My-Methodologies/tips-and-write-ups.md

✍️ Tips and Write-ups

Bug Bounty Handbook: (https://gowthams.gitbook.io/bughunter-handbook/)

Bug Bounty Tips: (https://gowsundar.gitbook.io/book-of-bugbounty-tips/)

---

• https://kingcoolvikas.medium.com/how-i-was-able-to-see-sensitive-information-on-one-of-the-indias-best-school-website-5800b5ab834c
• https://ajaksecurity.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2023-f3c1499959da
• https://bxmbn.medium.com/
• https://infosecwriteups.com/bug-bounty-hunting-methodology-tools-tips-tricks-blogs-books-6f84cda7ce34

Subdomain Enumeration

The best terminal-based subdomain scanner tools to find subdomains

• AMASS
• SubBrute
• Knock
• DNSRecon
• Sublist3r
• AltDNS
• Axiom
• Haktrails
• Anubis
• Lepus
• subfinder

Subdomain Enumeration Guide

• https://sidxparab.gitbook.io/subdomain-enumeration-guide/passive-enumeration/passive-sources

Writeup About XSS Finding

• https://infosecwriteups.com/how-i-was-able-to-find-50-cross-site-scripting-xss-security-vulnerabilities-on-bugcrowd-public-ba33db2b0ab1

Writeup about SQL Injection

• https://medium.com/@a7madhacck/how-i-found-my-first-sql-injection-2-in-two-different-website-9c6c324b53c

403 Bypass tool:

{% embed url="https://github.com/Dheerajmadhukar/4-ZERO-3" %}

Filter Subdomains:

awk -F[/.] 'NF > 5' subdomains.txt 

Sort unique domains based on their content length

cat cl.txt | awk '{print $NF, $0}' | sort -u -k1,1 | cut -d' ' -f2-