A collection of Blog Posts ordered by Vulnerability Types
5
5
- [XSS](#XSS)
6
6
- [DOM XSS](#DOM-XSS)
skipped 12 lines
19
19
- [Buffer Overflow](#Buffer-Overflow)
20
20
- [IDOR](#IDOR)
21
21
- [GraphQL](#GraphQL)
22
+
- [RCE](#RCE)
23
+
- [Recon](#Recon)
22
24
- [Misc](#Misc)
25
+
---
23
26
## XSS
24
27
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
25
28
skipped 66 lines
92
95
- [Steal Earning of Airbnb hosts by Adding Bank Account/Payment Method](https://www.indoappsec.in/2019/12/airbnb-steal-earning-of-airbnb-hosts-by.html) - [Vijay Kumar ](https://twitter.com/IndoAppSec)
93
96
- [GraphQL IDOR leads to information disclosure](https://medium.com/@R0X4R/graphql-idor-leads-to-information-disclosure-175eb560170d) - [@R0X4R](https://twitter.com/R0X4R)
94
97
- [From Multiple IDORs leading to Code Execution on a different Host Container](https://www.rahulr.in/2019/10/idor-to-rce.html?m=1) - [@Rahul_R95](https://twitter.com/Rahul_R95)
98
+
- [Automating BURP to find IDORs](https://medium.com/cyberverse/automating-burp-to-find-idors-2b3dbe9fa0b8) - [Aditya Soni](https://medium.com/@hetroublemakr)
95
99
96
100
## GraphQL
97
101
- [Private System Note Disclosure using GraphQL](https://hackerone.com/reports/633001) - Ron Chan
98
102
- [Graphql Abuse to Steal Anyone’s Address](https://blog.usejournal.com/graphql-bug-to-steal-anyones-address-fc34f0374417) - pratik yadav
99
103
100
-
## Misc
104
+
## RCE
105
+
- [My First RCE (Stressed Employee gets me 2x bounty)](https://medium.com/@abhishake100/my-first-rce-stressed-employee-gets-me-2x-bounty-c4879c277e37) - [Abhishek Yadav](https://medium.com/@abhishake100)
106
+
107
+
## Recon
108
+
- [Subdomain Recon Using Certificate Search Technique](https://www.r00tpgp.com/2020/01/subdomain-recon-using-certificate.html?m=0)
101
109
- [Notes about Nahamsecs Recon Sessions](https://mavericknerd.github.io/knowledgebase/nahamsec/recon_session_1/) - [maverickNerd](https://github.com/maverickNerd)
110
+
111
+
## Misc
102
112
- [Hacking GitHub with Unicode's dotless 'i'](https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/)
103
113
- [Abusing autoresponders and email bounces](https://medium.com/intigriti/abusing-autoresponders-and-email-bounces-9b1995eb53c2) - securinti
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
106
116
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
117
+
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
Here you find listings to useful media creations that can help beginners in different ways.
5
5
6
-
- [YoutTube Channels](#Youtube-Channels)
6
+
- [YouTube Channels](#Youtube-Channels)
7
7
- [Streamers](#Streamers)
8
8
- [Podcasts](#Podcasts)
9
9
- [Books](#Books)
skipped 9 lines
19
19
- [InsiderPhD](https://www.youtube.com/channel/UCPiN9NPjIer8Do9gUFxKv7A) - An excellent Introduction series for beginners to help them find their first bug.
20
20
- [PwnFunction](https://www.youtube.com/PwnFunction) explanatory videos about Web App vulnerabilities
21
21
- [DEFCONConference](https://www.youtube.com/user/DEFCONConference/videos) - Tons of Talks from Defcon.
22
+
- [Jason Haddix](https://www.youtube.com/channel/UCk0f0svao7AKeK3RfiWxXEA) - VODs of his Stream
22
23
23
24
## Streamers
24
25
- [Nahamsec](https://www.twitch.com/nahamsec) on Twitch
25
26
- [d0nutptr](https://www.twitch.tv/d0nutptr/) on Twitch
26
-
- [The Cyber Mentor](https://twitch.tv/theblindhackercybermentor) on Twitch
27
+
- [The Cyber Mentor](https://twitch.tv/thecybermentor) on Twitch
27
28
- [The Blind Hacker](https://twitch.tv/theblindhacker) on Twitch
29
+
- [Jason Haddix](https://www.twitch.tv/js0n_x/) on Twitch
Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
6
6
skipped 26 lines
33
33
|[httprobe](https://github.com/tomnomnom/httprobe)|Take a list of domains and probe for working http and https servers.|Go|[Tom Hudson](https://github.com/tomnomnom)|
34
34
|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning|Python|[j3ssie](https://github.com/j3ssie)|
35
35
|[hakrawler](https://github.com/hakluke/hakrawler)|hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover Forms, Endpoints, Subdomains, Related documents and JS Files|Go|[@hakluke](https://twitter.com/hakluke)|
36
+
|[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)|