Bug Bounty Tips(2022-10-24)

渗透技巧 2年前 (2022) admin
479 0 0

点击蓝字 关注不迷路

01

Bugbounty Tool { gron } by @TomNomNom   Git Likes : 11.5k  gron transforms JSON into discrete assignments to make it easier to grep for what you want and see the absolute ‘path’ to it.

https://github.com/tomnomnom/gron 

02

写报告模板

https://github.com/fransr/template-generator

03

微软的一个SSRF(他们好像只收XSS)

https://www.mdsec.co.uk/2022/10/microsoft-office-online-server-remote-code-execution/

04

Google SSO misconfiguration leading to Account Takeover

https://0x4kd.medium.com/google-sso-misconfiguration-leading-to-account-takeover-cf9bcf63e76e

05

Google VRP — [Insecure Direct Object Reference] $3133.70

https://caesarevan23.medium.com/google-vrp-insecure-direct-object-reference-3133-70-a0e37023a4c7


Bug Bounty Tips(2022-10-24)




原文始发于微信公众号(Bug Bounty Tips):Bug Bounty Tips(2022-10-24)

版权声明:admin 发表于 2022年10月24日 上午8:11。
转载请注明:Bug Bounty Tips(2022-10-24) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...