Continue...

Bug Bounty Checklist for Web App - Part - 2

Risky Functionality - File Uploads:
- Test that acceptable file types are whitelisted
- Test that file size limits, upload frequency and total file counts are defined and are enforced - Test that file contents match the defined file type
- Test that all file uploads have Anti-Virus scanning in-place.
- Test that unsafe filenames are sanitised
- Test that uploaded files are not directly accessible within the web root

Bug Bounty Checklist for Web App
Source: ~@owasp

Recon on wildcard domain:

- Run amass
- Run subfinder
- Run assetfinder
- Run dnsgen
- Run massdns
- Use httprobe
- Run aquatone (screenshot for alive host) Single Domain:

Scanning:
- Nmap scan
- Burp crawler
- ffuf (directory and file fuzzing)
- hakrawler/gau/paramspider
- Linkfinder
- Url with Android application

Golden Tips + Resources To get Job/Internships + For self Development

Only these Best Resources you need to start 📈
Opensource, Web Development, Programming, DevOps and all Cyber Security Resources Included ⬇
🧵🔥 [ Open-source ]
Open Source Plays Important role in Self Development + in Job/Internships resume.

What is Open Source & How to Start?
by @kunalstwt

25+ Paid Open Source Programs and Internships
by @kunalstwt

- #100DaysOfHacking with
- 📒Notes (included in the last).
- Day - 4
- Viewing Creating Editing Files. 1. print the "hello"
┌──(root💀kali)-[~/twt]
└─ echo "hello"
>> hello

- #100DaysOfHacking with
- 📒 Notes (included in the last).
- Day - 3 (must checkout)
- 2. File Permission-modifications (in detail). ⬇ File permissions can be viewed using the `ls` command.
Here is an example:

┌──(root💀kali)-[~/twt]
└─ # ls -l filename.txt

- #100DaysOfHacking with 📒Notes (included in the end).
- Day - 3
- 1. Users and Privileges. ⬇ ~# ls -la
List for checking permissions ⬇