Share this page!

It's Steiner254 Profile picture
Twitter logo
Nov 16 23 tweets 8 min read
Day ➰➰/2⃣0⃣ -- [Hacking Bug Bounty Checklists/Methodologies]
➡️ Day ➰➰, Taking A Break! But Let's Talk About Different Hacking Methodologies.
➡️ Below are Some Of The Best Hacking Methodologies(Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
 Resources-for-Beginner-Bug-Bounty-Hunters
github.com/nahamsec/Resou…
2/n
 The Bug Hunter's Methodology (TBHM)
github.com/jhaddix/tbhm
3/n
4/n
 BUG HUNTING METHODOLOGY FOR BEGINNERS
infosecwriteups.com/bug-hunting-me….
5/n
 zseano's Bug Bounty methodology by @zseano
bugbountyhunter.com/methodology/zs…
6/n
 Bug Bounty Methodology V3.0: Hunt like a rat by @theXSSrat thexssrat.medium.com/bug-bounty-met…
7/n
 Bug bounty methodology V4.0 — Demonstrated
by @theXSSrat
medium.com/geekculture/bu…
8/n
 My bug bounty methodology and how I approach a target by @thehackerish
thehackerish.com/my-bug-bounty-…
9/n
 BUG HUNTING METHODOLOGY FOR BEGINNERS by @InfoSecComm
infosecwriteups.com/bug-hunting-me…
10/n
 BUG BOUNTY HUNTING (METHODOLOGY , TOOLKIT , TIPS & TRICKS , Blogs)
infosecwriteups.com/bug-bounty-hun…
11/n
 Awesome Bug Bounty Roadmap
attacker-codeninja.github.io/2022-06-06-awe…
12/n
 Bug Bounty Methodology — Bug Hunting Checklist (PART-1)
apexvicky.medium.com/bug-bounty-met…
13/n
 THE BEST BUG BOUNTY RECON METHODOLOGY
securib.ee/beelog/the-bes…
14/n
 My Learning Methodology for OWASP Top 10
cowdex.github.io/posts/my-learn…
15/n
 Awesome-Bugbounty-Writeups
github.com/devanshbatham/…
16/n
 bugbountytools-methodology
github.com/blackhatethica…
17/n
 Bug-bounty-methodology
github.com/ManasHarsh/Bug…
18/n
 KingOfBugBountyTips -- check out
github.com/KingOfBugbount…
19/n
 The Bug Hunter's Methodology v4.0 by @Jhaddix

cc: @NahamSec
20/n
 Bug Bounty Checklist for Web App
github.com/sehno/Bug-boun…
21/n
 Bug Bounty Beginner's Roadmap
github.com/bittentech/Bug…
n/n
>> This wasn't in my 20 day plan, but it's important. So I decided to share it in this break!
Practice Makes Perfect!
Happy Hacking :)
See you here same time tomorrow for Day 0⃣7⃣!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with It's Steiner254

It's Steiner254 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Steiner254

It's Steiner254 Profile picture
Nov 17
Day 0⃣7⃣/2⃣0⃣ -- [Hacking Different Web Application Functionalities]
➡️ Groups & Teams
➡️ Email Contact
➡️ Submit Feedback
➡️ ➰ Below are Functionalities, Tips & References (Feel Free To Share)🧵🧵👇👇
🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
o/n
➡️ Chat Box/Support/Customer Care
➡️ Comment Functionality
➡️ Subscribe/Unsubscribe
➡️ Ecommerce Platform
➡️ Search Functionality
➡️ WebSockets
➡️ User-Agents
➡️ Cookies & Sessions
➡️ JSON Web Tokens
1/n
 Blind SSRF on chatbox
hackerone.com/reports/1220688
Read 18 tweets
It's Steiner254 Profile picture
Nov 15
Day 0⃣6⃣/2⃣0⃣ -- [Delete/Deactivating An Account & Logout Vulnerabilities]
➡️ Day 6, Have You Ever Known That Deactivating & Logout Feature Can Be Hacked & Earn You Bounties?
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
 IDOR — Let’s delete any account
medium.com/@Bohr/idor-let…
2/n
 0 Click account delete CSRF
hacklido.com/d/32-csrf-atta…
Read 14 tweets
It's Steiner254 Profile picture
Nov 14
Day 0⃣5⃣/2⃣0⃣ -- [Web Application Profile/Dashboard Hacking]
➡️ Day 5, Profile Update/Dashboard Vulnerabilities & References.
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
 IDOR on the dashboard
2/n
 Instagram IDOR
Read 18 tweets
It's Steiner254 Profile picture
Nov 13
Day 0⃣4⃣/2⃣0⃣ -- [Hacking A Web Application Via Password Change Functionality]
➡️ Day 4, Hack A Web Application Via "Password Change Functionality"
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips "No Resting Only Hacking!"
1/n
 All about password reset vulnerabilities by @InfoSecComm
infosecwriteups.com/all-about-pass…
2/n
 Password reset poisoning and web cache poisoning
skeletonscribe.net/2013/05/practi…
Read 22 tweets
It's Steiner254 Profile picture
Nov 12
Day 0⃣3⃣/2⃣0⃣ -- [How To Hack A Login Page!]
➡️ Day 3, How To Hack A Login Page "Exploiting Vulnerabilities On A Login Page"
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
 10 Common vulnerabilities found in the login functionality
redhuntlabs.com/blog/10-most-c…
2/n
 Portswigger vulnerabilities on password based login
portswigger.net/web-security/a…
Read 20 tweets
It's Steiner254 Profile picture
Nov 11
Day 0⃣2⃣/2⃣0⃣ -- [Registration/SignUp Page Vulnerabilities]
➡️ Day 2, we will cover potential vulnerabilities that can affect a Registration/Sign-Up Page of a web application
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips
1/n
Registration Page Vulnerabilities
github.com/carlospolop/ha…
2/n
 Registration & Takeover Vulnerabilities
book.hacktricks.xyz/pentesting-web…
Read 20 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(