Steiner254 Profile picture
Nov 10 23 tweets 8 min read
Day 0⃣1⃣/2⃣0⃣ -- [Bug Bounty Reconnaissance/Information Gathering]

➡️ Being Day 1, Recon is usually the first approach when handling your target.
➡️ Below are some of the Best Checklists/Bug Bounty RECON references & Tips🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
The Bug Hunter's Methodology v4.0 - Recon Edition by @Jhaddix
2/n
@_zwink Target Reconnaissance & Approach
3/n
@_zwink
7/n Cool Recon techniques every hacker misses! 🔥🔥 infosecwriteups.com/cool-recon-tec…
8/n Cool Recon techniques every hacker misses! Episode 2🔥🔥
infosecwriteups.com/cool-recon-tec…
10/n
A collection of awesome one-liners for bug bounty hunting.
github.com/Steiner-254/On…
11/n
jhaddix/Github bash generated search links (from hunter.sh) gist.github.com/jhaddix/77253c…
12/n
How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty
infosecwriteups.com/guide-to-basic…
13/n
Recon Methodology for Bug Hunting!
infosecwriteups.com/recon-methodol…
14/n
Spend more time doing recon, you’ll find more BUGS.
vedanttekale20.medium.com/spend-more-tim…
15/n
@Yassineaboukir Talks About His Recon Flow, Bug Bounty, Mental Health and More!
16/n
Ultimate Manual Bug Bounty Recon Guide by @theXSSrat systemweakness.com/ultimate-manua…
17/n
Advanced Recon Guide
bugbountyhunter.com/articles/?on=A…
18/n
Getting back our Bug Bounty Thursdays with a Bug Bounty Fireside talk part 1 by @Crypt0g30rgy
n/n
Practice Makes Perfect!
Happy Hacking :)
See you here same time tommorow!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Steiner254

Steiner254 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @steiner254

Nov 12
Day 0⃣3⃣/2⃣0⃣ -- [How To Hack A Login Page!]
➡️ Day 3, How To Hack A Login Page "Exploiting Vulnerabilities On A Login Page"
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
10 Common vulnerabilities found in the login functionality
redhuntlabs.com/blog/10-most-c…
2/n
Portswigger vulnerabilities on password based login
portswigger.net/web-security/a…
Read 20 tweets
Nov 11
Day 0⃣2⃣/2⃣0⃣ -- [Registration/SignUp Page Vulnerabilities]
➡️ Day 2, we will cover potential vulnerabilities that can affect a Registration/Sign-Up Page of a web application
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
Registration Page Vulnerabilities
github.com/carlospolop/ha…
2/n
Registration & Takeover Vulnerabilities
book.hacktricks.xyz/pentesting-web…
Read 20 tweets
May 2
Bug Bounty Pro Tips
If You Have Any, Please Feel Free To Add To The Thread
#bugbountytips
#bugbountytip
#cybersecuritytips
Pro Tip — Android applications can suffer from LFI and stored XSS just by injecting <iframe/src=/etc/hosts> into input fields.
Tip for finding SSRF Image
To demonstrate XSS impact, don’t use alert(‘alert’). Determine whether session is stored in cookies or local storage and put that in the popup. cookie: alert(document.cookie) LocalStorage: alert(localStorage.getItem(‘access_token’))
Read 50 tweets
Apr 30
Different Hacking/Bug Bounty Methodologies From Different Hackers/Bug Bounty Hunters.
Feel Free To Add In This Thread If You Have Any :)
#BugBounty
#bugbountytips
#CyberSecurity
infosecwriteups.com/bug-hunting-me…
Read 15 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(