Exploits Explained: 5 Unusual Authentication Bypass Techniques
https://www.synack.com/blog/exploits-explained-5-unusual-authentication-bypass-techniques/
5000$ for Apple Stored Xss And Another Blind Xss Still under review(建议国外账号提交,另周期较长)
https://hamzadzworm.medium.com/5000-for-apple-stored-xss-and-another-blind-xss-still-under-review-e9f6f5a76eb1
Check if the company have a job board inside their WP website. You can find all the uploaded resumes/CV in most of the case.
Dorks for CVE-2022-2544 & CVE-2022-2558 :
inurl:wp-content/uploads/jobpost
inurl:wp-content/uploads/wpjobboard
Faster your NMAP scan with “Agile Grabber”
https://infosecwriteups.com/faster-your-nmap-scan-with-agile-grabber-2786c236c3dc?source=rss—-7b722bfd1b8d—4
H1报告
https://hackerone.com/reports/1718574 ($600)
bug bounty tips book
https://gowsundar.gitbook.io/book-of-bugbounty-tips/
昨天不知道为什么,突然涨了很多粉丝,关键昨天发了两篇文章,我也不知道你们喜欢的是哪一个。所以呢如果是喜欢看我水文的点赞,喜欢看tips的点”在看”,:)
原文始发于微信公众号(Bug Bounty Tips):Bug Bounty Tips(2022-10-26)
