Quick tips : How i found 10+ information disclosure in hackerone public program 1/n 1st: collect all ip's from shodan shodan search Ssl.cert.subject.CN:"target.com*" 200 --fields ip_str | httpx | tee ips.txt 2nd: fuzz all ips using dirsearch

Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows PentesterLab and retweets this tweet !! And we are going to give a 12-month voucher to someone who follows PentesterLab and likes this tweet !!

Useful #kubernetes security checklist published on the Kubernetes documentation site. kubernetes.io/docs/concepts/… “This checklist aims at providing a basic list of guidance with links to more comprehensive documentation on each topic. It does not claim to be exhaustive".

Yay🥳, I was awarded $750 bounty on HackerOne! #TogetherWeHitHarder It's my first ever bounty. It took me 2 years to get my first payout. Yeah,it took me that long to get a reward and I am so glad I did it. A little tip for those who are struggling with bug bounty hunting A 🧵

I revisited NahamCon 2021 and found the talk by Joseph Thacker on fuff super informative. Hence, I decided to write a thread on it for those who don't have time to watch the talk. "fuff scripts & tricks" - A thread. 🧵👇 #bugbounty #infosec #fuzzing #bugbountytips #cybersecurity

Subdomain Enumeration is a critical phase in the BugBounty game Subfinder (from ProjectDiscovery) is one of the best tool for subdomain enumeration Here are 6 steps to master this great tool 👇🧵 #recontips #bugbountytips #bugbounty #pentesting #AttackSurfaceManagement

Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows PentesterLab and retweets this tweet!! And we are going to give a 12-month voucher to someone who follows PentesterLab and likes this tweet!!

🎁 Giveaway 🎁 1 annual Pentesterlab pro - Retweet , like and Follow to Enter Winner will be announced on 24th October #pentesterlab #Giveaway #web

6 easy steps to master httpx. A thread 👇🧵 httpx (from ProjectDiscovery) is a fast and multi-purpose HTTP toolkit. Let's find out how it works 👇 #recon #httpx #bugbountytips #bugbounty #AttackSurfaceManagement #recontips

Recon Methodology | Resources🔽| offensity.com/en/blog/just-a… book.hacktricks.xyz/generic-method… dhiyaneshgeek.github.io/bug/bounty/202… infosecwriteups.com/recon-methodol… sidxparab.medium.com/best-bugbounty… vedanttekale20.medium.com/spend-more-tim… gowthams.gitbook.io/bughunter-hand… #bugbountytip #bugbountytips #recon #cybersecurity #Pentesting (1/2)

Black Friday Giveaway! Make sure you check our deals: pentesterlab.com/pro We are going to send a t-shirt and a few goodies to one person who retweets this tweet!! And we are going to give a 12-month voucher to someone who follows PentesterLab and likes this tweet!!

If you're still looking for resources to get into hacking or bug bounty, I highly recommend taking a look at this GitHub repository! It has a list of videos, labs, and talks for anything hacking related! github.com/nahamsec/Resou…

Open Redirect to Account Takeover + Fixed Bypassed First I collected all the subdomain assetfinder --subs-only redacted,com | httpx -silent | tee -a redacted.txt Crawl the parameter using Waybackurls and pass it to GF tool [1/n] #BugBounty #bugbountytips #infosec

Good resources on #BugBounty for you to bookmark!🌟 1. kongsec.medium.com/how-to-js-for-… 2. medium.com/@investigator5… 3. medium.com/@ar_hawk/from-… 4. asdqw3.medium.com/xss-in-gmail-d… 5. medium.com/@deadoverflow/… #dorking #vulnerability #bugbountytip

List of Red-Team GitHub Repos scribd.com/document/60812… #cybersecurity #infosec #redteam

🛜🛡️Network Security Resources 📍Awesome Security 🖇️github.com/sbilly/awesome… 📍Security-Resources 🖇️github.com/Johnson90512/A… 📍Cyber-Security-Resources 🖇️github.com/Aksheet10/Cybe… 📍awesome-networking 🖇️github.com/nyquist/awesom… 📍security-hardening 🖇️github.com/decalage2/awes…

Conference presentation slides: Credit Link: github.com/onhexgroup/Con… - Black Hat USA 2024 slides (3-8 August,2024) - REcon 2024 Slides (28-30 Jun,2024) - Offensivecon 2024 (May 10-11,2024 Berlin) - Blackhat Asia 2024 (April 16-19, 2024 Marina Bay Sands / Singapore) - Blackhat

🔥🔥🔥 anveshan all in one script for your recon process. It finds - Subdomains - URLs - JS-Files - Screenshots - Ports - Secrets [inside js files] Link : github.com/hackersthan/an… #bugbounty #recon #CyberSecurity 🔥🔥🔥

Offensive Linux Security Cheat Sheet 🔴⚫️Full HD Image: github.com/Ignitetechnolo… #infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #AI #cybersecurityawareness #bugbounty #bugbountytips