CTF导航 CTF导航

Bug Bounty Tips(2022-10-15)

渗透技巧 2年前 (2022) admin
611 0 0

点击蓝字 关注不迷路

01

H1报告

https://hackerone.com/reports/1624140

https://hackerone.com/reports/1626226

02

Top 25 Server-Side Request Forgery (SSRF) Bug Bounty Reports

https://hackerinthehouse.in/top-25-server-side-request-forgery-ssrf-bug-bounty-reports/

03

How to Report and Find the HTML injection vulnerability on Bug crowd 

https://www.youtube.com/watch?v=VwFsC1dX3W8&feature=youtu.be

04

TWO LINES OF JSCRIPT FOR $20,000 – PWN2OWN MIAMI 2022

https://trenchant.io/two-lines-of-jscript-for-20000-pwn2own-miami-2022/

05

Write-up: Infinite money logic flaw @ PortSwigger Academy

https://infosecwriteups.com/write-up-infinite-money-logic-flaw-portswigger-academy-5b6182f42f57


06

2FA Bypass Technique

Bug Bounty Tips(2022-10-15)

07

Finding XSS using KnoXSS API

echo "domain" | subfinder -silent | gauplus | grep "=" | uro | gf xss | awk '{ print "curl https://knoxss[.]me/api/v3 -d "target="$1 "" -H "X-API-KEY: APIKNOXSS""}' | sh


前两天发的太多了,今天及以后会控制在10之内,避免出现头秃学不过来的情况:)

Bug Bounty Tips(2022-10-15)

原文始发于微信公众号(Bug Bounty Tips):Bug Bounty Tips(2022-10-15)

版权声明:admin 发表于 2022年10月16日 上午9:00。
转载请注明:Bug Bounty Tips(2022-10-15) | CTF导航

相关文章

從 2013 到 2023: Web Security 十年之進化與趨勢!
admin
230
CVE-2024-21378:Microsoft Outlook 远程代码执行漏洞 POC
admin
106
OpenSSH Pre-Auth Double Free – CVE-2023-25136 – Writeup and Proof-of-Concept
admin
675
Numen安全研究员发现Apache Linkis漏洞CVE-2022-44645
admin
446
VSCode CVE-2023-29338
admin
319
“考古”之cs4.2内存特征绕过
admin
890

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...

相关文章

Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
0
Open-Source Intelligence Summit 2024议题慢递
0
NTLM Relaying – Making the Old New Again
0
每日安全动态推送(24/11/4)
0
wuzhicms<=4.1.0后台RCE(0day)
0
每周蓝军技术推送(2024.10.26-11.1)
0
Apache Solr漏洞CVE-2024-45216分析
0
某小型cms漏洞复现审计
0
Distributed RPC Framework RemoteModule has Deserialization RCE in pytorch/pytorch(CVE-2024-48063)
0
JWT(JSON Web Token) 攻击面小结
0