API Penetration Testing -Checklist. guru99.com/testing-rest-a… mathieu.fenniak.net/the-api-checkl… github.com/shieldfy/API-S… kennethlange.com/rest-api-check… phase2technology.com/blog/your-comp… github.com/OWASP/CheatShe… testbytes.net/blog/api-secur… blog.isecurion.com/2017/10/10/pen… hydrasky.com/network-securi… tech.flipkart.com/astra-automate…

Reflected XSS - Cloudflare Bypass Normal payload ";alert(1)// ( 403 Blocked By Cloudflare ) Bypass ";(a=alert,b=1,a(b))// ( 200 OK ) #xss #bugbounty #bugbountytip #bugbountytips #cloudflarebypass

🤯 OpenAI + Burp Suite = welcome to "ReconAIzer" A powerful extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. 🔗Link: github.com/hisxo/ReconAIz… (It's not a serious project, it's just for fun 😂)

Back again >> 80+ Domain and Subdomain Takeover! Tip : Always check Domains on same IP. use : * securitytrails.com * webtechsurvey.com * builtwith.com * subdomainfinder.c99.nl #Security #BugBounty #Tips

Depix A tool for recovering passwords from pixelized screenshots. github.com/beurtschipper/… #cybersecurity #infosec t.me/hackgit/8823

Bug Bounty Recon 📝 Part 1: aswinthambipanik07.medium.com/bug-bounty-rec… Part 2: aswinthambipanik07.medium.com/bug-bounty-rec… Part 3: aswinthambipanik07.medium.com/bug-bounty-rec… Part 4: aswinthambipanik07.medium.com/bug-bounty-rec… #Infosec #BugBounty #Recon #Hacking #Tech #RedTeam #bugbountytips #Cyber

We're giving away an OSCP voucher to our community.🎉 To participate : 1. Follow us on Twitter. 2. Retweet this post. 3. Like this tweet. It's that simple! By completing these steps, you'll be eligible to win. Also, register now at threatcon.io/pricing. #offsec #giveaway

V2.1.0 is now in production : app.osintracker.com ! You can now assign a color to a data or relationship. This allows you to customize the appearance of your graph, and also to filter datas by color. (The example investigation deals with SMS spam... so no pity!)

💻 Use Telegram Bot For Pentesting 💻 #bugbountytips medium.com/@SofianeHamlao…

⚡️Osintracker⚡️ is a free application enabling investigators to optimize the management of an osint (Open Source Intelligence) investigatio.🚀 🔗:- app.osintracker.com 📖:- osintfr.com/en/osintracker… #OSINT #SOCMINT #investigation #recon #email #phone

🔒 Exclusive Giveaway Alert! Win a PEN-200 (OSCP) Voucher! 🔒 Hello InfoSec community! 🌐 Elevate your cybersecurity skills and experience with BSides Indore Conference 2023. Participate in our amazing giveaway for a chance to win a PEN-200 (OSCP) Voucher. In order to

Hey #OSINT, E4GL30S1NT is a simple information gathering tool integrating other tools under a single umbrella. #recon #infosecurity Features: - userrecon - facedumper - mailfinder - godorker - phoneinfo - dnslookup - whoislookup - hostfinder github.com/C0MPL3XDEV/E4G…

TorBot - collect open data from the deep web and produce an interactive tree graph. hakin9.org/torbot-open-so… #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #Linux #windows

Us brother 😐

#OSINT Protip 64: #Snapchat can be extremely useful during a crises, and can provide good information on a target person or place. - map.snapchat.com - osintcombine.com/snapchat-multi… - backmoji.myosint.training - snapchat.com/add/USERNAME #OSINTProtip #SOCMINT

20 Top Recon Tools For Ethical Hackers >Nmap >Maltego >Gau >Subfinder >Dirsearch >Amass >Gobuster >Feroxbuster >Gowitness >Altdns >Rustscan >Waymore >Gospider >NAABU >Masscan >Gotator >FFUF >DnsValidator >WhatWeb >Assetfinder

🎁 Monthly Giveaway 🎁 Hack The Box 12-month VIP Plus x1 - Follow, Like, and Retweet to join! - Winner will be picked randomly on 21 Sep. #hackthebox #giveaway #projectsekaictf

Bug Bounty Tip SSTI (Server Side Template Injection) Payload List 🔹{7*7} 🔹*{7*7} 🔹{{7*7}} 🔹[[7*7]] 🔹${7*7} 🔹@(7*7) 🔹<?=7*7?> 🔹<%= 7*7 %> 🔹${= 7*7} 🔹{{= 7*7}} 🔹${{7*7}} 🔹#{7*7} 🔹[=7*7] If evaluated as 49 - the target is vulnerable Cheers!

ALL EYES ON BANGLADESH #Save_Bangladeshi_students #StudentsUnderAttack #QuotaReform