> For the complete documentation index, see [llms.txt](https://gowthams.gitbook.io/bughunter-handbook/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://gowthams.gitbook.io/bughunter-handbook/list-of-vulnerabilities-bugs/open-redirect.md).

# Open Redirect

**Blogs / Articles:**

**Writeups**:

* Top 25 open redirect reports - <https://medium.com/@corneacristian/top-25-open-redirect-bug-bounty-reports-5ffe11788794>
* <https://twitter.com/vickieli7/status/1339587647459618816?s=20>

**Cheatsheet:**

* <https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html>

**Payloads:**

![https://twitter.com/lutfumertceylan/status/1272895185031217152](/files/-MItcFEscDLZ2R-EaKg3)

* <https://gist.github.com/EdOverflow/c4d6d8c43b315546892aa5dab67fdd6c>

Tools:

* <https://github.com/PushpenderIndia/ORhunter>

**Tweets:**

* [**https://twitter.com/DaherMohamed4/status/1227988338851942402**](https://twitter.com/DaherMohamed4/status/1227988338851942402)

[when you are looking for bugs like SSRF & Open Redirect. and there is a blacklisted character. try to bypassed using other Unicode characters. I found Open Redirect Bypass Using (。) Chinese dot "%E3%80%82". poc: redirect\_to=////evil%E3%80%82com #BugBounty #bugbountytip](https://twitter.com/h4x0r_dz/status/1335880542353559552)[<br>](https://twitter.com/h4x0r_dz/status/1335880542353559552/photo/1)

![https://twitter.com/0xblackbird/status/1377386706542895105?s=20](/files/-MXmQYFtziuxLIkNbVau)

* <https://gist.github.com/0xblackbird/d7677a05ea50586cf2be0a601e665d1a>
