Open Redirect

Blogs / Articles:

Writeups:

• Top 25 open redirect reports - https://medium.com/@corneacristian/top-25-open-redirect-bug-bounty-reports-5ffe11788794

• https://twitter.com/vickieli7/status/1339587647459618816?s=20

Cheatsheet:

• https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html

Payloads:

https://twitter.com/lutfumertceylan/status/1272895185031217152

• https://gist.github.com/EdOverflow/c4d6d8c43b315546892aa5dab67fdd6c

Tools:

• https://github.com/PushpenderIndia/ORhunter

Tweets:

• https://twitter.com/DaherMohamed4/status/1227988338851942402

when you are looking for bugs like SSRF & Open Redirect. and there is a blacklisted character. try to bypassed using other Unicode characters. I found Open Redirect Bypass Using (。) Chinese dot "%E3%80%82". poc: redirect_to=////evil%E3%80%82com #BugBounty #bugbountytip

https://twitter.com/0xblackbird/status/1377386706542895105?s=20

• https://gist.github.com/0xblackbird/d7677a05ea50586cf2be0a601e665d1a