Mirrors/Resources-for-Beginner-Bug-Bounty-Hunters
2
0
Fork 0
mirror of https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters.git synced 2024-11-25 21:20:21 +00:00
Code Issues Projects Releases Packages Wiki Activity
Resources-for-Beginner-Bug-.../assets/vulns.md

40 lines
2.6 KiB
Markdown
Raw Normal View History

ordered and linked Resources
2019-12-12 09:50:59 +00:00
# Resources-for-Beginner-Bug-Bounty-Hunters
added icons
2020-01-16 07:46:23 +00:00
## Vulnerabilities 💉
ordered and linked Resources
2019-12-12 09:50:59 +00:00
Compact descriptions of common vulnerability types with links to useful resources.
added a link back to README
2019-12-12 13:00:28 +00:00
### Online Resources
- [Owasp Top 10](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
- [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
added resources & tools
2019-12-17 13:24:38 +00:00
- [Bug Bounty Cheat Sheets](https://github.com/EdOverflow/bugbounty-cheatsheet) - by EdOverflow
added a link back to README
2019-12-12 13:00:28 +00:00
---
added resources & tools
2019-12-17 13:24:38 +00:00
## Cross-Site Scripting (XSS)
ordered and linked Resources
2019-12-12 09:50:59 +00:00
As we start to build this repository, we'll be adding more vulnerability types and resources for each one. XSS is a great place to start as it's one of the most popular and easiest vulnerabilities to find in a web application.
- [Hacker101](https://www.hacker101.com/sessions/xss)
- [OWASP XSS](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS))
- [A comprehensive tutorial on cross-site scripting](https://excess-xss.com)
organised and linked everything
2019-12-12 10:07:53 +00:00
- [Google Application Security (XSS Guide)](https://www.google.com/intl/am_AD/about/appsecurity/learning/xss/)
added the category and a video for RCE
2020-01-02 08:13:16 +00:00
- [What is PHP and why is XSS so common there?](https://www.youtube.com/watch?v=Q2mGcbkX550) - by LiveOverflow
reformated the README.md index & added new video in vulns.md
2020-01-04 18:27:55 +00:00
- [Finding Your First Bug: Cross Site Scripting (XSS)](https://www.youtube.com/watch?v=IWbmP0Z-yQg) - by InsiderPhD
see changelog
2020-01-15 15:12:27 +00:00
- [The 7 main XSS cases everyone should know](https://brutelogic.com.br/blog/the-7-main-xss-cases-everyone-should-know/) - [brutelogic](https://brutelogic.com.br/blog/about/)
organised and linked everything
2019-12-12 10:07:53 +00:00
added resources & tools
2019-12-17 13:24:38 +00:00
## Cross-Site Request Forgery (CSRF)
- [Cross-Site Request Forgery Attack](https://www.youtube.com/watch?v=eWEgUcHPle0) - by PwnFunction
## XML External Entities (XXE)
- [XML External Entities ft. JohnHammond](https://www.youtube.com/watch?v=gjm6VHZa_8s) - by PwnFunction
fixed typo error
2020-02-09 15:20:00 +00:00
## Insecure Direct Object Reference (IDOR)
added resources & tools
2019-12-17 13:24:38 +00:00
- [Insecure Direct Object Reference Vulnerability](https://www.youtube.com/watch?v=rloqMGcPMkI) - by PwnFunction
- [Finding Your First Bug: Manual IDOR Hunting](https://www.youtube.com/watch?v=gINAtzdccts) - by Insider PhD
- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - by STÖK & Fisher
## Open Redirect
- [Open Redirect Vulnerability](https://www.youtube.com/watch?v=4Jk_I-cw4WE) - by PwnFunction
## HTTP Parameter Pollution
- [HTTP Parameter Pollution Attacks](https://www.youtube.com/watch?v=QVZBl8yxVX0) - by PwnFunction
## Logic Errors
- [Finding Your First Bug: Business Logic Errors](https://www.youtube.com/watch?v=RobCqW2KwGs) - by InsiderPhD
added the category and a video for RCE
2020-01-02 08:13:16 +00:00
## Remote Code Execution
- [Finding Your First Bug: Goal Setting / Remote Code Execution (RCE)](https://www.youtube.com/watch?v=5BTvTE3gEq8) - by InsiderPhD
organised and linked everything
2019-12-12 10:07:53 +00:00
---
fixed typo error
2020-02-09 15:20:00 +00:00
back to [Intro Page](/README.md)
Reference in a new issue Copy permalink