nuclei templates collection github.com/Akokonunes/Pri… github.com/adampielak/nuc… github.com/th3r4id/nuclei… github.com/themastersunil… github.com/test502git/log… #bugbountytips #BugBounty

Bug Bounty Tips: Finding additional targets connected to your widescope target. Have you exhausted your options for discovering associated assets through CIDR, Reverse WHOIS, Favicon Hash, DNS Records, Acquisitions, etc.? Here's another method to identify additional assets

Introducing Notion Blog An open-source boilerplate for people who love Notion and and want to self-host their blogs. I built my blog using it. github.com/Utkarshn10/not…

I'm delighted to announce that I'll be presenting: "Splitting the email atom: exploiting parsers to bypass access controls" at Blackhat USA #BHUSA Black Hat Check out the abstract for more details: blackhat.com/us-24/briefing…

New writeup: "Hacking Millions of Modems (and Investigating Who Hacked My Modem)" samcurry.net/hacking-millio… Thanks for reading! Huge thanks to veritas, Brett Buerhaus, shubs, d0nut 🦀, Ian Carroll, and everyone who reviewed the post beforehand.

New from 404 Media: we've published the full text of an internal Google report, which shows a Google contractor used admin access to leak info from a private Nintendo YouTube video about an at the time upcoming game 404media.co/google-contrac…

100 #bugbounty thanks:

Today we present new solutions to the Liner Shipping Network Design and Scheduling Problem, released as part of our new Shipping Network Design API, with the goal of maximizing the efficiency of container shipping networks at world-wide scale. Read more → goo.gle/3X61X1Z

Question for the hackers: I've always used Firefox when hacking webapps because I can use the "Firefox Multi-Account Containers" plugin to separate my sessions and easily check for authorization issues, or be logged into multiple user roles at the same time. Chrome doesn't seem

🤣

Shout out to @tomnomnom, the gift that keeps on giving! Here's a cool script for y'all that pulls every single file that has ever existed in a given repo so you can compare changes over time and find some juicy info! github.com/tomnomnom/dotf…

What are some of your favorite/best cybersecurity books you have read?

Becoming a Vulnerability Researcher: My Personal Experience I've put together a roadmap based on my journey to becoming a vulnerability researcher. Check out my detailed (but not too detailed) guide here: gist.github.com/tin-z/a469e996…

Building a HacBook 🍎 by @[email protected] securingdev.github.io/posts/building…

Added to our watch list Nikhil

if you have included JavaScript from cdn. polyfill. io, please remove it immediately. Under certain conditions, users may receive malicious JavaScript code blog.huli.tw/2024/06/25/en/…

Advanced SQL Injection Techniques now available in GitBook. Make a copy/ Archive / Convert to PDF before they report this too :). #bugbountytip #BugBounty #SQLInjection #SQLi nav1n0x.gitbook.io/advanced-sql-i…

Dear all SSRF Lords, On a Backend running Ruby 5.0.2 & Squid Proxy and a Full Response SSRF. What all can we try? (Basic stuff already tried) #bugbounty #infosec

📖 Monke's Guide to Bug Bounty Methodology An exhaustive article answering pretty much everything you ever wanted to know about methodology. Enjoy :) #bugbounty monke.ie/p/monkes-guide…