100DaysOfHacking

Day027

P小二留下评论

今日重点:

1.Google的bughunteruniversity先过一遍

https://sites.google.com/site/bughunteruniversity/

漏洞挖掘资料

1.Bug-Bounty-Tools

https://github.com/ethicalhackingplayground/Bug-Bounty-Tools

2.Credential-Stuffing Attack Hits The North Face

https://threatpost.com/credential-stuffing-attack-north-face/161190/

3.Param Miner

https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943

4.目录遍历工具

https://github.com/jcesarstef/dotdotslash

漏洞报告学习

  1. Unique XXE to AWS Keys journey

https://medium.com/@estebancano/unique-xxe-to-aws-keys-journey-afe678989b2b

2.Facebook DOM Based XSS using postMessage

https://ysamm.com/?p=493

3.Evernote: Universal-XSS, theft of all cookies from all sites, and more

https://blog.oversecured.com/Evernote-Universal-XSS-theft-of-all-cookies-from-all-sites-and-more/

4.All About Getting First Bounty with IDOR

https://medium.com/bugbountywriteup/all-about-getting-first-bounty-with-idor-849db2828c8

5.Smuggling an (Un)exploitable XSSPermalink

https://www.rcesecurity.com/2020/11/Smuggling-an-un-exploitable-xss/

每日漏洞挖掘统计

平台漏洞记录漏洞赏金
hackerone00
bugcrowd00

发表评论

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 注销 /  更改 )

Twitter picture

您正在使用您的 Twitter 账号评论。 注销 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 注销 /  更改 )

取消

Connecting to %s