1. [Stanford CS 253 Web Security](#Stanford-CS-253-Web-Security)
5
+
2. [HTTP basics](#HTTP-basics)
6
+
3. [Networking basics](#Networking-basics)
7
+
4. [Programming Basics](#Programming-Basics)
8
+
5. [Automation](#Automation)
9
+
10
+
11
+
## Stanford CS 253 Web Security
12
+
13
+
- [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross)
14
+
- "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues."
8
15
9
16
## HTTP basics
10
17
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
- [Fasten your Recon process using Shell Scripting](https://medium.com/bugbountywriteup/fasten-your-recon-process-using-shell-scripting-359800905d2a) - Mohd Shibli
97
98
- [Beginner’s Guide to recon automation](https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb) - Ashish Jha
98
99
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - STÖK & Fisher
100
+
- [gitGraber: A tool to monitor GitHub in real-time to find sensitive data](https://blog.yeswehack.com/2019/10/08/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-data/) - by [@adrien_jeanneau](https://twitter.com/adrien_jeanneau) & [@R_Marot](https://twitter.com/R_marot)
99
101
100
102
## Buffer Overflow
101
103
- [Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty](https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/) - [Sam Curry](https://twitter.com/samwcyo)
skipped 17 lines
119
121
- [Subdomain Recon Using Certificate Search Technique](https://www.r00tpgp.com/2020/01/subdomain-recon-using-certificate.html?m=0)
120
122
- [Notes about Nahamsecs Recon Sessions](https://mavericknerd.github.io/knowledgebase/nahamsec/recon_session_1/) - [maverickNerd](https://github.com/maverickNerd)
121
123
- [10 Recon Tools For Bug Bounty](https://medium.com/@hackbotone/10-recon-tools-for-bug-bounty-bafa8a5961bd) - Anshuman Pattnaik
124
+
- [Recon: Create a methodology and start your subdomain enumeration](https://failednuke.info/2020/recon-create-a-methodology-and-start-your-subdomain-enumeration/) - by FailedNuke
122
125
123
126
## Smart Contracts
124
127
- [Steal collateral during `end` process, by earning DSR interest after `flow](https://hackerone.com/reports/672664)(Listed as Business Logic Error)
skipped 9 lines
134
137
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
135
138
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
136
139
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
140
+
- [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) - by [@leonishan_](https://twitter.com/leonishan_)
141
+
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) - by [James Kettle](https://twitter.com/albinowax)
142
+
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) - by Github
- New Category: [Hardware & IoT](/assets/hardware.md)
13
+
- Added **Exploitee.rs Wiki**
14
+
- New Category: [Coding & Scripting](/assets/coding.md)
15
+
- Added **Bash Scripting Full Course 3 Hours**
16
+
- Added **ShellCheck**
17
+
- Added **Explainshell**
18
+
- Added **Discovering the Terminal**
19
+
- Added **Text Processing in the Shell**
12
20
- New [Podcasts](/assets/media.md#Podcasts):
13
-
- Darknet Diaries Episode 60 with dawgyg
14
-
- The Bug Bounty Podscast Episode 3 with nahamsec
21
+
- **Darknet Diaries Episode 60** with dawgyg
22
+
- **The Bug Bounty Podscast Episode 3** with nahamsec
15
23
- New in [Tools](/assets/tools.md):
16
-
- objection - A new Mobile tool
17
-
- CyberChef
24
+
- **crithit**
25
+
- **objection - A new Mobile tool**
26
+
- **CyberChef**
27
+
- **RMS - Runtime Mobile Security**
18
28
- New Category: [Notes & Organization](/assets/tools.md#Notes-&-Organization)
19
-
- Reconness to [Notes & Organization](/assets/tools.md#Notes-&-Organization)
20
-
- Updog to [Notes & Organization](/assets/tools.md#Notes-&-Organization)
29
+
- **Reconness** to [Notes & Organization](/assets/tools.md#Notes-&-Organization)
30
+
- **Updog** to [Notes & Organization](/assets/tools.md#Notes-&-Organization)
21
31
- New Category: [Burp Extensions](/assets/tools.md#Burp-Extensions)
22
-
- Logger++ to [Burp Extensions](/assets/tools.md#Burp-Extensions)
23
-
- AuthMatrix to [Burp Extensions](/assets/tools.md#Burp-Extensions)
24
-
- Autorize to [Burp Extensions](/assets/tools.md#Burp-Extensions)
25
-
- Auto Repeater to [Burp Extensions](/assets/tools.md#Burp-Extensions)
26
-
- Progress Tracker to [Burp Extensions](/assets/tools.md#Burp-Extensions)
27
-
- Flow to [Burp Extensions](/assets/tools.md#Burp-Extensions)
32
+
- **Logger++** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
33
+
- **AuthMatrix** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
34
+
- **Autorize** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
35
+
- **Auto Repeater** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
36
+
- **Progress Tracker** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
37
+
- **Flow** to [Burp Extensions](/assets/tools.md#Burp-Extensions)
28
38
- New in [Labs](/assets/labs.md):
29
-
- TryHackMe & Videos
39
+
- **TryHackMe & Videos**
40
+
- New in Media:
41
+
- **@codingo_** now in Twitter-List
30
42
- New [Streamers](/assets/media.md#Streamers):
31
43
- [sup3rhero1](https://www.twitch.tv/sup3rhero1)
32
44
- [STÖK](https://www.twitch.tv/stokfredrik)
33
45
- New in [BlogPosts](/assets/blogposts.md):
34
46
- New Category: [API](/assets/blogposts.md#API)
35
-
- Added "31 Days of API Security Tips"- Misc
36
-
- Added "Blind SQL Injection on windows10.hi-tech.mail.ru" - SQLInjection
37
-
- Added "DOM XSS on app.starbucks.com via ReturnUrl" - DOMXSS
38
-
- Added "Email address of any user can be queried on Report Invitation GraphQL type when username is known" - GraphQL
39
-
- Added "External XML Entity via File Upload (SVG)" - File Upload
40
-
- Added "Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies" - HTTP Desync
47
+
- Added **31 Days of API Security Tips**- Misc
48
+
- Added **Blind SQL Injection on windows10.hi-tech.mail.ru** - SQLInjection
49
+
- Added **DOM XSS on app.starbucks.com via ReturnUrl** - DOMXSS
50
+
- Added **Email address of any user can be queried on Report Invitation GraphQL type when username is known** - GraphQL
51
+
- Added **External XML Entity via File Upload (SVG)** - File Upload
52
+
- Added **Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies** - HTTP Desync
53
+
- Added **gitGraber: A tool to monitor GitHub in real-time to find sensitive data** - by [@adrien_jeanneau](https://twitter.com/adrien_jeanneau) & [@R_Marot](https://twitter.com/R_marot)
54
+
- Added **2 Cases of Path Traversal** by [@leonishan_](https://twitter.com/leonishan_)
- [Exploitee.rs Wiki](https://www.exploitee.rs/index.php/Main_Page) - IoT Wiki Page with a bunch of Info when getting into Hardware
6
+
- [Exploitee.rs Wiki](https://www.exploitee.rs/index.php/Main_Page) - IoT Wiki Page with a bunch of Info when getting into Hardware (providedby@securibee��)
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
12
12
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
13
-
13
+
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
14
14
## Burp Suite
15
15
This section should help you get familiar with BurpSuite.
16
16
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101
|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning|Python|[j3ssie](https://github.com/j3ssie)|
47
47
|[hakrawler](https://github.com/hakluke/hakrawler)|hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover Forms, Endpoints, Subdomains, Related documents and JS Files|Go|[@hakluke](https://twitter.com/hakluke)|
48
48
|[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)|
49
-
|[Kockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)|
49
+
|[Knockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)|
50
+
|[crithit](https://github.com/codingo/crithit)|Takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.|C++|[codingo](https://github.com/codingo)|
50
51
51
52
52
53
#### OSINT Webpages
skipped 36 lines
89
90
|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
90
91
|[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team|
91
92
|[objection](https://github.com/sensepost/objection)|"objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak."|Python & TypeScript|[sensepost](https://github.com/sensepost)|
93
+
|[RMS - Runtime Mobile Security](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security)|Runtime Mobile Security (RMS) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime|Python|[@mobilesecurity_](https://twitter.com/mobilesecurity_)|
Peer Heinen
committed
4 years ago
1 parent 6fc8bcdc