson | Web security fiddler. Bug bounty bastard. CTF with @HackingForSoju.
112
+
|[@B3nac](https://twitter.com/B3nac) | Kyle | Full time Security Researcher. I really enjoy everything Android. Creator of InjuredAndroid and BountyPay apk. Send me all the apks plz. https://t.co/myQCNOp959
|[@bendtheory](https://twitter.com/bendtheory) | bend theory | 1 1 2 3 5 8 13 21 34 55 69 420 666 911
115
+
|[@bitquark](https://twitter.com/bitquark) | bitquark ✪ | Tesla red team by day, |redacted| by night. Black Hat EU review board. Former Bugcrowd #1. Tweets may contain traces of cat. He/him. // nb ỉrt ḫt
|[@chevonphillip](https://twitter.com/chevonphillip) | Chevon Phillip | Bugcrowd Ambassador | Synack Red Team Member | Security Researcher | Penetration Tester
123
+
|[@codecancare](https://twitter.com/codecancare) | todayisnew | May you be well on your side of the screen.
124
+
|[@codingo_](https://twitter.com/codingo_) | Michael Skelton | Global Head of Security Ops and Researcher Enablement @bugcrowd, Ex-pentester. Maintainer of NoSQLMap, VHostScan, Reconnoitre, Interlace, Crithit
125
+
|[@Corb3nik](https://twitter.com/Corb3nik) | Ian Bouchard | Security Enthusiast, CTF Fanatic, Bug Bounty Hunter, @opentoallctf/perfect.blue Web guy, NorthernCoalition Co-Founder
126
+
|[@d0nutptr](https://twitter.com/d0nutptr) | d0nut | Lead Security Engineer @graplsec, part-time bug hunter (https://t.co/INDLSLS2Qu). (he/they). Formerly @Dropbox, @Cruise.My tweets are my own.
|[@dee__see](https://twitter.com/dee__see) | Dominic | Outdoor enthusiast, friend of all dogs, hacker, AppSec engineer @gitlab - fighting inertia
129
+
|[@defparam](https://twitter.com/defparam) | Evan Custodio | FPGA/Hardware Hacker. Web Security Researcher. I break web servers so that others can't.@awscloud - My opinions are my own
130
+
|[@dhauenstein](https://twitter.com/dhauenstein) | Daniel Hauenstein | I am the Klaus Kinski of IT security. I do bug bounties (H1/BC/SynAck/zerocopter). I know memes and drink beer. Co-Founder of Last Unicorn Con. Hacking magician
|[@foobar0x7](https://twitter.com/foobar0x7) | foobar7 | IT Security Consultant & Bug Hunter
138
+
|[@fransrosen](https://twitter.com/fransrosen) | Frans Rosén | Dev/Security/Founder at @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
|[@gehaxelt](https://twitter.com/gehaxelt) | Sebastian Neef | Freelancer. Student. Traveller. Hacker. WhiteHat. Bughunter. CTFs @ENOFLAGBlogs @0daywork, @blogbasis and co-Founder of @internetwache
141
+
|[@gerben_javado](https://twitter.com/gerben_javado) | Gerben Javado | Security Engineer @Facebook. Into bug bounties. Personal opinions.
142
+
|[@gregxsunday](https://twitter.com/gregxsunday) | Grzegorz Niedziela | pentester / bughunter
143
+
|[@Gromak123_Sec](https://twitter.com/Gromak123_Sec) | Gromak123_Security | French Security Researcher and Pentester at @Unumkey. C|EH Certified. Bounty Hunter at @YesWeHack and @Hacker0x01.3 times #LeHack Bugbounty's Winner.
144
+
|[@gwendallecoguic](https://twitter.com/gwendallecoguic) | Gwendal Le Coguic | Bug hunter, tool maker.
145
+
|[@h1_sp1d3r](https://twitter.com/h1_sp1d3r) | Evgeniy Yakovchuk | Toss a coin to your hacker, A friend of humanity.
146
+
|[@hacker_](https://twitter.com/hacker_) | Corben Leo | Christian, Computer Science @DakotaState, Hacker
147
+
|[@hahwul](https://twitter.com/hahwul) | HAHWUL | Security engineer, Bugbounty hunter, Developer and H4cker. Say ha-hul but you can just call me howlhttps://t.co/FhMxZy51Qr , https://t.co/gYBnn30EHm , https://t.co/DAjEwvaq0u
148
+
|[@hakluke](https://twitter.com/hakluke) | HΔKLUKΞ | Luke StephensDad, husband, hacker. https://t.co/Zurv4bdcyFhttps://t.co/d1aqj2Q46E
|[@HusseiN98D](https://twitter.com/HusseiN98D) | Hussein Daher | Bug bounty hunter - If you're reading this I love you. - [email protected] - https://t.co/JTJxMBZ7Qshttps://t.co/8iuIYnLHg4
154
+
|[@Hxzeroone](https://twitter.com/Hxzeroone) | Hx01 | Not evil just misunderstood.
|[@InsiderPhD](https://twitter.com/InsiderPhD) | Katie Paxton-Fear | PhD Student, Occasional #BugBounty hunter & Educational #CyberSecurity YouTuber. I study at @CranfieldDefSec: Insider Threats using #nlproc. she/her.
160
+
|[@irsdl](https://twitter.com/irsdl) | Soroush | appsec \ web / https://t.co/3mMc7BsRyw @MDSecLabs | a delimiter character fan | RT/LK can be accidental or !
161
+
|[@itscachemoney](https://twitter.com/itscachemoney) | Tanner | Somewhere between a builder and a breaker | @hacknotcrime
|[@jackds1986](https://twitter.com/jackds1986) | Daniel Bakker | Lead Security Analyst & Ethical Hacker
164
+
|[@jackhcable](https://twitter.com/jackhcable) | Jack Cable | Coder turned white hat hacker with public interest mindset. @Stanford ‘22. Rebel @defensedigital. @StanfordIO / @CISAGov. All tweets are in my personal capacity
165
+
|[@Jhaddix](https://twitter.com/Jhaddix) | Jason Haddix | Father, hacker, educator, gamer, & nerd. Streaming sometimes at: https://t.co/WBZcSgGOIG & posted to https://t.co/I2yhmJjGAb
|[@jobertabma](https://twitter.com/jobertabma) | Jobert Abma | I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
168
+
|[@JohnH4X00R](https://twitter.com/JohnH4X00R) | John H4X0R | Entrepreneur, Programmer & a Bug Hunter https://t.co/vIahtTjPHh Adobe https://t.co/GNSAsABaOl Oracle https://t.co/dObZSH4Gwb Got my👍in each 1 of those pies.
169
+
|[@JonathanBouman](https://twitter.com/JonathanBouman) | Jonathan Bouman | Medical Doctor (GP), Web Developer, Security Researcher
170
+
|[@jon_bottarini](https://twitter.com/jon_bottarini) | Jon Bottarini | Security person. I post about bug bounties, infosec, and everything in between. “insert long job title here” @Hacker0x01, but tweets are my own.
171
+
|[@joohoi](https://twitter.com/joohoi) | Joo, N/A | Hacks for beer. FOSS, infosec and privacy. Chaotic good.
|[@jstnkndy](https://twitter.com/jstnkndy) | Justin Kennedy | Infosec professional & beverage snob. Research Consulting Director @ Atredis Partners.
174
+
|[@kapytein](https://twitter.com/kapytein) | Nadir | Student. Participates on bug bounty programs, kapytein on almost all platforms (h1/intigriti). AppSec @officientapp.
175
+
|[@KasperFritzo](https://twitter.com/KasperFritzo) | Kasper Borg | Danish Security Researcher.
|[@Masonhck3571](https://twitter.com/Masonhck3571) | Masonhck357 | Dominican | Cannabis Connoisseur | Hacker for Hackerone and BugCrowd | CompTIA Net+ Certified | CompTIA Sec+ certified | US Navy Vet | Vegan
178
+
|[@MasteringBurp](https://twitter.com/MasteringBurp) | Mastering Burp Suite Pro | Tweets and retweets about Burp Suite Pro | Managed by @Agarri_FR | Not affiliated with @Portswigger
179
+
|[@mcipekci](https://twitter.com/mcipekci) | Mustafa Can İPEKÇİ | I'm an engineer from Turkey, who is interested with biotechology, computer science and digital gaming.A.K.A nukedx
180
+
|[@Michael1026H1](https://twitter.com/Michael1026H1) | Michael Blake | H1: michael1026.Software engineer interested in software security.Oregon
181
+
|[@michenriksen](https://twitter.com/michenriksen) | Michael Henriksen | Freelance security engineer and consultant. Need help with web application security?
182
+
|[@Mik317_](https://twitter.com/Mik317_) | Michele Romano | The walls of Sparta are the chests of its warriors - Agesilao
183
+
|[@mongobug](https://twitter.com/mongobug) | mongo | I like bug bounty programs and breaking things that other people have built. I love kudos.
|[@nahoragg](https://twitter.com/nahoragg) | Rohan Aggarwal | I spend more time on things, to understand them until they don’t understand me and start giving me what they aren’t programmed to.
|[@nijagaw](https://twitter.com/nijagaw) | Nico | Founder of @codegrazer, #Penetrationtester, #bughunter on https://t.co/ufQNKpG2JS, infosec enthusiast
194
+
|[@nnwakelam](https://twitter.com/nnwakelam) | n a f f y | security expert | Holistic nutritionist, reiki practitioner and drumming circle facilitator.
195
+
|[@not_an_aardvark](https://twitter.com/not_an_aardvark) | Teddy Katz | Programming language design/security/software correctness enthusiast. Working on privacy @Google (this is a personal account). he/him. ✊🏻✊🏽✊🏿
196
+
|[@nullenc0de](https://twitter.com/nullenc0de) | Paul Seekamp | I spend a significant amount of time reading security stuff.
197
+
|[@orange_8361](https://twitter.com/orange_8361) | Orange Tsai 🍊 | This is 🍊
198
+
|[@p4fg](https://twitter.com/p4fg) | Peter | Are developers better hackers? I think so...
|[@PentesterLand](https://twitter.com/PentesterLand) | Pentester Land | Resources for penetration testers and bug bounty hunters
201
+
|[@plmaltais](https://twitter.com/plmaltais) | ramsexy | French-Canadian hacker 🇨🇦. Full-time bug bounty hunter. Craft beer connoisseur 🍻. Surfing the web and hacking the waves. 🌊🏄
202
+
|[@pnig0s](https://twitter.com/pnig0s) | Terry Zhang | Security @ Ant Group (Attack & Defence)
203
+
|[@pudsec](https://twitter.com/pudsec) | Shaun |
204
+
|[@pxmme1337](https://twitter.com/pxmme1337) | Pomme | Triager @Hacker0x01 | Views and opinions are my own and do not reflect my employer's | Memes are life
|[@restr1ct3d](https://twitter.com/restr1ct3d) | Niv Levy | Penetration Testing Engineer / Offensive Security Certified Professional / Bug Bounty Hunter
210
+
|[@rez0__](https://twitter.com/rez0__) | rez0 | Joseph Thacker // Sr. Security Engineer // Hacker, bug bounty hunter, & hobby jogger. Slay all the dragons that stand in your way. Talk to me about Jesus.
211
+
|[@Rhynorater](https://twitter.com/Rhynorater) | Justin Gardner | Christian | OSCP I Bug Bounty Hunter | Lover of Python | https://t.co/NsnHpys7Ej | 🗣️ English, 日本語, Italiano | Married to 💖@mariahchan_💖
212
+
|[@rhyselsmore](https://twitter.com/rhyselsmore) | 🥯 | xfitter, bjj newb, oz shep dad. internet mall cop at @heroku, bugs at https://t.co/MFzfzsrYBp. opinions my own, not employers
213
+
|[@RockyBandana](https://twitter.com/RockyBandana) | Rocky Bandana | Hacking for Good | whoami: @NathanCavitt
214
+
|[@rohk_infosec](https://twitter.com/rohk_infosec) | Kevin | senior application security engineer at @Okta - all tweets are my own
215
+
|[@rootxharsh](https://twitter.com/rootxharsh) | Harsh Jaiswal | Views are my own | AppSec @vimeo.
|[@samwcyo](https://twitter.com/samwcyo) | Sam Curry | Full time bug bounty hunter. Run a blog to better explain web application security. Somewhere between high school and pretending to be an adult.
223
+
|[@santi_lopezz99](https://twitter.com/santi_lopezz99) | Santiago Lopez | 1# Millon Dollar hacker on @Hacker0x01 #bugbounty. Instagram: https://t.co/fLSrAlKf4Q
|[@securibee](https://twitter.com/securibee) | Big Body Bee 🐝 | Creative problem solver that gets things done.Bee different, bee yourself.
230
+
|[@securinti](https://twitter.com/securinti) | Inti De Ceukelaire | Uncertified Ethical Hacker (UEH) and bug bounty bro. @intidc (dutch), community dude @intigriti. Tweets are mine and so is your computer.
|[@snyff](https://twitter.com/snyff) | Louis Nyffenegger | CVE connoisseur @PentesterLab. Security engineer. Bugs are my own, not of my employer. I just want to be a webservice...
240
+
|[@soaj1664ashar](https://twitter.com/soaj1664ashar) | Ashar Javed | Web AppSec Researcher | #❶ in Microsoft's Top 100 Security Researcher List -2018 | #❹ in Microsoft's Most Valuable Researcher List -2019 & 2020 | Thanks #🆇🆂🆂
241
+
|[@spaceraccoonsec](https://twitter.com/spaceraccoonsec) | spaceraccoon 🦝 | Here to learn! Hackerone: https://t.co/UK9KDsRVlL
242
+
|[@_staaldraad](https://twitter.com/_staaldraad) | Etienne Stalmans | Security researcher and breaker of things. &
|[@stokfredrik](https://twitter.com/stokfredrik) | STÖK ✌️ | Hi.. im that hacker that your friends told you about. I used to travel the world, hack & vlog about it. Hackfluencer - Creative - Sustainable Fashion - he/him
246
+
|[@streaak](https://twitter.com/streaak) | streaak (on a break) | BBAC kidnapped me | I hack things and occasionally take photographs
247
+
|[@sushiwushi2](https://twitter.com/sushiwushi2) | iamsushi | I tweet strange things and find bugs #OSCP
248
+
|[@sw33tLie](https://twitter.com/sw33tLie) | sw33tLie | Bug bounty hunter and CS student, 20yo.Playing with software since I can remember.https://t.co/qABvqCl1Pxhttps://t.co/DFfjocm4aR
249
+
|[@Th3G3nt3lman](https://twitter.com/Th3G3nt3lman) | Th3g3nt3lman | a born terror, a rebel without a pause, i never had a good christmas so who is santa claus?
250
+
|[@thedawgyg](https://twitter.com/thedawgyg) | dawgyg | 1 of 8 Millionaire Hackers thanks to @hacker0x01 #h1415 2020 MVH, Bug Bounty Hunter, Reformed Blackhat, Synack Red Team Member, Nissan Skyline Collector
|[@vortexau](https://twitter.com/vortexau) | vortex | I work @ Bugcrowd (personal account). Ex-Pentester, Ex-DevTweets about infosec, bounty hunting, homebrewing and cars.SecTalks Adelaide Co-organiser. OSCP/OSWP
257
+
|[@vp440](https://twitter.com/vp440) | Felix Veillette-Potvin | Pentester @gosecure_inc, Bug bounty hunter, general security enthusiast. Opinions and views expressed are my own.
|[@Yassineaboukir](https://twitter.com/Yassineaboukir) | Yassine Aboukir 🐐 | Popping shells for flight tickets at your nearest airport departure terminal. AppSec consulting, and bug bounties (11th ranked) on @Hacker0x01 🇲🇦🇫🇷
262
+
|[@yaworsk](https://twitter.com/yaworsk) | yaworsk | Author of https://t.co/4sI75efGSk, Hacker Interviewer https://t.co/Utz8Qr1kUR, @shopify AppSec. Tweets are my own. Unless you wrote them.
|[@zseano](https://twitter.com/zseano) | @zseano | webapp hacker and also that annoying lucio 🐸 Recognised by @Amazon in 2018 for my security research work. ~busy working on @bugbountynotes v2!~
137
266
138
-
## Discord Servers
139
-
- [Nahamsec](https://discord.gg/d6dENAq)
140
-
- [Hacker101](https://discord.gg/WrCTm8h)
141
-
- [TryHackMe](https://discord.gg/KsAEejZ)
142
-
- [HackTheBox](https://discord.gg/FrRJ3Z8)
143
-
- [TheCyberMentor](https://discord.gg/)
144
-
- [AshF0x - The F0xbox](https://discord.gg/RCTy5zS)
145
-
- [The Mayor](https://discord.gg/EN2ya9h)
146
-
- [Sup3rhero1](https://discord.gg/pHfgvns)
147
-
- [Ceos3c](https://discord.gg/SBK3hkR)
148
267
149
268
## Misc
150
269
- [ChaosComputerClub Germany Media Resources](https://media.ccc.de/) - bunch of conference talks and other media
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
12
11
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
13
12
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
14
13
- [Creating Wordlists for Pentesting & Bug Bounty](https://www.youtube.com/watch?v=QGbTaxtEQlg) - by nahamsec
15
14
- [Setup bugbounty hunting env on termux](https://www.hahwul.com/2020/05/setup-bugbounty-hunting-env-on-termux-d.html?m=1) - by @hahwul
16
15
- [Technical Project Ideas Towards Learning Cyber Security](https://mchow01.github.io/education/security/projects/2020/06/19/technical_projects_security.html) - by [Ming Y. Chow](https://mchow01.github.io/)
16
+
17
17
## Burp Suite
18
18
This section should help you get familiar with BurpSuite.
19
19
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101
20
20
- [Burp Suite Introduction](https://github.com/bugcrowd/bugcrowd_university/blob/master/An_introduction_to_Burp_Suite/Bugcrowd%20University%20-%20Burp%20Suite%20Introduction.pdf) by Jason Haddix
21
21
- [Beginners Guide to Burpsuite Payloads (Part 1)](https://www.hackingarticles.in/beginners-guide-burpsuite-payloads-part-1/) by Raj Chandel
22
22
- [Burp Hacks for Bounty Hunters](https://www.youtube.com/watch?v=boHIjDHGmIo) by James Kettle
23
+
23
24
## Tools
24
25
- [Getting Starting With Tmux Isn't That Scary](https://www.youtube.com/watch?v=Z5sEEbwngd0)
- [How To Get Started In Bug Bounties](https://www.youtube.com/watch?v=kn0jClWSdD8) by [DC CyberSec](https://www.youtube.com/channel/UC3sccPO4v8YqCTn8sezZGTw)
15
+
- [Is it too late to start doing BUG BOUNTY in 2020?](https://www.youtube.com/watch?v=PTTkA_gHgxE) [STOK](https://youtube.com/stokfredrik)
16
+
- [MY BUG BOUNTY JOURNEY!](https://www.youtube.com/watch?v=ug7FzoByLFc) by Farah Hawa
17
+
- [DEF CON 23 - Jason Haddix - How to Shot Web: Web and mobile hacking in 2015](https://www.youtube.com/watch?v=-FAjxUOKbdI)
Compact descriptions of common vulnerability types with links to useful resources.
4
+
This page is created to help hackers understand a specific vulnerability type in details. If you would like to read blog posts and see example vulnerability, please read the [blog posts](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/assets/blogsposts.md) page
5
+
5
6
### Online Resources
6
7
- [Owasp Top 10](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
- [Bug Bounty Cheat Sheets](https://github.com/EdOverflow/bugbounty-cheatsheet) - by EdOverflow
9
10
---
11
+
10
12
## Cross-Site Scripting (XSS)
11
13
As we start to build this repository, we'll be adding more vulnerability types and resources for each one. XSS is a great place to start as it's one of the most popular and easiest vulnerabilities to find in a web application.
12
14
skipped 13 lines
26
28
27
29
## XML External Entities (XXE)
28
30
- [XML External Entities ft. JohnHammond](https://www.youtube.com/watch?v=gjm6VHZa_8s) - by PwnFunction
31
+
29
32
## Insecure Direct Object Reference (IDOR)
30
33
- [Insecure Direct Object Reference Vulnerability](https://www.youtube.com/watch?v=rloqMGcPMkI) - by PwnFunction
31
34
- [Finding Your First Bug: Manual IDOR Hunting](https://www.youtube.com/watch?v=gINAtzdccts) - by Insider PhD
32
35
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - by STÖK & Fisher
36
+
33
37
## Open Redirect
34
38
- [Open Redirect Vulnerability](https://www.youtube.com/watch?v=4Jk_I-cw4WE) - by PwnFunction
39
+
35
40
## HTTP Parameter Pollution
36
41
- [HTTP Parameter Pollution Attacks](https://www.youtube.com/watch?v=QVZBl8yxVX0) - by PwnFunction
42
+
37
43
## Logic Errors
38
44
- [Finding Your First Bug: Business Logic Errors](https://www.youtube.com/watch?v=RobCqW2KwGs) - by InsiderPhD
45
+
39
46
## Remote Code Execution
40
47
- [Finding Your First Bug: Goal Setting / Remote Code Execution (RCE)](https://www.youtube.com/watch?v=5BTvTE3gEq8) - by InsiderPhD
Ben Sadeghipoour
committed
3 years ago
1 parent a1c57101