今日文章更新：

1.Hacking with GPT-3

2.硅谷来信3 ——第000-010封信笔记

漏洞挖掘学习

1.aws 的侦查工具 aws-recon

https://github.com/darkbitio/aws-recon

2.PHP 源码 XSS Looking for XSS in PHP Source Code

https://brutelogic.com.br/blog/looking-xss-php-source/?utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost

3.Burp Collaborator

https://portswigger.net/burp/documentation/collaborator

4.Bug-Hunting TIPS

https://github.com/thevillagehacker/Bug-Hunting/blob/main/Writeups/Bug-Bounty-Tips/Tip-files/oneliners.md

5.NAT Slipstreaming, Widespread Injection in GitHub Actions, Greppable Secrets

https://tldrsec.com/blog/tldr-sec-059/#-further-enhance-security-by-easily-automating-your-api-token-protection

6. N1QL exploitation tool.

https://github.com/FSecureLABS/N1QLMap

7.Gophish: An Open-Source Phishing Framework

https://securitytrails.com/blog/gophish-phishing-framework

8.Let’s write a PDF file

https://files.speakerdeck.com/presentations/6d1b3e5d3ae3403e80eb2515b7ac8e17/Let_s_write_a_PDF_file.pdf

9.Hetty – An HTTP Toolkit For Security Research

https://www.kitploit.com/2020/11/hetty-http-toolkit-for-security-research.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29

10.Zoom – turning on someone’s camera using SQL injection vulnerability

11.Awesome One-liner Bug Bounty

https://github.com/dwisiswant0/awesome-oneliner-bugbounty

12.CSRF Protection in Flask

https://testdriven.io/blog/csrf-flask/

13.XSS: Arithmetic Operators & Optional Chaining To Bypass Filters & Sanitization

https://www.secjuice.com/xss-arithmetic-operators-chaining-bypass-sanitization/

14.XSS and RCE

https://brutelogic.com.br/blog/xss-and-rce/?utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost

漏洞报告学习

1.AntiviruXSS White Paper

https://brutelogic.com.br/blog/antiviruxss-paper/?utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost