Bug Hunter Handbook
Search
⌃K
Bug Hunter Handbook
Search
⌃K
Introduction
Getting Started in InfoSec and Bug Bounties.
Presentations
Checklists / Guides
Useful Twitter Threads
List of Vulnerabilities
API Security
Mobile Security
Fuzzing / Wordlists
BugBounty Short Write-ups
Burp Suite Tips and Tricks
HackerOne Reports
Response Manipulation
Client Vs Server Side Vulnerabilities
AWS
Others
Chaining of Bugs
Bug Bounty Automation
Mindmaps
Oneliner Collections
Red Teaming
Blue Teamining
Recon One Liners
Misc
Containers
Wordpress
Fuzzing / FuFF
OWASP ZAP
Bug List
Setting up burp collaborator
Admin Panel PwN
Credential Stuffing / Dump / HaveibeenPwned?
Tools Required
Nuclei Template
Other BugBounty Repos / Tips
Powered By
GitBook
API Security
Blogs / Articles / Presentations:
https://speakerdeck.com/riyazwalikar/api-security-testing-null-bangalore-janua
https://medium.com/@inonst/31-tips-api-security-pentesting-480b5998b765
https://medium.com/bugbountywriteup/bounty-tip-easiest-way-to-bypass-apis-rate-limit-f984fad40093
https://bendtheory.medium.com/finding-and-exploiting-unintended-functionality-in-main-web-app-apis-6eca3ef000af
https://labs.detectify.com/2021/08/31/go-fuzz-yourself-how-to-find-more-vulnerabilities-in-apis-through-fuzzing-whitepaper-download/
Writeups:
https://drive.google.com/file/d/1iMGqUUpaiQrEys4IOETwgxti8AiShomZ/view
Checklist:
https://github.com/shieldfy/API-Security-Checklist
https://hackanythingfor.blogspot.com/2020/07/api-testing-checklist.html?spref=tw
Videos:
https://www.youtube.com/watch?v=gx-eKashKvs&feature=youtu.be
https://www.youtube.com/watch?v=qqmyAxfGV9c&feature=youtu.be
Tools:
https://github.com/ngalongc/openapi_security_scanner
Tweets:
https://github.com/dwisiswant0/apkleaks
Play with it live
Previous
Prototype Pollution
Next
Mobile Security
Last modified
1yr ago
