Discover and read the best of Twitter Threads about #bugbountydiary
Most recents (1)
4/8/22 #bugbountydiary #bugbountytips
Everyone is sick in the house but I had some running scans I needed to check up on.
I found a SQL injection bug on a blog.
Here's how I did it, so you can learn...
👇
🚨Like, retweet, & follow for more hacker tips!🚨
1/x
Everyone is sick in the house but I had some running scans I needed to check up on.
I found a SQL injection bug on a blog.
Here's how I did it, so you can learn...
👇
🚨Like, retweet, & follow for more hacker tips!🚨
1/x
Firstly, I ran reconFTW on a set of domains related to the target. I had the main domain, and several acquisition domains running too. The acquisitions were gathered from CrunchBase and Wikipedia.
This gave me a pretty good list of targets.
2/x
github.com/six2dez/reconf…
This gave me a pretty good list of targets.
2/x
github.com/six2dez/reconf…
ReconFTW runs screenshotting on all web-resolvable domains and subdomains.
I opened that folder and saw what looked to be a marketing campaign site that was super old for a product the company no longer supported. To further confirm the Copyright footer was from 2016
3/x
I opened that folder and saw what looked to be a marketing campaign site that was super old for a product the company no longer supported. To further confirm the Copyright footer was from 2016
3/x
