Kabir 🕉 Profile picture
Security Engineer @LeadSquared | Creator of @thecyberw0rld - Open Source · Cyber Security · Community
May 9, 2022 7 tweets 2 min read
Continue...

Bug Bounty Checklist for Web App - Part - 2

Risky Functionality - File Uploads:
- Test that acceptable file types are whitelisted
- Test that file size limits, upload frequency and total file counts are defined and are enforced - Test that file contents match the defined file type
- Test that all file uploads have Anti-Virus scanning in-place.
- Test that unsafe filenames are sanitised
- Test that uploaded files are not directly accessible within the web root
May 9, 2022 24 tweets 4 min read
Bug Bounty Checklist for Web App
Source: ~@owasp

Recon on wildcard domain:

- Run amass
- Run subfinder
- Run assetfinder
- Run dnsgen
- Run massdns
- Use httprobe
- Run aquatone (screenshot for alive host) Single Domain:

Scanning:
- Nmap scan
- Burp crawler
- ffuf (directory and file fuzzing)
- hakrawler/gau/paramspider
- Linkfinder
- Url with Android application
Jan 20, 2022 27 tweets 26 min read
Golden Tips + Resources To get Job/Internships + For self Development

Only these Best Resources you need to start 📈
Opensource, Web Development, Programming, DevOps and all Cyber Security Resources Included ⬇
🧵🔥 [ Open-source ]
Open Source Plays Important role in Self Development + in Job/Internships resume.

What is Open Source & How to Start?
by @kunalstwt

25+ Paid Open Source Programs and Internships
by @kunalstwt
Jan 19, 2022 7 tweets 2 min read
- #100DaysOfHacking with
- 📒Notes (included in the last).
- Day - 4
- Viewing Creating Editing Files. 1. print the "hello"
┌──(root💀kali)-[~/twt]
└─ echo "hello"
>> hello
Jan 18, 2022 6 tweets 2 min read
- #100DaysOfHacking with
- 📒 Notes (included in the last).
- Day - 3 (must checkout)
- 2. File Permission-modifications (in detail). ⬇ File permissions can be viewed using the `ls` command.
Here is an example:

┌──(root💀kali)-[~/twt]
└─ # ls -l filename.txt Image
Jan 18, 2022 10 tweets 3 min read
- #100DaysOfHacking with 📒Notes (included in the end).
- Day - 3
- 1. Users and Privileges. ⬇ ~# ls -la
List for checking permissions ⬇ Image