100DaysOfHacking

Day032

P小二留下评论

今日重点:

1.刷SRC的一些技巧总结

https://github.com/taielab/Taie-Bugbounty-killer/blob/master/%E6%B3%B0%E9%98%BF%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98%E8%87%AA%E5%8A%A8%E5%8C%96%E8%B5%8F%E9%87%91%E6%8A%80%E5%B7%A7%E6%89%8B%E5%86%8C(%E6%B3%B0%E9%98%BF%E5%AE%89%E5%85%A8%E5%AE%9E%E9%AA%8C%E5%AE%A4%E5%87%BA%E5%93%81).pdf

2.在Pypi上查找恶意包 Hunting for Malicious Packages on PyPI

https://jordan-wright.com/blog/post/2020-11-12-hunting-for-malicious-packages-on-pypi/

漏洞挖掘资源

1.基于浏览器的内网扫描

http://samy.pl/webscan/

https://github.com/samyk/webscan

2.google出的本地Python fuzzer

https://github.com/google/atheris

3.Abhiram V: my successful journey with huntr

https://www.huntr.dev/blog/abhiram-v-my-successful-journey-with-huntr

4.Bypassing the Redirect filters with 7 ways

https://elmahdi.tistory.com/m/4

漏洞报告学习

1.Exploiting Drupal8’s REST RCE (SA-CORE-2019-003, CVE-2019-6340)

https://www.ambionics.io/blog/drupal8-rce

每日漏洞挖掘统计

平台漏洞记录漏洞赏金
hackerone00
bugcrowd00

发表评论

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 注销 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 注销 /  更改 )

取消

Connecting to %s