Discover and read the best of Twitter Threads about #bugbountytip

Most recents (10)

Cloud Metadata Dictionary useful for SSRF Testing

## IPv6 Tests

http://[::ffff:169.254.169.254]

http://[0:0:0:0:0:ffff:169.254.169.254]

#bugbountytips #bugbounty #bugbountytip
## AWS

# Amazon Web Services (No Header Required)

# from docs.aws.amazon.com/AWSEC2/latest/…

http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy

http://169.254.169.254/latest/user-data

http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]

http://169.254.169.254/latest/meta-data/ami-id

http://169.254.169.254/latest/meta-data/reservation-id

http://169.254.169.254/latest/meta-data/hostname
Read 12 tweets
If an LFI vulnerability exists, look for these files:

1-Linux system and user files:
/etc/passwd
/etc/shadow
/etc/issue
/etc/group
/etc/hostname
/home/user/
/home/user/.ssh
/home/user/bash_history

#bugbounty #bugbountytip #bugbountytips
2-Log files:
/var/log/apache/access.log
/var/log/apache2/access.log
/var/log/httpd/access_log
/var/log/apache/error.log
/var/log/apache2/error.log
/var/log/httpd/error_log
3-CMS configuration files:
WordPress: /var/www/html/wp-config.php
Joomla: /var/www/configuration.php
Dolphin CMS: /var/www/html/inc/header.inc.php
Drupal: /var/www/html/sites/default/settings.php
Mambo: /var/www/configuration.php
PHPNuke: /var/www/config.php
Read 5 tweets
File Upload Restriction Bypass Checklist

1-Try various file extensions-Try different versions of the file extensions, for example php3, .php4, .php5, phtml for PHP scripts, asp,aspx

#bugbounty #bugbountytip #bugbountytips
2-Append an extra file extension-If the application is not properly validating for the file extension, this can be exploited by appending another extension, for example from script.php to script.php.gif or script.gif.php
3-Change the casing of the extension-Try different combinations of lower and upper case, for example pHp, PhP, phP, Php etc
Read 13 tweets
tip :

- registers account and logs in (no need to verify)
- changes email address to another mail and verifies it
- clicks on old verification link which was sent to old mail
- account is deleted!
(TO DELETE THE ACCOUNT YOU HAVE TO CONTACT SUPPORT)
#bugbountytip #bugbountytips
original report!
its just that if old gmail acc is compromised then also the attacker can use verification link and it will delete that account meanwhile. to delete account i think u have to contact support and do some verification stuffs!
Read 3 tweets
I have seen many reports regarding MFA bypass and many repos has got techniques to bypass MFA but here is one of my personal method or never seen before technique to bypass MFA, make sure to add it to your checklist ;)..... follow 👇

#bugbountytips #bugbountytip #bugbountytip
1) access control issues are everywhere in website right?

normal login flow :

email + passwd => mfa => enters acc

the flaw :

email + password => enters wrong mfa code and intercepts the req with burp, changes request line and params .....
..... and issues the request to see if it updates internal infos before passing the mfa check!
Read 8 tweets
#BurpHacksForBounties - Day 1/30

Turbo intruder: Power of Python with @Burp_Suite Intruder.

I use it to tailor my pen-testing for a specific target and targetted #bugbounty

#infosec #appsec #bugbountytips #bugbountytip #security
How to - 🧵🙃👇
1/n
Using: CE so that everyone can explore.
Intruder in CE is limited in multithreading, Turbo-Intruder can overcome that.
- Install through Extender
- Send req to the plugin.
2/n
Once you send req to the plugin, a python editor will open. This will show a couple of existing python scripts to take reference from and to use.
Read 5 tweets
***************************************************
******** Hacking "Bug Bounty" Roadmap *******
***************************************************
[1]
#bugbounty #bugbountytips #bugbountytip Image
[2]
2. What to study?
1. Internet, HTTP, TCP/IP
2. Networking ( CCNA )
3. Command line
4. Linux
5. Web technologies, "JAVASCRIPT" "PHP" "SQL"
6. Atleast 1 prog language(Python/C/JAVA/Ruby..)

3. Choose your path(imp)
1. Web pentesting
2. Mobile pentesting
3. Desktop apps
[3]
4. Resources

Books
For web
1. Web app hackers handbook
2. Web hacking 101
3. Hacker's playbook 1,2,3
4. Hacking art of exploitation
5. Mastering modern web pen testing
6. OWASP Testing guide
Read 11 tweets
Self promotion time - if you are testing a payment system or a shop, check the whitepaper that I had written and updated last year: nccgroup.trust/globalassets/o… 💰💰💰 #bugbountytip #pentest #Financial
I should also add this; when I joined @MDSecLabs , they had some of these as part of their web app training already because of the great work of Marcus Pinto!
Read 3 tweets
my own ebook library contain hundreds (661) of hacking books and computer science books,i love reading and reading again and again.feel free to ask me about the best hacking books
#Hacking #Pentesting #redteam #bugbountytip #Malware #CyberSecurity
The Best Hacking Books in 2020 part )1(:
-effective-cybersecurity
-Rootkits and Bootkits
-Gray Hat Hacking the Ethical Hacker's Handbook 5
-THE HACKER PLAYBOOK 3
-Black Hat Go
-Practical Binary Analysis
-Hacking Exposed Industrial Control Systems
-Windows Forensics
-Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
-Hunting Cyber Criminals
-Guide to Computer Forensics and Investigations-Processing Digital Evidence
-Mobile Forensic Investigations: A Guide to Evidence Collection
Read 6 tweets
Vamos a usar este tweet para publicar #Dorks de todo tipo, empecemos con este:

inurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner -foro -forum -topic -blog -about -docs -articles

#CyberSecurity #dork #BugBounty
intext:"pass" ! "usuario" | "user" | "contraseña" filetype:sql -github
Este es muy bueno, nos permite hacer uploads, ha sido probado con imágenes .jpeg

intitle:"FCKeditor - Uploaders Tests"
Read 63 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!