Repository: nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
Branch: master
Commit: 13f606505c4e
Files: 16
Total size: 91.7 KB
Directory structure:
gitextract_21dvlgig/
├── .github/
│ └── FUNDING.yml
├── CONTRIBUTORS.md
├── README.md
└── assets/
├── basics.md
├── blogposts.md
├── books.md
├── cheat.md
├── coding.md
├── health.md
├── labs.md
├── media.md
├── mobile.md
├── setup.md
├── talks.md
├── tools.md
└── vulns.md
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/FUNDING.yml
================================================
# These are supported funding model platforms
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
================================================
FILE: CONTRIBUTORS.md
================================================
A Big Thank You to the Main-Contributors of the Repo:<br>
Securibee<br>
NahamSec<br>
AshF0x<br>
and of course everyone else who sends in suggestions for the repo itself <3
================================================
FILE: README.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Intro
### Current Version: 2023.01
Welcome to our web hacking and bug bounty hunting resource repository! A curated collection of web hacking tools, tips, and resources is available here. We hope that this repository will be a valuable resource for you as you work to secure the internet and make it a safer place for everyone, whether you're a seasoned bug bounty hunter or just getting started.
We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br>
If you are interested in learning about top bug bounty hunters in the community check out my [Live Recon VODs](https://www.youtube.com/playlist?list=PLKAaMVNxvLmAkqBkzFaOxqs3L66z2n8LA).
## NahamSec's Personal Resource:
I have also put together my own resource:
- [NahamSec's Bug Bounty Course with 100+ Labs](https://app.hackinghub.io/hubs/nahamsec-bug-bounty-course)
- [Nahamsec on YouTube](https://www.youtube.com/NahamSec)
- [Nahamsec on Twitch](https://www.twitch.tv/nahamsec)
---
## Table of Contents
- [Basics](/assets/basics.md)
- [Blog posts & Talks](/assets/blogposts.md)
- [Books](/assets/books.md)
- [Setup](/assets/setup.md)
- [Tools](/assets/tools.md)
- [Labs & Testing Environments](/assets/labs.md)
- [Talks](/assets/talks.md)
- [Vulnerability Types](/assets/vulns.md)
- [Mobile Hacking](/assets/mobile.md)
- [Coding & Scripting](/assets/coding.md)
- [Media Resources](/assets/media.md)
- [Mindset & Mental Health](/assets/health.md)
---
If you have more questions or suggestions, check out [NahamSec's Discord](https://discord.gg/9jZxjQ5)!<br>
================================================
FILE: assets/basics.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Basics 🤓
Before diving into bug bounty hunting, it is critical to have a solid understanding of how the internet and computer networks work. Understanding key concepts such as Transmission Control Protocol (TCP), a fundamental protocol used for transmitting data over the internet and other networks, is essential. Also, it is critical to understand networking concepts such as IP addresses, subnetting, and routing, which are all critical components of how devices communicate on a network. Another crucial concept to grasp is Domain Name System (DNS), which is in charge of converting human-readable domain names (such as google.com) into machine-readable IP addresses.
Understanding these concepts will provide a solid foundation for your bug bounty hunting journey, allowing you to better understand and navigate the various systems and networks you will encounter.
### Table of Contents
1. [HTTP basics](#HTTP-basics)
2. [Networking basics](#Networking-basics)
3. [Programming Basics](#Programming-Basics)
4. [Automation](#Automation)
5. [Linux basics](#Linux-Basics)
6. [Web Server Basics](#Web-Server-Basics)
7. [Computing Fundamentals](#Computing-Fundamentals)
8. [Hacking Basics](#Hacking-Basics)
### HTTP basics
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
- [All in one resource](https://www.hacker101.com/sessions/web_in_depth)
- HTTP basics
- Cookie security
- HTML parsing
- MIME sniffing
- Encoding sniffing
- Same-Origin Policy
- [Request form](https://www.tutorialspoint.com/http/http_requests.htm)
- [Response form](https://www.tutorialspoint.com/http/http_responses.htm)
- [Response codes](https://www.tutorialspoint.com/http/http_status_codes.htm)
- [URL Encoding](https://www.tutorialspoint.com/http/http_url_encoding.htm)
#### HTTP Basics Video Resources
- [HTTP Crash Course & Exploration](https://www.youtube.com/watch?v=iYM2zFP3Zn0)
- [Same Origin Policy](https://www.youtube.com/watch?v=bSJm8-zJTzQ)
### Networking basics
Recon is a common terminology used in bug bounties. It’s great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work.
- [Terminology](https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols)
- [What is an IP?](https://commotionwireless.net/docs/cck/networking/learn-networking-basics/)
- [What are ports?](https://www.utilizewindows.com/list-of-common-network-port-numbers/)
- [What is DNS?](https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records--cms-24704)
#### Networking Basics Video Resources
-[Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
- [IP Addressing and IP Subnetting for the CCNA Exam by David Bombal] (https://youtube.com/watch?v=E-J8EPUvc8E)
- [What is DNS by David Bombal](https://www.youtube.com/watch?v=dl-C6cBoRg4)
- [CCNA 200-301 Complete Course](https://www.youtube.com/watch?v=H8W9oMNSuwo)
- [Free CCNA 200-301 Course: Network Fundamentals by David Bombal](https://www.udemy.com/course/free-ccna-200-301-network-fundamentals/)
### Programming Basics
Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical.
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step. If you prefer an interactive tool to learn about JavaScript, I highly recommend [Codecademy](http://ssqt.co/mQfH8zl) or [W3Schools](https://www.w3schools.com/html/)!
- JavaScript: Once you have familiarized yourself with HTML, you should understand JavaScript since you will be using it to exploit XSS vulnerabilities. The usage of JavaScript isn’t just limited to when you are exploring XSS, so it’s a very handy programming language to know.
If you prefer an interactive tool to learn about JavaScript, I highly recommend [CodeCademy](http://ssqt.co/mQfH8zl)!
- SQL: You may have guessed It already, but you won’t be able to exploit complex SQL injection vulnerabilities before having any SQL knowledge.
As always, if you prefer an interactive course, feel free to use [CodeCademy](http://ssqt.co/mQfH8zl)!
https://www.codecademy.com/learn/learn-sql
http://www.sqlcourse.com/
### Programming Basics Video Resources
- [HTML Basics In 10 Minutes] (https://www.youtube.com/watch?v=MDLn5-zSQQI)
- [JavaScript Tutorial for Beginners: Learn JavaScript in 1 Hour] (https://www.youtube.com/watch?v=W6NZfCO5SIk)
- [Learn SQL in 1 Hour - SQL Basics for Beginners] (https://www.youtube.com/watch?v=9Pzj7Aj25lw)
### Automation
You may skip this section if you believe you will never need automation or in-depth web application knowledge. However, I believe that learning bash in addition to one of the four languages listed below will allow you to work smarter rather than harder.
- Bash
- https://www.learnshell.org/
- https://explainshell.com/
- Ruby
- https://www.learnrubyonline.org/
- Python
- https://docs.python.org/3/tutorial/
- Go(lang)
- https://golang.org
- Additional Resources:
- https://www.codecademy.com/learn/paths/web-development
- https://docs.python.org/3/tutorial/
- http://www.sqlcourse.com/
- https://en.wikibooks.org/wiki/Programming_Fundamentals/Advanced_Flowcharting
- PHP
- https://php.net
#### Automation Video Resources
- [Beginner's Guide to the Bash Terminal](https://www.youtube.com/watch?v=oxuRxtrO2Ag)
- [Python for Beginners - Learn Python in 1 Hour] (https://www.youtube.com/watch?v=kqtD5dpn9C8)
### Web Server Basics
If you are looking into getting started with Bug Bounties with a focus on web, I highly recommend learning the nuts and bolts of what make a website work.
- [Installing Apache, MySQL, PHP on Windows 10](https://codebriefly.com/how-to-setup-apache-php-mysql-on-windows-10/)
- [Installing Apache, MySQL, PHP on Ubuntu](https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-ubuntu-18-04)
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk)
After creating your own web server, I highly recommend installing a CMS (like Wordpress or drupal) on your localhost to understand how it all works.
#### Web Server Basics Videos
- [Python for Beginners - Learn Python in 1 Hour] (https://www.youtube.com/watch?v=kqtD5dpn9C8)
- [How to Install XAMPP Server on Windows 10](https://www.youtube.com/watch?v=-f8N4FEQWyY)
### Linux Basics
- [Install WSL on Windows 10](https://ubuntu.com/wsl)
- [Basics Linux Commands](https://www.hostinger.com/tutorials/linux-commands)
- [How to use curl](https://flaviocopes.com/http-curl/)
- [Loops](https://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO-7.html)
- [xargs](https://www.cyberciti.biz/faq/linux-unix-bsd-xargs-construct-argument-lists-utility/)
#### Linux Basics Videos
- [How to Install Ubuntu on Windows 10 (WSL)] (https://www.youtube.com/watch?v=X-DHaQLrBi8)
- [Linux Essentials: Curl Fundamentals](https://www.youtube.com/watch?v=Xy7fDxz39FM)
- [Xargs Should Be In Your Command Line Toolbag](https://www.youtube.com/watch?v=rp7jLi_kgPg)
- [Shell Scripting - For Loops](https://www.youtube.com/watch?v=T7hVOiTsSUU)
### Bug Bounty Basics
- [Hacker101's Getting Started](https://www.hacker101.com/start-here)
- [Bug bounty reports that stand out, how to write one?](https://thehackerish.com/bug-bounty-reports-that-stand-out-how-to-write-one/)
- [Bug Bounty Report Templates by @ZephrFish](https://github.com/ZephrFish/BugBountyTemplates/blob/master/Blank.md)
- [List of Bug Bounty Platforms](https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/bugbountyplatforms.md)
- [Bug Bounty Cheatsheet](https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html)
#### Bug Bounty Basics Videos
- [HOW TO GET STARTED IN BUG BOUNTY](https://www.youtube.com/watch?v=CU9Iafc-Igs)
- [Hacker101- Writing Good Reports](https://www.youtube.com/watch?v=z60CFFFyZWE)
- [Putting Your Mind to It: Bug Bounties for 12 Months - @zseano] (https://www.youtube.com/watch?v=-PkK9DP5nec)
- [How to Get Into Bug Bounty by Katie Paxton-Fear @InsiderPhD] (https://www.youtube.com/watch?v=19gIJ7gLbXI)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/blogposts.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
This page is designated to hosts blog posts on particular vulnerability and techniques that have led to a bounty. If you would like to learn more about specific vulnerability types, please visit [Vulnerability Types](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/assets/vulns.md)!
## NahamSec's Favorite Learning Resources
- [HackerOne Hacktivity](https://hackerone.com/hacktivity)
- [Bugcrowd Crowdstream](https://bugcrowd.com/crowdstream)
- [The Daily Swig](https://portswigger.net/daily-swig)
- [The Unofficial HackerOne Disclosure Timeline.](http://h1.nobbd.de/)
- [Detectify Blog](https://blog.detectify.com/)
### Favorite Hacker Blogs
- [Alex Champman](https://ajxchapman.github.io/)
- [Deesee](https://blog.deesee.xyz/)
- [EdOverflow](https://edoverflow.com/)
- [Jon Bottarini](https://jonbottarini.com/)
- [Allyon O'Malley](http://www.allysonomalley.com/)
- [Orange Tsai](https://blog.orange.tw/)
- [Philippe Harewood](https://philippeharewood.com/)
- [Ron Chan](https://ngailong.wordpress.com)
- [Yassine Aboukir](https://www.yassineaboukir.com/)
- [Shubham Shah](https://shubs.io/)
- [spaceraccoon](https://spaceraccoon.dev)
- [ziot](https://buer.haus/)
- [zlz](https://samcurry.net/blog)
- [Vickie Li](https://vickieli.medium.com)
- [rez0](https://rez0.blog/)
- [MrTuxracer](https://www.rcesecurity.com/blog/)
- [Pentest Book by six2dez](https://github.com/six2dez/pentest-book/)
- [Youssef Sammouda](https://ysamm.com/)
### Reddit
- [/r/BugBounty](https://reddit.com/r/bugbounty)
- [r/websecurityresearch/](https://www.reddit.com/r/websecurityresearch/)
- [r/howtohack](https://reddit.com/r/howtohack)
- [r/netsec](https://reddit.com/r/netsec)
- [r/netsecstudents](https://reddit.com/r/netsecstudents)
### Community Curated Blog Posts & Resource
- [Awesome Google VRP Writeups](https://github.com/xdavidhu/awesome-google-vrp-writeups)
- [Top HackerOne Reports](https://github.com/InsiderPhD/hackerone-reports)[By InsiderPhD](https://twitter.com/InsiderPhD)
- [How To Hunt](https://github.com/KathanP19/HowToHunt)
## Blog posts & Disclosed Reports 📝
A collection of Blog Posts ordered by Vulnerability Types
- [XSS](#XSS)
- [SSRF](#SSRF)
- [SQL Injection](#SQL-Injection)
- [HTTP Desync](#HTTP-Desync)
- [File Upload](#File-Upload)
- [IDOR](#IDOR)
- [GraphQL](#GraphQL)
- [RCE](#RCE)
- [Recon](#Recon)
- [API](#API)
- [Misc](#Misc)
- [Mobile](#Mobile)
- [iOS](#iOS)
- [Android](#Android)
### XSS
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
- [Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program](https://samcurry.net/cracking-my-windshield-and-earning-10000-on-the-tesla-bug-bounty-program/) - [Sam Curry](https://twitter.com/samwcyo)
- [Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty](https://medium.com/bugbountywriteup/effortlessly-finding-cross-site-script-inclusion-xssi-jsonp-for-bug-bounty-38ae0b9e5c8a) - [@th3_hidd3n_mist](https://twitter.com/th3_hidd3n_mist)
- [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh
- [Facebook DOM Based XSS using postMessage](https://ysamm.com/?p=493)
- [Airbnb – When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities] (https://buer.haus/2017/03/08/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-vulnerabilities/)
- [An XSS on Facebook via PNGs & Wonky Content Types](https://whitton.io/articles/xss-on-facebook-via-png-content-types/)
- [Persistent DOM-based XSS in https://help.twitter.com via localStorage](https://hackerone.com/reports/297968) - harisec
- [A Tale Of A DOM Based XSS In Paypal](https://www.rafaybaloch.com/2017/06/a-tale-of-dom-based-xss-in-paypal.html) - Rafay Baloch
- [H1514 DOMXSS on Embedded SDK via Shopify.API.setWindowLocation abusing cookie Stuffing](https://hackerone.com/reports/422043) - filedescriptor
- [Another XSS in Google Colaboratory](https://blog.bentkowski.info/2018/09/another-xss-in-google-colaboratory.html) - Michał Bentkowski
- [Google adwords 3133.7$ Stored XSS](https://medium.com/@Alra3ees/google-adwords-3133-7-stored-xss-27bb083b8d27) - Emad Shanab
- [Stored XSS on Facebook](https://opnsec.com/2018/03/stored-xss-on-facebook/) - Enguerran Gillier
- [Yahoo Mail stored XSS](https://klikki.fi/adv/yahoo.html) - Jouko Pynnönen
- [Yahoo Mail stored XSS #2](https://klikki.fi/adv/yahoo2.html) - Jouko Pynnönen
- [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár
- [$6000 CRLF to XSS | Microsoft Bug Bounty] (https://infosecwriteups.com/6000-with-microsoft-hall-of-fame-microsoft-firewall-bypass-crlf-to-xss-microsoft-bug-bounty-8f6615c47922)
### SSRF
- [A Glossary of Blind SSRF Chains](https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/)
- [A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!](https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf)
- [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
- [Pivoting from blind SSRF to RCE with HashiCorp Consul](https://www.kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html)
- [Piercing the Veal](https://medium.com/@d0nut/piercing-the-veal-short-stories-to-read-with-friends-4aa86d606fc5) - by d0nut
- [CVE-2020-13379 - Unauthenticated Full-Read SSRF in Grafana](https://rhynorater.github.io/CVE-2020-13379-Write-Up)
- [MY EXPENSE REPORT RESULTED IN A SERVER-SIDE REQUEST FORGERY (SSRF) ON LYFT](https://www.nahamsec.com/posts/my-expense-report-resulted-in-a-server-side-request-forgery-ssrf-on-lyft) - by nahamsec
- [How I found SSRF on TheFacebook.com](https://w00troot.blogspot.com/2017/12/how-i-found-ssrf-on-thefacebookcom.html)
- [SSRF on Zimbra Led to Dump All Credentials in Clear Text] (https://infosecwriteups.com/story-of-a-2-5k-bounty-ssrf-on-zimbra-led-to-dump-all-credentials-in-clear-text-6fe826005ccc)
- [SSRF in Exchange leads to ROOT access in all instances](https://hackerone.com/reports/341876)
### SQL Injection
- [Time-Based Blind SQL Injection In GraphQL](https://medium.com/bugbountywriteup/time-based-blind-sql-injection-in-graphql-39a25a1dfb3c) - Divyanshu Shukla
- [SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database](https://hackerone.com/reports/531051) - spaceraccoon
- [Finding SQL injections fast with white-box analysis — a recent bug example](https://medium.com/@frycos/finding-sql-injections-fast-with-white-box-analysis-a-recent-bug-example-ca449bce6c76?) - [@frycos](https://twitter.com/frycos)
- [How we hacked one of the worlds largest Cryptocurrency Website](https://strynx.org/insecure-crypto-code-execution/) - [strynx](https://strynx.org/)
- [Blind SQL Injection on windows10.hi-tech.mail.ru](https://hackerone.com/reports/786044) - Просто душка (api_0)
- [How to Hack Database Links in SQL Server!](https://blog.netspi.com/how-to-hack-database-links-in-sql-server/) - Antti Rantasaari
### HTTP Desync
- [HTTP Desync Attacks: Request Smuggling Reborn](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn) in combination with this [report](https://hackerone.com/reports/510152) - [James Kettle](https://twitter.com/albinowax)
- [HTTP Request Smuggling on vpn.lob.com](https://hackerone.com/reports/694604) - 0X0 (painreigns)
- [Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies](https://hackerone.com/reports/737140) - Evan Custodio
### File Upload
- [Webshell via File Upload on ecjobs.starbucks.com.cn](https://hackerone.com/reports/506646) - johnstone
- [Facebook Messenger server random memory exposure through corrupted GIF image ](https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html) - [@xdzmitry](https://twitter.com/xdzmitry)
- [A Tale of Exploitation in Spreadsheet File Conversions](https://buer.haus/2019/10/18/a-tale-of-exploitation-in-spreadsheet-file-conversions/) - [@bbuerhaus](https://twitter.com/bbuerhaus)//[@daeken](https://twitter.com/daeken)//[@erbbysam](https://twitter.com/erbbysam)//[@smiegles](https://twitter.com/smiegles)
- [External XML Entity via File Upload (SVG)](https://0xatul.github.io/posts/2020/02/external-xml-entity-via-file-upload-svg/) - by 0xatul
### IDOR
- [Steal Earning of Airbnb hosts by Adding Bank Account/Payment Method](https://www.indoappsec.in/2019/12/airbnb-steal-earning-of-airbnb-hosts-by.html) - [Vijay Kumar ](https://twitter.com/IndoAppSec)
- [GraphQL IDOR leads to information disclosure](https://medium.com/@R0X4R/graphql-idor-leads-to-information-disclosure-175eb560170d) - [@R0X4R](https://twitter.com/R0X4R)
- [From Multiple IDORs leading to Code Execution on a different Host Container](https://www.rahulr.in/2019/10/idor-to-rce.html?m=1) - [@Rahul_R95](https://twitter.com/Rahul_R95)
- [Automating BURP to find IDORs](https://medium.com/cyberverse/automating-burp-to-find-idors-2b3dbe9fa0b8) - [Aditya Soni](https://medium.com/@hetroublemakr)
- [Another image removal vulnerability on Facebook](https://blog.darabi.me/2020/06/image-removal-vulnerability-on-facebook.html)
- [Stealing Your Private YouTube Videos, One Frame at a Time](https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/)
### GraphQL
- [Private System Note Disclosure using GraphQL](https://hackerone.com/reports/633001) - Ron Chan
- [Graphql Abuse to Steal Anyone’s Address](https://blog.usejournal.com/graphql-bug-to-steal-anyones-address-fc34f0374417) - pratik yadav
- [Email address of any user can be queried on Report Invitation GraphQL type when username is known](https://hackerone.com/reports/792927) - msdian7
### RCE
- [My First RCE (Stressed Employee gets me 2x bounty)](https://medium.com/@abhishake100/my-first-rce-stressed-employee-gets-me-2x-bounty-c4879c277e37) - [Abhishek Yadav](https://medium.com/@abhishake100)
- [How dangerous is Request Splitting, a vulnerability in Golang or how we found the RCE in Portainer and hacked Uber](https://medium.com/@andrewaeva_55205/how-dangerous-is-request-splitting-a-vulnerability-in-golang-or-how-we-found-the-rce-in-portainer-7339ba24c871) - by Andrewaeva
### Automation & Recon
- [How to: Recon & Content Discovery](https://www.hackerone.com/blog/how-to-recon-and-content-discovery)
- [Subdomain Recon Using Certificate Search Technique](https://www.r00tpgp.com/2020/01/subdomain-recon-using-certificate.html?m=0)
- [Notes about NahamSec's Recon Sessions](https://mavericknerd.github.io/knowledgebase/nahamsec/recon_session_1/) - [maverickNerd](https://github.com/maverickNerd)
- [10 Recon Tools For Bug Bounty](https://medium.com/@hackbotone/10-recon-tools-for-bug-bounty-bafa8a5961bd) - Anshuman Pattnaik
- [Recon: Create a methodology and start your subdomain enumeration](https://failednuke.info/2020/recon-create-a-methodology-and-start-your-subdomain-enumeration/) - by FailedNuke
- [THEY SEE ME SCANNIN’, THEY HATIN’: A BEGINNER’S GUIDE TO NMAP](https://securityqueens.co.uk/they-see-me-scannin-they-hatin-a-beginners-guide-to-nmap/) - by Sophia (https://twitter.com/SecQueens)
- [Fasten your Recon process using Shell Scripting](https://medium.com/bugbountywriteup/fasten-your-recon-process-using-shell-scripting-359800905d2a) - Mohd Shibli
- [Beginner’s Guide to recon automation](https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb) - Ashish Jha
- [gitGraber: A tool to monitor GitHub in real-time to find sensitive data](https://blog.yeswehack.com/2019/10/08/gitgraber-a-tool-to-monitor-github-in-real-time-to-find-sensitive-data/) - by [@adrien_jeanneau](https://twitter.com/adrien_jeanneau) & [@R_Marot](https://twitter.com/R_marot)
### API
- [31 Days of API Security Tips](https://github.com/smodnix/31-days-of-API-Security-Tips) - [smodnix](https://github.com/smodnix)
- [Exploiting Application-Level Profile Semantics (APLS)](https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/)
### Misc
- [Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies](https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610)
- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal
- [Zero-day in Sign in with Apple](https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/)
- [Account hijacking using "dirty dancing" in sign-in OAuth-flows](https://labs.detectify.com/2022/07/06/account-hijacking-using-dirty-dancing-in-sign-in-oauth-flows/) By Frans Rosen
- [Hacking GitHub with Unicode's dotless 'i'](https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/)
- [Abusing autoresponders and email bounces](https://medium.com/intigriti/abusing-autoresponders-and-email-bounces-9b1995eb53c2) - securinti
- [Abusing HTTP hop-by-hop request headers](https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers) - [@nj_dav](https://twitter.com/nj_dav)
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) by [James Kettle](https://twitter.com/albinowax)
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) by Github
- [URL link spoofing (Slack)](https://hackerone.com/reports/481472) by Akaki Tsunoda (akaki)
- [Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts](https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts/) by Sam Curry
- [The Secret sauce of bug bounty](https://medium.com/bugbountywriteup/the-secret-sauce-of-bug-bounty-bdcc2e2d45af) by Mohamed Slamat
- [Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty](https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/) - [Sam Curry](https://twitter.com/samwcyo)
- [TJnull’s Preparation Guide for PWK/OSCP](https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html)
### Mobile
#### iOS
- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - spaceraccoon
#### Android
- [A deep dive into reversing Android pre-Installed apps](https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf) and the
---
back to [Intro Page](/README.md)
================================================
FILE: assets/books.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Books 📚
This Section is dedicated to all books related to Hacking, Web Hacking, & Bug Bounty Hunting
### NahamSec's Must Read Picks
- [RTFM: Red Team Field Manual v2](https://amzn.to/3IZXVj2) by Ben Clark, Nick Downer
- [The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws](https://amzn.to/3F5H9xT) by Dafydd Stuttard, and Marcus Pinto
- [The Hacker Playbook 3: Practical Guide To Penetration Testing](https://amzn.to/3mwdDLt) by Peter Kim
- [Bug Bounty Bootcamp](https://amzn.to/3l1a8fn) by Vickie Li
- [Black Hat Python](https://amzn.to/3T3a4Zd) by Justin Seitz and Tim Arnold
### Fundamental Books
- [Ethical Hacking](https://amzn.to/41TLu12) by Daniel G. Graham
- [Foundations of Information Security](https://amzn.to/41VOPga) by Jason Andress
- [Penetration Testing](https://amzn.to/3mweg7N) by Georgia Weidman
- [Metasploit](https://amzn.to/3Zq362M) by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni
- [The Tangled Web: A Guide to Securing Modern Web Applications](https://amzn.to/3yhgv14) by Michal Zalewski
### Web Hacking & Bug Bounty
- [Hacking APIs](https://amzn.to/3F3M1Dw) by Corey Ball
- [Real-World Bug Hunting](https://amzn.to/3ZLqc3F) by Peter Yaworski
### Coding for Hacking
- [Automate the Boring Stuff with Python, 2nd Edition](https://amzn.to/3L5q76S) by Al Sweigart
- [Python One-Liners](https://amzn.to/3JgSnC9) by Christian Mayer
- [Black Hat GraphQL](https://amzn.to/3YpeOJH) by Dolev Farhi, Nick Aleks
- [Black Hat Go](https://amzn.to/3mvzh2f) by Tom Steele, Chris Patten, and Dan Kottmann
- [JavaScript for hackers - Learn to think like a hacker](https://amzn.to/3ZudIxA) by Gareth Heyes
### Misc
- [Practical Malware Analysis](https://amzn.to/3Zsi2O1) by Michael Sikorski and Andrew Honig
- [Practical Social Engineering](https://amzn.to/3kPhItI) by Joe Gray
- [The Ghidra Book](https://amzn.to/3yh0KHN) by Chris Eagle and Kara Nance
- [Operator Handbook: Red Team + OSINT + Blue Team Reference](https://amzn.to/3F4MqG9) by Joshua Picolet
---
back to [Intro Page](/README.md)
================================================
FILE: assets/cheat.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Cheat Sheets, Slides & More 🧪
### Cheat Sheets
- [CloudPentestCheatsheets](https://github.com/dafthack/CloudPentestCheatsheets) by dafthack
- [HackTricks](https://book.hacktricks.xyz/) by Carlos Polop
- [Everything curl](https://ec.haxx.se/) by badger
- [GTFObins](https://gtfobins.github.io/)
### One Liners
- [Finding ENdpoints in JS Files](https://twitter.com/renniepak/status/1287804976669040642)
### Slides
- [The Bug Hunter's Methodology v.4.01](https://t.co/kfNNz0It7n?amp=1) - by Jason Haddix
---
back to [Intro Page](/README.md)
================================================
FILE: assets/coding.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Coding & Scripting 🤖
### Info
Many Beginners often ask if Coding is a necessity for Bug Bounty.<br>
Short Answer: No.<br>
But as often discussed on @nahamsec Twitch Channel, it is a good tool to have in General. Coding can help you a lot with understanding stuff that you will encounter on your Hacking Sessions, but it is also generally a good skill to have in the current times. You can automate your Tools with Python for example, or write completely new ones if you have a specific task for it in mind. We will add a lot more in here over the next updates and also reorganize the Resources by Languages and so on.
TL,DR: ___Python___ and ___Bash___ are really good skills to have and start out with.
### Resources
- [Bash Scripting Full Course 3 Hours](https://www.youtube.com/watch?v=e7BufAVwDiM)
- [Explainshell](https://explainshell.com/)
- [Discovering the Terminal](https://blog.balthazar-rouberol.com/discovering-the-terminal)
- [Text Processing in the Shell](https://blog.balthazar-rouberol.com/text-processing-in-the-shell)
- [Subdomain Enumeration Script](https://twitter.com/Sin_Khe/status/1242785016884625409)
- [ShellCheck](https://www.shellcheck.net/) - for finding Bugs in your Shell Scripts
- [Bug Bounty with Bash](https://medium.com/cyberverse/bug-bounty-with-bash-438596ff72f5) - by Aditya Soni
- [Linux Beginner Boost](https://rwx.gg/) - by [rwxrob](https://www.twitch.tv/rwxrob)
### Learning Platforms
- [Exercism](https://exercism.io/) - "Code Practice and Mentorship.."
- [CodeCademy](https://www.codecademy.com/)
- [Khan Academy](https://www.khanacademy.org/computing/computer-programming)
- [Learn Python the Hard Way](https://learnpythonthehardway.org/)
- [Udacity](https://www.udacity.com/)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/health.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Mindset & Mental Health 🧘♂️
Bug Bounties is a task that can be very challenging and competitive and it can also hard to find the "right" entry point for some beginners. I wanted to have a small dedicated category where we can gather resources for you all to keep a healthy and good mindset to get the ball rolling, but also not to burn out too often.
(Thanks STÖK for putting out great videos regarding this point)
Getting in the right Mindset:
- [Mental Hacking 4 Better Bounties:](https://youtu.be/roVg_wgGgxQ) by STÖK
- [Happy Hacking:](http://phrack.com/issues/68/7.html#article) Phrack Volume 0x0e, Issue 0x44, Phile #0x07 of 0x13
- [BSidesSF 2020 - Panel: Mental Health for Hackers (Chloé M • Ryan L • Susan P)](https://youtu.be/raH7tRy8M7g)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/labs.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Labs & Testing Environments 🧪
- [NahamSec's Free Bug Bounty Learning Lab](https://tryhackme.com/room/nahamstore)
### Web Hacking Fundamentals
### Downloadables
- [NahamSec.Training](https://github.com/nahamsec/nahamsec.training/)
- [OWASP Juiceshop](https://owasp.org/www-project-juice-shop/)
- [Google Gruyere](https://google-gruyere.appspot.com/)
- [DVWA](http://www.dvwa.co.uk)
- [Metasploitable 3](https://github.com/rapid7/metasploitable3/wiki/Vulnerabilities)
- [Multidae](https://sourceforge.net/projects/mutillidae/)
- [Badstore](https://www.vulnhub.com/entry/badstore-123,41/)
#### Free
- [Hacker101](https://www.hacker101.com/) | Good Exercises for Beginners, can earn you private Invites on HackerOne
- [Web Security Academy](https://portswigger.net/web-security)
- [HackThisSite](https://hackthissite.org/)
- [CTFChallenge](https://ctfchallenge.co.uk) | Web CTF based on real vulnerabilities
- [Hacksplaining](https://www.hacksplaining.com/)
#### Premium
- [Pentesterlab](https://pentesterlab.com/referral/olaL4k8btE8wqA) | Good Labs with a broad variety of Topics, some very good Web Application Exercises
- [BugBountyHunter](https://www.bugbountyhunter.com/) | Learn how to test for security vulnerabilities on web applications
#### Misc
- [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337
- [Will it CORS?](https://httptoolkit.tech/will-it-cors/) | Tell this magic CORS machine what you want, and it'll tell you exactly what to do
- [XSS Labs from PwnFunction](https://xss.pwnfunction.com/) Great Labs in a beautiful layout
### Vulnerable Apps
- [https://application.security/ - SSRF](https://application.security/free-application-security-training/server-side-request-forgery-in-capital-one)
#### XSS
- [alert 1 to win](https://alf.nu/alert1/)
- [prompt(1)](http://prompt.ml/0)
- [XSS Game By Google](https://xss-game.appspot.com/)
### General Hacking
#### Free
- [VulnHuB](https://www.vulnhub.com/)
- [W3chhalls](https://w3challs.com/)
- [PicoCTF][https://picoctf.org/]
- [Root-Me](https://www.root-me.org/)
- [OverTheWire](https://overthewire.org/wargames/natas/)
#### Premium
- [TryHackMe](https://tryhackme.com/signup?referrer=nahamsec) | Cool Hacking & Pentesting Labs with Web Challenges
- [HackTheBox](https://www.hackthebox.eu/) | provides Testing Labs, some Web Application Challenges
- [Cyberseclabs](https://www.cyberseclabs.co.uk/)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/media.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Media Resources & Communities 🎬
Here you find listings to useful media creations that can help beginners in different ways.
If you are interested in interviews with the top hackers and bug bounty hunters, check out NahamSec's [Live Recon Stream](https://www.youtube.com/playlist?list=PLKAaMVNxvLmAkqBkzFaOxqs3L66z2n8LA)
- [Discord Servers](#Discord-Servers)
- [YouTube Channels](#Youtube-Channels)
- [Streamers](#Streamers)
- [Podcasts](#Podcasts)
- [Twitter](#Twitter)
- [Misc](#Misc)
---
## Discord Servers
- [Nahamsec](https://discord.gg/d6dENAq)
- [Hacker101](https://discord.gg/WrCTm8h)
- [TryHackMe](https://discord.gg/KsAEejZ)
- [HackTheBox](https://discord.gg/FrRJ3Z8)
- [TheCyberMentor](https://discord.gg/)
- [InsiderPhD](https://discord.gg/rdQcSk7a)
## Cyber Security Content Creators
- [Curated List of YT Channels](https://threader.app/thread/1248351836672872456) by TCM
- [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs
- [STÖK](https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg) - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs
- [Bug Bounty Reports Explained](https://www.youtube.com/c/bugbountyreportsexplained/)
- [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) - Educational Videos about CTFs, Hacking in General
- [John Hammond](https://www.youtube.com/@_JohnHammond)
- [The Cyber Mentor](https://www.youtube.com/TheCyberMentor) - Educational Videos about InfoSec, Penetration Testing, Web Security, Scripting, etc.
- [InsiderPhD](https://www.youtube.com/insiderphd) - An excellent Introduction series for beginners to help them find their first bug.
- [PwnFunction](https://www.youtube.com/PwnFunction)- Explanatory videos about Web App vulnerabilities
- [ippsec](https://www.youtube.com/ippsec)
- [Jason Haddix](https://www.youtube.com/channel/UCk0f0svao7AKeK3RfiWxXEA) - VODs of his Stream
- [Farah Hawa](https://www.youtube.com/c/farahhawa)
- [Rana Khalil](https://www.youtube.com/@RanaKhalil101)
- [David Bombal](https://www.youtube.com/@davidbombal)
- [NetworkChuck](https://www.youtube.com/NetworkChuck)
- [PhD Security](https://www.youtube.com/@phd_security)
- [HackerSploit](https://www.youtube.com/HackerSploit)
## Streamers
- [Nahamsec](https://www.twitch.com/nahamsec)
- [0xtib3rius](https://www.twitch.tv/0xtib3rius)
- [alh4zr3d](https://www.twitch.tv/alh4zr3d)
- [d0nutptr](https://www.twitch.tv/d0nutptr/)
- [TheCyberMentor](https://twitch.tv/thecybermentor)
- [thealtf4stream](https://www.twitch.tv/thealtf4stream)
## Conferences
- [The Red Team Village](https://www.twitch.tv/redteamvillage)
- [NahamCon](https://www.youtube.com/@NahamSec)
- [Bsides Ahmedabad](https://www.youtube.com/@BSidesAhmedabad/videos)
## Podcasts
- [Darknet Diaries](https://darknetdiaries.com/) by [Jack Rhysider](https://twitter.com/jackrhysider)
- [Episode 60 with dawgyg](https://darknetdiaries.com/episode/60/)
- [CCC Luxembourg Podcast](http://wiki.c3l.lu/doku.php?id=projects:entr0py_encore) Luxembourgish Podcast from CCC Lux.
- [Critical Thinking: A Bug Bounty Podcast](https://open.spotify.com/show/4GiJnv8f4a4ZR6Jc6TQJ3k)
## Twitter
### Curated Bug-Bounty List on Twitter by [@securibee](https://twitter.com/securibee): [Link](https://twitter.com/i/lists/1253517962272743424)<br>
The following list does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
### Members
| handle | name | description |
|--------|------|-------------|
|[@0x0luke](https://twitter.com/0x0luke) | Luke | MSc Cyber Security | BSc Computer Forensics and Security | Web/Hardware hacker. HoF @Tesla @Apple @DeptofDefense @Uber @RockstarGames @Cloudinary @Dell
|[@0xacb](https://twitter.com/0xacb) | André Baptista | 🇵🇹 Security researcher and bug bounty hunter living somewhere between 3D and 7D. Freedφm. 1128350274
|[@0xd0m7](https://twitter.com/0xd0m7) | 0xd0m7 | Security Researcher
|[@0xInfection](https://twitter.com/0xInfection) | Pinaki | I am just an infected geek. 🤠
|[@0xpatrik](https://twitter.com/0xpatrik) | Patrik Hudak | Outcome over ego.
|[@0xteknogeek](https://twitter.com/0xteknogeek) | Joel Margolis | Engineer by day, researcher by night • 50% grad of @RITtigers • ProdSec @Uber • DISTURBANCE • Views and opinions are my own.
|[@11xuxx](https://twitter.com/11xuxx) | Ashkan Jahanbakhsh | developer, pentester and bug hunter(OSCP, OSCE, OSWE)
|[@1ndianl33t](https://twitter.com/1ndianl33t) | Shiv chouhan | Web & Mobile Application Security Researcher | Hackerone | Bugcrowd |Apk Mod | Graphics Designer |CEH | CHFI | SEO | CCNA | CCNP |https://t.co/GueVYZ7uLi
|[@adrien_jeanneau](https://twitter.com/adrien_jeanneau) | Adrien | Cybersecurity Lover - I love to break things (and I'm paid for that) - Bug Hunter - Creator of gitGraber https://t.co/DKteWrVYt2 #InfoSec #BugBounty
|[@AEMSecurity](https://twitter.com/AEMSecurity) | AEMSecurity | Dedicated to Adobe AEM Security - Bugbounty - Vulnerability & Exploit Research. CVE-2016-0956, CVE-2013-6674
|[@Agarri_FR](https://twitter.com/Agarri_FR) | Nicolas Grégoire | Web hacker && Official Burp Suite Pro trainer https://t.co/oaXuAFhYWp…Follow @MasteringBurp for free tips and tricks
|[@ajxchapman](https://twitter.com/ajxchapman) | Alex Chapman | Bug Hunter | Vulnerability Researcher | On Recovery | DMs Open
|[@akita_zen](https://twitter.com/akita_zen) | Akita 🇦🇷 | bugbounty hunter & zen monk
|[@albinowax](https://twitter.com/albinowax) | James Kettle | Director of Research at PortSwigger Web Security aka @Burp_Suite
|[@alicanact60](https://twitter.com/alicanact60) | Ali Tütüncü | Bug Researcher
|[@Almroot](https://twitter.com/Almroot) | Fredrik N. Almroth | Co-Founder, Researcher and Head of Engineering at @detectify. Coder of stuff, breaker of things. PGP/MIT: 0xEDF8D9828B06A7F7
|[@Alra3ees](https://twitter.com/Alra3ees) | Emad Shanab | A Lawyer & A noooob. Every Law has its own Bugs. I have no Facebook. https://t.co/n9U5HPkWcV https://t.co/46EDOU8gnq
|[@alxbrsn](https://twitter.com/alxbrsn) | Alex Birsan |
|[@Alyssa_Herrera_](https://twitter.com/Alyssa_Herrera_) | Alyssa Herrera Perez 🇩🇰 🏳️⚧️ | Sr. App Sec engineer. Bug bounty hunter on @Hacker0x01. @detectify crowdsource hacker, and @hacknotcrime Advocate. Loves birbs. Furry Hacker. NB-They/them
|[@ameenmaali](https://twitter.com/ameenmaali) | Ameen | appsec infant, bug bounty fetus - Blog: https://t.co/IULDdK4Wh1 (@abugzlife1)
|[@andirrahmani1](https://twitter.com/andirrahmani1) | Andi Rrahmani | Security Researcherhttps://t.co/Xenw3BiShq
|[@anshuman_bh](https://twitter.com/anshuman_bh) | Anshuman Bhartiya | I love Security, Automation, Innovation, Challenges and Changes. My opinions here, not my employers. https://t.co/RyQUQzkYzm
|[@ap_ceng](https://twitter.com/ap_ceng) | Ashish Padelkar |
|[@ArchAngelDDay](https://twitter.com/ArchAngelDDay) | Douglas Day | Born again. Libertarian. Bug Bounty Hunter. Crypto Enthusiast.Views are correct. BTC to 3Jo3Yn7Xt3SYUmm49LiqF1nsKwa9R9wNhi for bugbounty mentorship
|[@arneswinnen](https://twitter.com/arneswinnen) | Arne Swinnen | IT Security. Bug Bounty Hunter.
|[@atul_hax](https://twitter.com/atul_hax) | Atul | I love pwn, reading RFCs, and I just dabble on the keyboard until things happen but Emacs gave me carpal tunnel.
|[@avlidienbrunn](https://twitter.com/avlidienbrunn) | Mathias Karlsson | Web security fiddler. Bug bounty bastard. CTF with @HackingForSoju.
|[@B3nac](https://twitter.com/B3nac) | Kyle | Full time Security Researcher. I really enjoy everything Android. Creator of InjuredAndroid and BountyPay apk. Send me all the apks plz. https://t.co/myQCNOp959
|[@bbuerhaus](https://twitter.com/bbuerhaus) | Brett Buerhaus | https://t.co/usMDC8wsVM - websec research, bug bounties, CTF (@hackingforsoju) and puzzles (@fomo_team).
|[@bendtheory](https://twitter.com/bendtheory) | bend theory | 1 1 2 3 5 8 13 21 34 55 69 420 666 911
|[@bitquark](https://twitter.com/bitquark) | bitquark ✪ | Tesla red team by day, |redacted| by night. Black Hat EU review board. Former Bugcrowd #1. Tweets may contain traces of cat. He/him. // nb ỉrt ḫt
|[@Black2Fan](https://twitter.com/Black2Fan) | Sergey Bobrov |
|[@BonJarber](https://twitter.com/BonJarber) | Jon Barber 🤖 | AppSec engineer @Cruise | Ex @facebook, @NCCsecurityUS | Building and breaking things
|[@brxxnh1](https://twitter.com/brxxnh1) | brxxn (security) | views and opinions are those of a wild ostrich on the loose
|[@bsysop](https://twitter.com/bsysop) | bsysop | If you can dream with it, you can do it🤘🏻!
|[@BugBountyHQ](https://twitter.com/BugBountyHQ) | BugBountyHQ |
|[@bug_dutch](https://twitter.com/bug_dutch) | Floerer | Bug Bounty Hunter - CS Student - 🇳🇱 - https://t.co/a2pvqTuEF9
|[@chevonphillip](https://twitter.com/chevonphillip) | Chevon Phillip | Bugcrowd Ambassador | Synack Red Team Member | Security Researcher | Penetration Tester
|[@codecancare](https://twitter.com/codecancare) | todayisnew | May you be well on your side of the screen.
|[@codingo_](https://twitter.com/codingo_) | Michael Skelton | Global Head of Security Ops and Researcher Enablement @bugcrowd, Ex-pentester. Maintainer of NoSQLMap, VHostScan, Reconnoitre, Interlace, Crithit
|[@Corb3nik](https://twitter.com/Corb3nik) | Ian Bouchard | Security Enthusiast, CTF Fanatic, Bug Bounty Hunter, @opentoallctf/perfect.blue Web guy, NorthernCoalition Co-Founder
|[@d0nutptr](https://twitter.com/d0nutptr) | d0nut | Lead Security Engineer @graplsec, part-time bug hunter (https://t.co/INDLSLS2Qu). (he/they). Formerly @Dropbox, @Cruise.My tweets are my own.
|[@damian_89_](https://twitter.com/damian_89_) | Damian Strobel | #webdev #php #machinelearning #python #laravel #python #websec #bugbounty #pentest
|[@dee__see](https://twitter.com/dee__see) | Dominic | Outdoor enthusiast, friend of all dogs, hacker, AppSec engineer @gitlab - fighting inertia
|[@defparam](https://twitter.com/defparam) | Evan Custodio | FPGA/Hardware Hacker. Web Security Researcher. I break web servers so that others can't.@awscloud - My opinions are my own
|[@dhauenstein](https://twitter.com/dhauenstein) | Daniel Hauenstein | I am the Klaus Kinski of IT security. I do bug bounties (H1/BC/SynAck/zerocopter). I know memes and drink beer. Co-Founder of Last Unicorn Con. Hacking magician
|[@eboda_](https://twitter.com/eboda_) | eboda | full-spectrum cyber warrior
|[@EdOverflow](https://twitter.com/EdOverflow) | Ed | Web developer & security researcher.
|[@erbbysam](https://twitter.com/erbbysam) | erbbysamᐸscriptᐳaler | software, cryptography, etc. DEFCON black badge with https://t.co/UBvdIM5TW6
|[@eur0pa_](https://twitter.com/eur0pa_) | europa | 𝙸 𝚑𝚊𝚌𝚔 𝚜𝚝𝚞𝚏𝚏 𝚏𝚘𝚛 𝚙𝚛𝚘𝚏𝚒𝚝, 𝚊𝚗𝚍 𝚕𝚒𝚏𝚝 𝚑𝚎𝚊𝚟𝚢 𝚝𝚑𝚒𝚗𝚐𝚜 𝚏𝚘𝚛 𝚏𝚞𝚗. 𝙿𝚘𝚠𝚎𝚛𝚎𝚍 𝚋𝚢 𝙱𝙱𝙰𝙲.
|[@farah_hawa01](https://twitter.com/farah_hawa01) | Farah | noobiest of the noobs | content creator
|[@filedescriptor](https://twitter.com/filedescriptor) | FD | @0xReconless
|[@foobar0x7](https://twitter.com/foobar0x7) | foobar7 | IT Security Consultant & Bug Hunter
|[@fransrosen](https://twitter.com/fransrosen) | Frans Rosén | Dev/Security/Founder at @centrahq/@detectify/@poweredbyingrid. I do not advertise doing hacking services, do not trust the ones telling you I do.
|[@garethheyes](https://twitter.com/garethheyes) | Gareth Heyes | javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
|[@gehaxelt](https://twitter.com/gehaxelt) | Sebastian Neef | Freelancer. Student. Traveller. Hacker. WhiteHat. Bughunter. CTFs @ENOFLAGBlogs @0daywork, @blogbasis and co-Founder of @internetwache
|[@gerben_javado](https://twitter.com/gerben_javado) | Gerben Javado | Security Engineer @Facebook. Into bug bounties. Personal opinions.
|[@gregxsunday](https://twitter.com/gregxsunday) | Grzegorz Niedziela | pentester / bughunter
|[@Gromak123_Sec](https://twitter.com/Gromak123_Sec) | Gromak123_Security | French Security Researcher and Pentester at @Unumkey. C|EH Certified. Bounty Hunter at @YesWeHack and @Hacker0x01.3 times #LeHack Bugbounty's Winner.
|[@gwendallecoguic](https://twitter.com/gwendallecoguic) | Gwendal Le Coguic | Bug hunter, tool maker.
|[@h1_sp1d3r](https://twitter.com/h1_sp1d3r) | Evgeniy Yakovchuk | Toss a coin to your hacker, A friend of humanity.
|[@hacker_](https://twitter.com/hacker_) | Corben Leo | Christian, Computer Science @DakotaState, Hacker
|[@hahwul](https://twitter.com/hahwul) | HAHWUL | Security engineer, Bugbounty hunter, Developer and H4cker. Say ha-hul but you can just call me howlhttps://t.co/FhMxZy51Qr , https://t.co/gYBnn30EHm , https://t.co/DAjEwvaq0u
|[@hakluke](https://twitter.com/hakluke) | HΔKLUKΞ | Luke StephensDad, husband, hacker. https://t.co/Zurv4bdcyFhttps://t.co/d1aqj2Q46E
|[@hateshaped](https://twitter.com/hateshaped) | hateshape |
|[@HazanaSec](https://twitter.com/HazanaSec) | ʜᴀᴢᴀɴᴀ | ␀https://t.co/OqwyPoZFFf
|[@hgreal1](https://twitter.com/hgreal1) | hg_real | Just another random QA guy
|[@honoki](https://twitter.com/honoki) | Pieter Hiele | Cyber entomologist 🐛 amateur musician 🎹 occasional blogger 💻 https://t.co/0to21Mri4bhttps://t.co/fd9pUEXxbn
|[@HusseiN98D](https://twitter.com/HusseiN98D) | Hussein Daher | Bug bounty hunter - If you're reading this I love you. - hussein98d@gmail.com - https://t.co/JTJxMBZ7Qshttps://t.co/8iuIYnLHg4
|[@Hxzeroone](https://twitter.com/Hxzeroone) | Hx01 | Not evil just misunderstood.
|[@IAmMandatory](https://twitter.com/IAmMandatory) | mandatory/Matthew Bryant | Sec@Snapchat. Ex-Google, Uber, Bishop Fox. XSS Hunter author, DNS/TLD/web security researcher. parallel26(at)opsecmail(dot)com
|[@imranparray101](https://twitter.com/imranparray101) | Imran Parray | Independent cyber security researcher || Hacker || programmer || Linux Freak || Full time Bug hunter.
|[@infosec_au](https://twitter.com/infosec_au) | shubs | continuous security, @assetnote
|[@inhibitor181](https://twitter.com/inhibitor181) | Cosmin | Bug bounty hunter
|[@InsiderPhD](https://twitter.com/InsiderPhD) | Katie Paxton-Fear | PhD Student, Occasional #BugBounty hunter & Educational #CyberSecurity YouTuber. I study at @CranfieldDefSec: Insider Threats using #nlproc. she/her.
|[@irsdl](https://twitter.com/irsdl) | Soroush | appsec \ web / https://t.co/3mMc7BsRyw @MDSecLabs | a delimiter character fan | RT/LK can be accidental or !
|[@itscachemoney](https://twitter.com/itscachemoney) | Tanner | Somewhere between a builder and a breaker | @hacknotcrime
|[@ITSecurityguard](https://twitter.com/ITSecurityguard) | Patrik Fehrenbach🤖 | rɪsˈpɒnsəbl dɪsˈkləʊʒə HackerOne
|[@jackds1986](https://twitter.com/jackds1986) | Daniel Bakker | Lead Security Analyst & Ethical Hacker
|[@jackhcable](https://twitter.com/jackhcable) | Jack Cable | Coder turned white hat hacker with public interest mindset. @Stanford ‘22. Rebel @defensedigital. @StanfordIO / @CISAGov. All tweets are in my personal capacity
|[@Jhaddix](https://twitter.com/Jhaddix) | Jason Haddix | Father, hacker, educator, gamer, & nerd. Streaming sometimes at: https://t.co/WBZcSgGOIG & posted to https://t.co/I2yhmJjGAb
|[@jinonehk](https://twitter.com/jinonehk) | Jinone | Security researcher
|[@jobertabma](https://twitter.com/jobertabma) | Jobert Abma | I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
|[@JohnH4X00R](https://twitter.com/JohnH4X00R) | John H4X0R | Entrepreneur, Programmer & a Bug Hunter https://t.co/vIahtTjPHh Adobe https://t.co/GNSAsABaOl Oracle https://t.co/dObZSH4Gwb Got my👍in each 1 of those pies.
|[@JonathanBouman](https://twitter.com/JonathanBouman) | Jonathan Bouman | Medical Doctor (GP), Web Developer, Security Researcher
|[@jon_bottarini](https://twitter.com/jon_bottarini) | Jon Bottarini | Security person. I post about bug bounties, infosec, and everything in between. “insert long job title here” @Hacker0x01, but tweets are my own.
|[@joohoi](https://twitter.com/joohoi) | Joo, N/A | Hacks for beer. FOSS, infosec and privacy. Chaotic good.
|[@JR0ch17](https://twitter.com/JR0ch17) | JR0ch17 | Bug bounty hunter, penetration tester and security researcher
|[@jstnkndy](https://twitter.com/jstnkndy) | Justin Kennedy | Infosec professional & beverage snob. Research Consulting Director @ Atredis Partners.
|[@kapytein](https://twitter.com/kapytein) | Nadir | Student. Participates on bug bounty programs, kapytein on almost all platforms (h1/intigriti). AppSec @officientapp.
|[@KasperFritzo](https://twitter.com/KasperFritzo) | Kasper Borg | Danish Security Researcher.
|[@kazan71p](https://twitter.com/kazan71p) | kazan71p | https://t.co/oTV7m505NG https://t.co/HOkYMVa48M
|[@Masonhck3571](https://twitter.com/Masonhck3571) | Masonhck357 | Dominican | Cannabis Connoisseur | Hacker for Hackerone and BugCrowd | CompTIA Net+ Certified | CompTIA Sec+ certified | US Navy Vet | Vegan
|[@MasteringBurp](https://twitter.com/MasteringBurp) | Mastering Burp Suite Pro | Tweets and retweets about Burp Suite Pro | Managed by @Agarri_FR | Not affiliated with @Portswigger
|[@mcipekci](https://twitter.com/mcipekci) | Mustafa Can İPEKÇİ | I'm an engineer from Turkey, who is interested with biotechology, computer science and digital gaming.A.K.A nukedx
|[@Michael1026H1](https://twitter.com/Michael1026H1) | Michael Blake | H1: michael1026.Software engineer interested in software security.Oregon
|[@michenriksen](https://twitter.com/michenriksen) | Michael Henriksen | Freelance security engineer and consultant. Need help with web application security?
|[@Mik317_](https://twitter.com/Mik317_) | Michele Romano | The walls of Sparta are the chests of its warriors - Agesilao
|[@mongobug](https://twitter.com/mongobug) | mongo | I like bug bounty programs and breaking things that other people have built. I love kudos.
|[@MrMustacheMan3](https://twitter.com/MrMustacheMan3) | MrMustacheMan | https://t.co/N9HO1Nhef0
|[@MrTuxracer](https://twitter.com/MrTuxracer) | Julien Ahrens | Vulnerability Intel | ROP Gadget Hunter | Privacy Enthusiast | Full-time #BugBounty hunter | @Hacker0x01 MVH | @SynackRedTeam
|[@nader_brandi](https://twitter.com/nader_brandi) | nader | Security Researcher / Bug Bounty Hunter / web developerhttps://t.co/1mefovxcwn
|[@NahamSec](https://twitter.com/NahamSec) | NahamSec | 🇮🇷 Co-founder @bugbountyforum | Hacker Education @Hacker0x01 | 🎥https://t.co/RXnEEloDtu | 👨🏽💻https://t.co/6BfCVo837Z #Hacker101 #TogetherWeHitHarder #BugBounty
|[@nahoragg](https://twitter.com/nahoragg) | Rohan Aggarwal | I spend more time on things, to understand them until they don’t understand me and start giving me what they aren’t programmed to.
|[@nbk_2000](https://twitter.com/nbk_2000) | ₦฿₭ | Script-Kitty Thought-Feeder#SemperFur #bugbounties #hacking
|[@ngalongc](https://twitter.com/ngalongc) | Ron Chan | Security Engineer at GitLab. This is a personal stream, opinions expressed are mine.
|[@ngkogkos](https://twitter.com/ngkogkos) | Nick || hunt4p1zza | I find bugs for 🍕.
|[@ngocdh](https://twitter.com/ngocdh) | Huy Ngoc | Pentester
|[@nijagaw](https://twitter.com/nijagaw) | Nico | Founder of @codegrazer, #Penetrationtester, #bughunter on https://t.co/ufQNKpG2JS, infosec enthusiast
|[@nnwakelam](https://twitter.com/nnwakelam) | n a f f y | security expert | Holistic nutritionist, reiki practitioner and drumming circle facilitator.
|[@not_an_aardvark](https://twitter.com/not_an_aardvark) | Teddy Katz | Programming language design/security/software correctness enthusiast. Working on privacy @Google (this is a personal account). he/him. ✊🏻✊🏽✊🏿
|[@nullenc0de](https://twitter.com/nullenc0de) | Paul Seekamp | I spend a significant amount of time reading security stuff.
|[@orange_8361](https://twitter.com/orange_8361) | Orange Tsai 🍊 | This is 🍊
|[@p4fg](https://twitter.com/p4fg) | Peter | Are developers better hackers? I think so...
|[@PascalSec](https://twitter.com/PascalSec) | ΡΛSCΛLSΞC | 👨💻 Senior Security Engineer / Pentester @Dynatrace📺 Youtuber posting hacking videos at @Hacksplained
|[@PentesterLand](https://twitter.com/PentesterLand) | Pentester Land | Resources for penetration testers and bug bounty hunters
|[@plmaltais](https://twitter.com/plmaltais) | ramsexy | French-Canadian hacker 🇨🇦. Full-time bug bounty hunter. Craft beer connoisseur 🍻. Surfing the web and hacking the waves. 🌊🏄
|[@pnig0s](https://twitter.com/pnig0s) | Terry Zhang | Security @ Ant Group (Attack & Defence)
|[@pudsec](https://twitter.com/pudsec) | Shaun |
|[@pxmme1337](https://twitter.com/pxmme1337) | Pomme | Triager @Hacker0x01 | Views and opinions are my own and do not reflect my employer's | Memes are life
|[@r0bre](https://twitter.com/r0bre) | r0bre | itsec @tudarmstadt , web- and systemsecurity, bugbounty, iOS security research, open source. /stack sommelier/code connaisseur/kernel asmr artist/ 👾📲
|[@r0hack](https://twitter.com/r0hack) | Ramazan | Researcher in @deteacthacked by r0hackhttps://t.co/xUo4swrcWM
|[@r0x33d](https://twitter.com/r0x33d) | Matt | Security Researcher | Bug Bounty Hunter https://t.co/yUegpDg1DH | Developer
|[@Regala_](https://twitter.com/Regala_) | Fisher | Half hacker, half daydreamer. DISTURBANCE. Mercenary for hire. Casabranca. Host @bounty_podcast
|[@restr1ct3d](https://twitter.com/restr1ct3d) | Niv Levy | Penetration Testing Engineer / Offensive Security Certified Professional / Bug Bounty Hunter
|[@rez0__](https://twitter.com/rez0__) | rez0 | Joseph Thacker // Sr. Security Engineer // Hacker, bug bounty hunter, & hobby jogger. Slay all the dragons that stand in your way. Talk to me about Jesus.
|[@Rhynorater](https://twitter.com/Rhynorater) | Justin Gardner | Christian | OSCP I Bug Bounty Hunter | Lover of Python | https://t.co/NsnHpys7Ej | 🗣️ English, 日本語, Italiano | Married to 💖@mariahchan_💖
|[@rhyselsmore](https://twitter.com/rhyselsmore) | 🥯 | xfitter, bjj newb, oz shep dad. internet mall cop at @heroku, bugs at https://t.co/MFzfzsrYBp. opinions my own, not employers
|[@RockyBandana](https://twitter.com/RockyBandana) | Rocky Bandana | Hacking for Good | whoami: @NathanCavitt
|[@rohk_infosec](https://twitter.com/rohk_infosec) | Kevin | senior application security engineer at @Okta - all tweets are my own
|[@rootxharsh](https://twitter.com/rootxharsh) | Harsh Jaiswal | Views are my own | AppSec @vimeo.
|[@rub003](https://twitter.com/rub003) | 003random | [ 'student', 'system and network engineering', 'bug bounty', 'developer', 'bbac' ]
|[@_ruby](https://twitter.com/_ruby) | ruby nealon | 😷
|[@rwincey](https://twitter.com/rwincey) | b0yd | software construction & deconstruction
|[@Sambal0x](https://twitter.com/Sambal0x) | Richard Tan | Father, security researcher, pentester, proficient diaperchanger.
|[@samengmg](https://twitter.com/samengmg) | samuel eng |
|[@Samm0uda](https://twitter.com/Samm0uda) | Youssef Sammouda | Cyber Security Expert. YES™ team member.
|[@samwcyo](https://twitter.com/samwcyo) | Sam Curry | Full time bug bounty hunter. Run a blog to better explain web application security. Somewhere between high school and pretending to be an adult.
|[@santi_lopezz99](https://twitter.com/santi_lopezz99) | Santiago Lopez | 1# Millon Dollar hacker on @Hacker0x01 #bugbounty. Instagram: https://t.co/fLSrAlKf4Q
|[@satishb3](https://twitter.com/satishb3) | Satish Bommisetty |
|[@_SaxX_](https://twitter.com/_SaxX_) | S. A. X. X. | #BugBounty ¦¦ #Hacker ¦¦ @HexpressoCTF member ¦¦ @breizhctf Org ¦¦ #WebSec ¦¦ Sometimes breaks stuff ¦¦ Building #Cybersecurity in #Africa ¦¦ #OSINT & #Recon
|[@seanmeals](https://twitter.com/seanmeals) | Sean Melia | I bug bounty when I can. Thoughts are my own. etc.
|[@seanyeoh](https://twitter.com/seanyeoh) | notsy | I only tweet when I'm mad cuz bad.
|[@SebMorin1](https://twitter.com/SebMorin1) | Sébastien Morin | Bug bounty hunter, pentester and security researcher
|[@securibee](https://twitter.com/securibee) | Big Body Bee 🐝 | Creative problem solver that gets things done.Bee different, bee yourself.
|[@securinti](https://twitter.com/securinti) | Inti De Ceukelaire | Uncertified Ethical Hacker (UEH) and bug bounty bro. @intidc (dutch), community dude @intigriti. Tweets are mine and so is your computer.
|[@securitybites](https://twitter.com/securitybites) | Jesse Kinser | Hackerone/bugcrowd: randomdeduction
|[@SecurityMB](https://twitter.com/SecurityMB) | Michał Bentkowski | Penetration testing, bounty hunting
|[@shailesh4594](https://twitter.com/shailesh4594) | Shailesh Suthar | An independent security researcher :-)https://t.co/V7JrsztJK4
|[@shmilylty](https://twitter.com/shmilylty) | Jing Ling | Developer, pentester and bug hunter.
|[@shub66452](https://twitter.com/shub66452) | $!|3nt_4unt3r | Bug hunter#coder#blockchain enthusiast
|[@skeltavik](https://twitter.com/skeltavik) | Bram Ruttens | Penetration Tester @OrangeCyberBE 💉 | Crypto Investor & Enthusiast 💰 | Beer Lover 🍺 | Techno Raver 🎹 | BBAC is a lifestyle 🧬
|[@smiegles](https://twitter.com/smiegles) | Olivier Beg | Head of researchers at @zerocopter, Co-founder @bugbountyforum
|[@sml555_](https://twitter.com/sml555_) | Sajeeb Lohani (sml555) | Platform Security Engineer @Bugcrowd | Top 50 Bugcrowd | 120+ CVEs
|[@snyff](https://twitter.com/snyff) | Louis Nyffenegger | CVE connoisseur @PentesterLab. Security engineer. Bugs are my own, not of my employer. I just want to be a webservice...
|[@soaj1664ashar](https://twitter.com/soaj1664ashar) | Ashar Javed | Web AppSec Researcher | #❶ in Microsoft's Top 100 Security Researcher List -2018 | #❹ in Microsoft's Most Valuable Researcher List -2019 & 2020 | Thanks #🆇🆂🆂
|[@spaceraccoonsec](https://twitter.com/spaceraccoonsec) | spaceraccoon 🦝 | Here to learn! Hackerone: https://t.co/UK9KDsRVlL
|[@_staaldraad](https://twitter.com/_staaldraad) | Etienne Stalmans | Security researcher and breaker of things. &
|[@StanFaas](https://twitter.com/StanFaas) | StanFaas 🦉 | Father - Full-time developer - Wannabe hacker / Night-time bug hunter (GangsterSquad) https://t.co/Ew6Xw2eyST
|[@steve_mcilwain](https://twitter.com/steve_mcilwain) | Steve Mcilwain | Cybersecurity / Bug Bounty Hunter / Pen Tester / Tool Developer / Illustrator / Animator / Cat Dude
|[@stokfredrik](https://twitter.com/stokfredrik) | STÖK ✌️ | Hi.. im that hacker that your friends told you about. I used to travel the world, hack & vlog about it. Hackfluencer - Creative - Sustainable Fashion - he/him
|[@streaak](https://twitter.com/streaak) | streaak (on a break) | BBAC kidnapped me | I hack things and occasionally take photographs
|[@sushiwushi2](https://twitter.com/sushiwushi2) | iamsushi | I tweet strange things and find bugs #OSCP
|[@sw33tLie](https://twitter.com/sw33tLie) | sw33tLie | Bug bounty hunter and CS student, 20yo.Playing with software since I can remember.https://t.co/qABvqCl1Pxhttps://t.co/DFfjocm4aR
|[@Th3G3nt3lman](https://twitter.com/Th3G3nt3lman) | Th3g3nt3lman | a born terror, a rebel without a pause, i never had a good christmas so who is santa claus?
|[@thedawgyg](https://twitter.com/thedawgyg) | dawgyg | 1 of 8 Millionaire Hackers thanks to @hacker0x01 #h1415 2020 MVH, Bug Bounty Hunter, Reformed Blackhat, Synack Red Team Member, Nissan Skyline Collector
|[@theflofly](https://twitter.com/theflofly) | Florian Courtial | 0x00
|[@TomNomNom](https://twitter.com/TomNomNom) | TomNomNom | Open-source tool maker, security researcher, trainer, talker, fixer, eater, not really a sheep. He/him.
|[@twitt3raccnt](https://twitter.com/twitt3raccnt) | psaux | https://t.co/yQUH0WHaJo
|[@uraniumhacker](https://twitter.com/uraniumhacker) | Uranium238 | CS undergrad 3rd year, I hack companies. Team: Ophion. Personal Twitter: @mallocsys. forbes top 20 hackers ever (100% legit)
|[@vinodsparrow](https://twitter.com/vinodsparrow) | Vinoth Kumar | DevSecOps. Partime Bug Bounty Hunter. Views are obviously mine
|[@vortexau](https://twitter.com/vortexau) | vortex | I work @ Bugcrowd (personal account). Ex-Pentester, Ex-DevTweets about infosec, bounty hunting, homebrewing and cars.SecTalks Adelaide Co-organiser. OSCP/OSWP
|[@vp440](https://twitter.com/vp440) | Felix Veillette-Potvin | Pentester @gosecure_inc, Bug bounty hunter, general security enthusiast. Opinions and views expressed are my own.
|[@Wh11teW0lf](https://twitter.com/Wh11teW0lf) | Wh11teW0lf | @Synack MEMBER | Security researcher | BugBounty Hunter | https://t.co/Jqu4kV7EjZ | https://t.co/CbOfcB8r0c
|[@x1m_martijn](https://twitter.com/x1m_martijn) | x1m | hacker from Groningen
|[@xEHLE_](https://twitter.com/xEHLE_) | xEHLE | true(1)
|[@Yassineaboukir](https://twitter.com/Yassineaboukir) | Yassine Aboukir 🐐 | Popping shells for flight tickets at your nearest airport departure terminal. AppSec consulting, and bug bounties (11th ranked) on @Hacker0x01 🇲🇦🇫🇷
|[@yaworsk](https://twitter.com/yaworsk) | yaworsk | Author of https://t.co/4sI75efGSk, Hacker Interviewer https://t.co/Utz8Qr1kUR, @shopify AppSec. Tweets are my own. Unless you wrote them.
|[@yip404](https://twitter.com/yip404) | Mohamed Ebrahem |
|[@zeroxyele](https://twitter.com/zeroxyele) | xyele | 🇹🇷https://t.co/PEtNHYrIVKhttps://t.co/p67rsc3GE9
|[@zseano](https://twitter.com/zseano) | @zseano | webapp hacker and also that annoying lucio 🐸 Recognised by @Amazon in 2018 for my security research work. ~busy working on @bugbountynotes v2!~
## Misc
- [ChaosComputerClub Germany Media Resources](https://media.ccc.de/) - bunch of conference talks and other media
- [Phrack](http://www.phrack.org/)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/mobile.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Mobile Hacking 📱
Since there are quite a lot of people asking for Beginner Guides to Mobile Hacking specificaly we gave it a section on itself.
## Getting Started
- [The Mobile Application Hacker’s Handbook](http://amzn.to/2cVOIrE)
- [iOS Application Security](http://amzn.to/2d9yo7m)
- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - by spaceraccoon
- [The Mobile Hacking CheatSheet](https://github.com/randorisec/MobileHackingCheatSheet) - Randorisec
- [Introduction to Android Hacking ](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [@0xteknogeek](https://twitter.com/0xteknogeek)
- [Android Pentesting](https://github.com/riddhi-shree/nullCommunity/tree/master/Android) (Github repo containing hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools)
- [Android App Reverse Engineering 101](https://maddiestone.github.io/AndroidAppRE/) by [@maddiestone](https://twitter.com/maddiestone)
## Tools
Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking).
## Misc
- [Q&A With Android Hacker bagipro](https://www.hackerone.com/blog/AndroidHackingMonth-qa-with-bagipro)
- [Android-Reports-and-Resources](https://github.com/B3nac/Android-Reports-and-Resources) - [Kyle Benac](https://github.com/B3nac)
---
back to [Intro Page](/README.md)
================================================
FILE: assets/setup.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Setup 💻
This section will help you set up your testing environement.
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk) - by NahamSec
- [Setting up your own web server on a VPS](https://www.linux.com/learn/easy-lamp-server-installation)
- [Setting up virtualbox + linux](https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox)
- [Docker For Pentesting And Bug Bounty Hunting](https://www.youtube.com/watch?v=5G6tA8Q9AuQ)
- [Basics of UNIX](https://lifehacker.com/5633909/who-needs-a-mouse-learn-to-use-the-command-line-for-almost-anything)
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
- [Creating Wordlists for Pentesting & Bug Bounty](https://www.youtube.com/watch?v=QGbTaxtEQlg) - by nahamsec
- [Setup bugbounty hunting env on termux](https://www.hahwul.com/2020/05/setup-bugbounty-hunting-env-on-termux-d.html?m=1) - by @hahwul
- [Technical Project Ideas Towards Learning Cyber Security](https://mchow01.github.io/education/security/projects/2020/06/19/technical_projects_security.html) - by [Ming Y. Chow](https://mchow01.github.io/)
## Burp Suite
This section should help you get familiar with BurpSuite.
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101
- [Burp Suite Introduction](https://github.com/bugcrowd/bugcrowd_university/blob/master/An_introduction_to_Burp_Suite/Bugcrowd%20University%20-%20Burp%20Suite%20Introduction.pdf) by Jason Haddix
- [Beginners Guide to Burpsuite Payloads (Part 1)](https://www.hackingarticles.in/beginners-guide-burpsuite-payloads-part-1/) by Raj Chandel
- [Burp Hacks for Bounty Hunters](https://www.youtube.com/watch?v=boHIjDHGmIo) by James Kettle
## Tools
- [Getting Starting With Tmux Isn't That Scary](https://www.youtube.com/watch?v=Z5sEEbwngd0)
-
---
back to [Intro Page](/README.md)
================================================
FILE: assets/talks.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Talks 🤓
### Table of Contents
1. [General Bug Bounty Talks](#General-Bug-Bounty-Talks)
2. [Recon and Automation](#Recon-and-Automation)
3. [Research and Exploitation](#Research-and-Exploitation)
4. [Vulnerabilities Explained](#Vulnerabilities-Explained)
5. [Mobile Hacking](#Mobile-Hacking)
6. [Miscellaneous](#Miscellaneous)
### General Bug Bounty Talks
- [How To Get Started In Bug Bounties](https://www.youtube.com/watch?v=kn0jClWSdD8) by [DC CyberSec](https://www.youtube.com/channel/UC3sccPO4v8YqCTn8sezZGTw)
- [Is it too late to start doing BUG BOUNTY in 2020?](https://www.youtube.com/watch?v=PTTkA_gHgxE) [STOK](https://youtube.com/stokfredrik)
- [MY BUG BOUNTY JOURNEY!](https://www.youtube.com/watch?v=ug7FzoByLFc) by Farah Hawa
- [DEF CON 23 - Jason Haddix - How to Shot Web: Web and mobile hacking in 2015](https://www.youtube.com/watch?v=-FAjxUOKbdI)
- [Google Hacking (Dorking)](https://www.youtube.com/watch?v=hrVa_dhD-iA)
### Recon and Automation
- [The Truth About Recon](https://www.youtube.com/watch?v=amihlWTtkMA)
- [The Bug Hunter's Methodology v4.0 - Recon Edition by @jhaddix #NahamCon2020!](https://www.youtube.com/watch?v=p4JgIu1mceI)
-[It’s the Little Things - BSides Portland 2018 by @NahamSec](https://www.youtube.com/watch?v=YT5Zl2jW3wg)
- [Who, What, Where, When, Wordlist by @TomNomNom #NahamCon2020](https://www.youtube.com/watch?v=W4_QCSIujQ4)
- [GitHub Recon and Sensitive Data Exposure](https://www.youtube.com/watch?v=l0YsEk_59fQ)
- [Creating Wordlists for Hacking, Pentesting & Bug Bounty Hunting Using Seclists, Bigquery, and More!](https://www.youtube.com/watch?v=QGbTaxtEQlg)
- [Hacking IIS (Recon) by infosec_au](https://www.youtube.com/watch?v=HrJW6Y9kHC4)
- [Knock knock, Who's There? Identifying Assets in the Cloud](https://www.youtube.com/watch?v=W5htGHdIc-M&)
### Research and Exploitation
- [XSS on Google Search - Sanitizing HTML in The Client?](https://www.youtube.com/watch?v=lG7U3fuNw3A) - LiveOverflow
- [The Fix](https://github.com/google/closure-library/commit/c79ab48e8e962fee57e68739c00e16b9934c0ffa)
- [DEF CON 27 Conference - By NahamSec - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)
- [Orange Tsai - Infiltrating Corporate Intranet Like NSA Preauth RCE - DEF CON 27 Conference](https://www.youtube.com/watch?v=1IoythC_pIY)
- [Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!](https://www.youtube.com/watch?v=CIhHpkybYsY)
- [You've Got Pwned: Exploiting E-Mail Systems by @securinti #NahamCon2020!](https://www.youtube.com/watch?v=cThFNXrBYQU)
- [Practical Attacks Using HTTP Request Smuggling by @defparam #NahamCon2020](https://www.youtube.com/watch?v=3tpnuzFLU8g)
### Vulnerabilities Explained
- [Subdomain Takeovers, beyond the basics for Pentesters and Bug Bounty Hunters](https://www.youtube.com/watch?v=q_A8aXLO1gA)
- [albinowax - HTTP Desync Attacks: Smashing into the Cell Next Door - DEF CON 27 Conference](https://www.youtube.com/watch?v=w-eJM2Pc0KI)
- [Server-Side Template Injection: RCE For The Modern Web App](https://www.youtube.com/watch?v=3cT0uE7Y87s)
- [A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!](https://www.youtube.com/watch?v=voTHFdL9S2k)
- [Finding DOMXSS with DevTools | Untrusted Types Chrome Extension](https://www.youtube.com/watch?v=CNNCCgDkt5k)
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - STÖK & Fisher
- [AppSec EU 2017 Exploiting CORS Misconfigurations For Bitcoins And Bounties by James Kettle](https://www.youtube.com/watch?v=wgkj4ZgxI4c)
### Mobile Hacking
- [Getting Started with Android App Testing with Genymotion](https://www.youtube.com/watch?v=_HRpLPrlg1U)
- [Exploiting Android deep links and exported components - Ekoparty Mobile Hacking Space Talk](https://www.youtube.com/watch?v=lg1sN8njSYs)
- [Android Hacking #VirSecCon2020](https://www.youtube.com/watch?v=mr64si_-YwI)
- [Advanced Android Bug Bounty skills - Ben Actis](https://www.youtube.com/watch?v=OLgmPxTHLuY)
- [Android Application Exploitation - Red Team Village](https://www.youtube.com/watch?v=uWT15hEM1dQ)
- [Android App Reverse Engineering LIVE!](https://www.youtube.com/watch?v=BijZmutY0CQ)
- [Android App Penetration Testing 101](https://www.youtube.com/watch?v=2uwhrfXCl4I)
- [Fun with Frida on Mobile](https://www.youtube.com/watch?v=dqA38-1UMxI)
### Miscellaneous
- [Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps](https://www.youtube.com/watch?v=U6qTcpCfuFc)
- [Hacker101 - JavaScript for Hackers (Created by @STÖK)](https://www.youtube.com/watch?v=FTeE3OrTNoA)
================================================
FILE: assets/tools.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Tools 🧰
Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
## Table of Contents
1. [Proxy & Network Sniffer](#Proxy-&-Network-Sniffer)
2. [Burp Extensions](#Burp-Extensions)
3. [Recon, OSINT & Discovery](#Recon,-OSINT-&-Discovery)
4. [Exploitation](#Exploitation)
5. [Scanners](#Scanners)
6. [Mobile Hacking](#Mobile-Hacking)
7. [Notes & Organization](#Notes-&-Organization)
8. [Others](#Others)
### Proxy & Network Sniffer
| Name | Description | Written in | Created by |
|------ |------------- |------------ |------------- |
|[Burp Suite](https://portswigger.net/burp)|A Proxy to intercept and manipulate Web Traffic (free & paid version). [Here](/assets/setup.md#setup) you can find Tips & Tricks to get started with Burp.|Java|Port Swigger|
|[OWASP Zap Proxy](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project)|A Proxy to intercept and manipulate Web Traffic (free).|Java|OWASP
|[Caido](https://caido.io/)|A lightweight web security auditing toolkit.|Web|Caido|
|[Wireshark](https://www.wireshark.org)|Wireshark is a network protocol analyzer that lets you capture and read network packets.|C, C++|The Wireshark team|
### Burp Extension
| Name | Description | Written in |
|------ |------------- |------------ |
|[Logger++](https://portswigger.net/bappstore/470b7057b86f41c396a97903377f3d81)|"This extension can be used to log the requests and responses made by all Burp tools, and display them in a sortable table. It can also save the logged data in CSV format."|Java|
|[AuthMatrix](https://portswigger.net/bappstore/30d8ee9f40c041b0bfec67441aad158e)|"AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are displayed through the UI in a similar format to that of an access control matrix commonly built in various threat modeling methodologies."|Python (Needs Jython version 2.7.0 or later)|
|[Autorize](https://portswigger.net/bappstore/f9bbac8c4acf4aefa4d7dc92a991af2f)|"Autorize is an extension aimed at helping the penetration tester to detect authorization vulnerabilities..."|Python (Needs Jython)|
|[Autorize](https://portswigger.net/bappstore/f9bbac8c4acf4aefa4d7dc92a991af2f)|"Autorize is an extension aimed at helping the penetration tester to detect authorization vulnerabilities..."|Python (Needs Jython)|
|[Burp Bounty](https://portswigger.net/bappstore/618f0b2489564607825e93eeed8b9e0a)|"Burp Bounty helps Burp Suite Professional users to quickly and easily build their own scan checks for use with Burp Scanner"||
|[Param Miner](https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943)|"Built to identify hidden, unlinked parameters, Param Miner is very useful when hunting for web cache poisoning vulnerabilities"||
### Asset Discovery
| Name | Description
|------ |-------------
|[Amass](https://github.com/OWASP/Amass)|Uses a variety of different techniques to gather subdomains and can build a network map of the target. Very good export options.|
|[BuiltWith](https://builtwith.com)|A very handy Browser Extension (for Chrome, Firefox) that checks for more than 18,000 types of internet technologies. Gives you a very quick glance on what a Web Application is built.|
|[subfinder](https://github.com/projectdiscovery/subfinder)|subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well.|
|[dnsgen]()|generates a combination of domain names from the provided input.|
### Fuzzing
| Name | Description |
|------ |------------- |
|[FFuF](https://github.com/ffuf/ffuf)|A very fast Fuzzing Tool to brute force directories or other parameters. Highly configurable.|
|[dirsearch](https://github.com/maurosoria/dirsearch)|dirsearch is a simple command-line tool designed to brute force directories and files in websites|
|[FeroxBuster](https://github.com/epi052/feroxbuster)|A simple, fast, recursive content discovery tool written in Rust|
### Content Discovery
| Name | Description |
|------ |------------- |
|[meg](https://github.com/tomnomnom/meg)|meg is a tool for fetching lots of URLs but still being 'nice' to servers. It can be used to fetch many paths for many hosts; fetching one path for all hosts before moving on to the next path and repeating.|
|[httpx](https://github.com/projectdiscovery/httpx)|A fast and multi-purpose HTTP toolkit that allows running multiple probes.|
|[hakrawler](https://github.com/hakluke/hakrawler)|hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover Forms, Endpoints, Subdomains, Related documents and JS Files|
|[nuclei](https://github.com/projectdiscovery/nuclei)|"Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use."|
|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain|
### Recon Framework
| Name | Description |
|------ |------------- |
|[meg](https://github.com/six2dez/reconftw)| Automates the entire process of reconnaissance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target.|
|[sn1per](https://github.com/1N3/Sn1per)|Discover hidden assets and vulnerabilities in your environment.|
|[Spiderfoot](https://github.com/smicallef/spiderfoot)| An open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.|
|[reNgine](https://github.com/yogeshojha/rengine)| reNgine is a web application reconnaissance suite with a focus on a highly configurable streamlined recon process.|
|[AutoRecon](https://github.com/Tib3rius/AutoRecon)| AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP).|
|[Osmedeus](https://github.com/j3ssie/osmedeus)| A Workflow Engine for Offensive Security. It was designed to build a foundation with the capability and flexibility that allows you to build your own reconnaissance system and run it on a large number of targets.|
#### OSINT Search Engines
| Name | Description | Created by |
|------ |------------- |------------- |
|[hunter.io](https://www.hunter.io)|Email Enumeration for big corps|[Hunter Team](https://hunter.io/about)|
|[intelx.io](https://intelx.io/)|Swiss army Knife of OSINT|[Intelligence X](https://twitter.com/_IntelligenceX)|
|[Shodan](https://www.shodan.io/)|Search engine that lets you find systems connected to the internet with a variety of filters|John Matherly|
|[Censys](https://censys.io)|"Censys is a public search engine that enables researchers to quickly ask questions about the hosts and networks that compose the Internet."|[Censys](https://censys.io/company)|
|[crt.sh](https://crt.sh)|SSL certificate search tool|[Sectigo](https://sectigo.com/)|
|[Virus Total](https://www.virustotal.com)|WHOIS, DNS, and subdomain recon|[Virus Total Team](https://support.virustotal.com/hc/en-us/categories/360000160117-About-us)|
|[ZoomEye](https://www.zoomeye.org/)|Search engine for specific network components|[Team from Knownsec](https://www.knownsec.com/)|
|[NerdyData](https://nerdydata.com/)|Search Engine for Source Code|[NerdyData](https://www.crunchbase.com/organization/nerdydata)|
|[Crunchbase](https://www.crunchbase.com/)|For finding Information about Businesses and their acquisitions|[TechCrunch](https://techcrunch.com)|
|[Searchcode](https://searchcode.com/)|Helping you find real world examples of functions, API's and libraries over 90 languages across multiple sources|[searchcode](https://searchcode.com/about/#team)|
### Exploitation
| Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- |
|[sqlmap](http://sqlmap.org/)|sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.|Python|sqlmapproject |
### Scanners
| Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- |
|[Nmap](https://nmap.org)|A well known and powerful Tool for port scanning. Nmap provides the possibility to use scripts to further customize its functionality. |C, C++, Python, Lua|Gordon Lyon|
|[Masscan](https://github.com/robertdavidgraham/masscan)|This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a single machine.|C|Robert David Graham|
|[KeyHacks](https://github.com/streaak/keyhacks)|Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.|/|streaak|
|[Nmap command helper](https://competent-goldberg-e5eefe.netlify.app/)|A tool that helps you with nmap commands. Has a build in training feature to help memorizing them.||0x0n0x|
### Mobile Hacking
| Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- |
|Frida||||
|[jadx](https://github.com/skylot/jadx)|Dex to Java decompiler|Java|skylot|
|[Ghidra](https://ghidra-sre.org/)|"A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"|Java|NSA|
|[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan|
|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
|[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team|
|[objection](https://github.com/sensepost/objection)|"objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak."|Python & TypeScript|[sensepost](https://github.com/sensepost)|
|[RMS - Runtime Mobile Security](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security)|Runtime Mobile Security (RMS) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime|Python|[@mobilesecurity_](https://twitter.com/mobilesecurity_)|
### Notes & Organization
| Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- |
|[Reconness](https://github.com/reconness/reconness)|"ReconNess helps you to run and keep all your #recon in the same place allowing you to focus only on the potentially vulnerable targets without distraction and without required a lot of bash skill or programing skill in general."|C#|[Reconness](https://github.com/reconness)|
|[Updog](https://github.com/sc0tfree/updog)|"Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use HTTP basic auth."|Python|[sc0tfree](https://github.com/sc0tfree)|
|[Notion](https://notion.so)|"Write, plan, collaborate, and get organized — all in one tool."||Notion Labs|
|[Joplin](https://joplinapp.org/)|"Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. The notes are searchable, can be copied, tagged and modified either from the applications directly or from your own text editor. The notes are in Markdown format."|JavaScript|Laurent Cozic|
|[Xmind](https://www.xmind.net/)|XMind, a full-featured mind mapping and brainstorming tool, designed to generate ideas, inspire creativity, brings productivity in a remote WFH team.|/|XMind Ltd.|
|[Axiom](https://github.com/pry0cc/axiom)|Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting.|Bash|[@pry0cc](https://twitter.com/pry0cc)|
|[PenTest.ws](https://pentest.ws/features)|PenTest.WS is a penetration testing web application for organizing hosts, services, vulnerabilities and credentials during a penetration test. A reporting module is available for documenting and delivering a full penetration test.||PenTest.ws|
### Others
| Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- |
|[SecLists](https://github.com/danielmiessler/SecLists)|A huge collection of word lists for hacking.||Daniel Miessler|
|[AssetNote's Wordlists](https://wordlists.assetnote.io/)| Collection of wordlists created by AssetNote.|AssetNote.io|
|[Recon Pi](https://github.com/x1mdev/ReconPi)|A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.||[@x1m_martijn](https://twitter.com/x1m_martijn)|
|[CyberChef](https://gchq.github.io/CyberChef/)|Awesome Tool for de-/encoding stuff. Try it out!|JavaScript|[gchq](https://github.com/gchq)|
|[webhook.site](https://webhook.site)|Webhook.site allows you to easily test, inspect, forward and create Custom Actions for any incoming HTTP request or e-mail.||[fredsted](https://github.com/fredsted)|
|[requestcatcher](https://requestcatcher.com/)|Request Catcher will create a subdomain on which you can test an application. All requests sent to any path on the subdomain are forwarded to your browser in real time.|||
|[canarytokens](https://canarytokens.org/)|[Description](https://blog.thinkst.com/p/canarytokensorg-quick-free-detection.html)||[Thinkst Canary](canary.tools)|
---
back to [Intro Page](/README.md)
================================================
FILE: assets/vulns.md
================================================
# Resources-for-Beginner-Bug-Bounty-Hunters
## Vulnerabilities 💉
This page is created to help hackers understand a specific vulnerability type in details.
- If you would like to get some hands on experience by hacking more in detailed labs, please read the [labs](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/assets/labs.md) page
- If you would like to read blog posts and see example vulnerability, please read the [blog posts](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/assets/blogsposts.md) page
### Online Resources & Frameworks
- [Owasp Top 10](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
- [TryHackMe's OWASP Top 10 Room](https://tryhackme.com/room/owasptop10)
- [OWASP top 10 by Snyk](https://learn.snyk.io/learning-paths/owasp-top-10/javascript/)
- [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
- [Bug Bounty Cheat Sheets](https://github.com/EdOverflow/bugbounty-cheatsheet) - by EdOverflow
- [WebSecurity Academy by PortSwigger](https://portswigger.net/web-security/)
---
As we start to build this repository, we'll be adding more vulnerability types and resources for each one.
## Cross-Site Scripting (XSS)
XSS is a great place to start as it's one of the most popular and easiest vulnerabilities to find in a web application.
### Reading Material
- [WebSec Academy - Cross-Site Scripting](https://portswigger.net/web-security/cross-site-scripting)
- [OWASP XSS](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS))
- [XSS Filter Evasion Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html)
- [Cross-site scripting - Executing untrusted JavaScript in a trusted context](https://learn.snyk.io/lessons/xss/javascript/)
- [A comprehensive tutorial on cross-site scripting](https://excess-xss.com)
- [The 7 main XSS cases everyone should know](https://brutelogic.com.br/blog/the-7-main-xss-cases-everyone-should-know/) - [brutelogic](https://brutelogic.com.br/blog/about/)
### Video Content
- [Cross-Site Scripting (XSS) Explained](https://www.youtube.com/watch?v=EoaDgUgS6QA) - by PwnFunction
- [Finding Your First Bug: Cross Site Scripting (XSS)](https://www.youtube.com/watch?v=IWbmP0Z-yQg) - by InsiderPhD
### Labs
- [WebSec Academy - Labs](https://portswigger.net/web-security/all-labs#cross-site-scripting)
- [xssLABS](https://www.xsslabs.com/)
- [Codelatte](https://codelatte.id/labs/xss/)
- [Google XSS Game](https://xss-game.appspot.com/)
- [Pwnfunction XSS](https://xss.pwnfunction.com/)
## Cross-Site Request Forgery (CSRF)
### Reading Material
- [WebSec Academy - CSRF](https://portswigger.net/web-security/csrf)
- [CSRF-Basics](https://princetechhavenz.wordpress.com/2019/12/11/csrf-basics/) - by Princethilak
- [Cross Site Request Forgery (CSRF) by Snyk](https://snyk.io/learn/csrf-cross-site-request-forgery/)
### Videos
- [Cross-Site Request Forgery Attack](https://www.youtube.com/watch?v=eWEgUcHPle0) - by PwnFunction
- [Finding Your First Bug: Cross-Site Request Forgery](https://www.youtube.com/watch?v=ULvf6N8AL2A) - by Insider PhD
- [Cross Site Request Forgery - Computerphile](https://www.youtube.com/watch?v=vRBihr41JTo)
### Labs
- [WebSec Academy - CSRF Labs]https://portswigger.net/web-security/all-labs)
## Insecure Direct Object Reference (IDOR)
### Reading Material
- [WebSec Academy - Insecure direct object references (IDOR) By PortSwigger](https://portswigger.net/web-security/access-control/idor)
- [Insecure Direct Object Reference (IDOR) by Intigriti](https://blog.intigriti.com/hackademy/idor/)
- [IDOR tutorial hands-on – OWASP Top 10 training](https://thehackerish.com/idor-tutorial-hands-on-owasp-top-10-training/)
### Videos
- [Insecure Direct Object Reference Vulnerability](https://www.youtube.com/watch?v=rloqMGcPMkI) - by PwnFunction
- [Finding Your First Bug: Manual IDOR Hunting](https://www.youtube.com/watch?v=gINAtzdccts) - by Insider PhD
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - by STÖK & Fisher
### Labs
- (WebSec Academy - IDOR Lab)[https://portswigger.net/web-security/access-control/lab-insecure-direct-object-references]
- (IDOR on TryHackMe)[https://tryhackme.com/room/idor]
- (Corridor on TryHackMe)[https://tryhackme.com/room/corridor]
## Server-Side Request Forgery
### Reading Material
- [WebSec Academy - Server-Side Request Forgery](https://portswigger.net/web-security/ssrf)
- [SSRF by OWASP](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)
- [What is server-side request forgery (SSRF)?](https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/)
- [Server-side request forgery - Unintended access to internal resources via exploited serve](https://learn.snyk.io/lessons/ssrf-server-side-request-forgery/javascript/)
- [SSRF vulnerabilities and where to find them](https://labs.detectify.com/2022/09/23/ssrf-vulns-and-where-to-find-them/)
### Videos
- (Find and Exploit Server-Side Request Forgery (SSRF))[https://www.youtube.com/watch?v=eVI0Ny5cZ2c]
- (Server-Side Request Forgery (SSRF) | Complete Guide)[https://www.youtube.com/watch?v=ih5R_c16bKc&t=1s]
- [SSRF in 100 seconds](https://www.youtube.com/watch?v=3dKavgfL2pA)
- [How To Search For SSRF!](https://www.youtube.com/watch?v=Ku6CK3Aes8Y)
- [How to exploit a blind SSRF?](https://www.youtube.com/watch?v=o6AJH9PFEd4)
### Labs
- [WebSec Academy - Server-Side Request Forgery Labs](https://portswigger.net/web-security/all-labs#server-side-request-forgery-ssrf)
- [WebSec Academy - Blind SSRF vulnerabilities](https://portswigger.net/web-security/ssrf/blind)
- [Server-Side Request Forgery (SSRF) vulnerable Lab](https://github.com/incredibleindishell/SSRF_Vulnerable_Lab)
- [Server-Side Request Forgery on TryHackMe](https://tryhackme.com/room/seasurfer)
## XML External Entities (XXE)
### Reading Material
- [WebSec Academy - XML External Entity (XXE) injection](https://portswigger.net/web-security/xxe)
- [XML External Entity (XXE) Processing by OWASP](https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing)
- [How to Find XXE Bugs: Severe, Missed and Misunderstood by Luke Stephens](https://www.bugcrowd.com/blog/how-to-find-xxe-bugs/)
### Videos
- [XML External Entities ft. JohnHammond](https://www.youtube.com/watch?v=gjm6VHZa_8s) - by PwnFunction
- [How to search for XXE!](https://www.youtube.com/watch?v=0DQnWalxYb4)
- [How to run an XXE injection via an SVG Image Upload!](https://www.youtube.com/watch?v=lbLV0jISMjY)
### Labs
- [WebSec Academy - XML External Entity (XXE) Labs](https://portswigger.net/web-security/all-labs#xml-external-entity-xxe-injection)
- [XXE Lab (On GitHub)](https://github.com/jbarone/xxelab)
---
back to [Intro Page](/README.md)
gitextract_21dvlgig/
├── .github/
│ └── FUNDING.yml
├── CONTRIBUTORS.md
├── README.md
└── assets/
├── basics.md
├── blogposts.md
├── books.md
├── cheat.md
├── coding.md
├── health.md
├── labs.md
├── media.md
├── mobile.md
├── setup.md
├── talks.md
├── tools.md
└── vulns.md
Condensed preview — 16 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (96K chars).
[
{
"path": ".github/FUNDING.yml",
"chars": 133,
"preview": "# These are supported funding model platforms\n\ngithub: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [u"
},
{
"path": "CONTRIBUTORS.md",
"chars": 173,
"preview": "A Big Thank You to the Main-Contributors of the Repo:<br>\nSecuribee<br>\nNahamSec<br>\nAshF0x<br>\n\nand of course everyone "
},
{
"path": "README.md",
"chars": 1657,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n\n\n\n## Intro\n### Current Version: 2023.01\nWelcome to our web hacking and bug"
},
{
"path": "assets/basics.md",
"chars": 8859,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Basics 🤓\nBefore diving into bug bounty hunting, it is critical to have a"
},
{
"path": "assets/blogposts.md",
"chars": 15363,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\nThis page is designated to hosts blog posts on particular vulnerability and "
},
{
"path": "assets/books.md",
"chars": 2099,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Books 📚\nThis Section is dedicated to all books related to Hacking, Web H"
},
{
"path": "assets/cheat.md",
"chars": 592,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Cheat Sheets, Slides & More 🧪\n\n### Cheat Sheets \n- [CloudPentestCheatshe"
},
{
"path": "assets/coding.md",
"chars": 1808,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Coding & Scripting 🤖\n\n### Info\nMany Beginners often ask if Coding is a n"
},
{
"path": "assets/health.md",
"chars": 837,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Mindset & Mental Health 🧘♂️\n\nBug Bounties is a task that can be very ch"
},
{
"path": "assets/labs.md",
"chars": 2536,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Labs & Testing Environments 🧪\n- [NahamSec's Free Bug Bounty Learning Lab"
},
{
"path": "assets/media.md",
"chars": 29491,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Media Resources & Communities 🎬\nHere you find listings to useful media c"
},
{
"path": "assets/mobile.md",
"chars": 1521,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Mobile Hacking 📱\nSince there are quite a lot of people asking for Beginn"
},
{
"path": "assets/setup.md",
"chars": 2285,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Setup 💻\nThis section will help you set up your testing environement.\n- ["
},
{
"path": "assets/talks.md",
"chars": 4802,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\r\n\r\n## Talks 🤓\r\n\r\n### Table of Contents\r\n1. [General Bug Bounty Talks](#Gener"
},
{
"path": "assets/tools.md",
"chars": 14883,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Tools 🧰\n\nHere you can find links to a bunch of useful tools for Bug Boun"
},
{
"path": "assets/vulns.md",
"chars": 6851,
"preview": "# Resources-for-Beginner-Bug-Bounty-Hunters\n\n## Vulnerabilities 💉\nThis page is created to help hackers understand a spec"
}
]
About this extraction
This page contains the full source code of the nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 16 files (91.7 KB), approximately 28.1k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.