Mirrors/My-Methodologies
2
0
Fork 0
mirror of https://github.com/xalgord/My-Methodologies.git synced 2024-11-25 13:10:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source
This commit is contained in:
Xalgord 2021-02-20 15:36:42 +05:30 committed by GitHub
parent 2c7f5e55f9
commit c04dd85924
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
README.md
View file

@ -187,3 +187,19 @@ All you have to do is to provide your Bugcrowd token like this:
bcscope -t <YOUR-TOKEN-HERE> -c 2 -p
```
![alt text](https://www.infosecmatter.com/wp-content/uploads/2020/10/list-scope-for-bugcrowd-bug-bounty-programs.jpg)
Quite convenient and pretty useful!
Get the tool here:
- https://github.com/sw33tLie/bcscope
## Chaining file uploads with other vulns
When testing file upload functionalities in a web application, try setting the filename to the following values:
```
- ../../../tmp/lol.png —> for path traversal
- sleep(10)-- -.jpg —> for SQL injection
- <svg onload=alert(document.domain)>.jpg/png —> for XSS
- ; sleep 10; —> for command injections
```