Merge pull request #4 from AshF0x/master

Update

assets/basics.md

@@ -40,6 +40,7 @@ https://www.utilizewindows.com/list-of-common-network-port-numbers/
 https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records--cms-24704
 - Intermediate Security Testing with Kali Linux 2
 http://www.penguintutor.com/linux/basic-network-reference
+- [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
 
 
 ## Programming Basics
@@ -58,14 +59,15 @@ As always, if you prefer an interactive course, feel free to use Codecademy!
 https://www.codecademy.com/learn/learn-sql
 http://www.sqlcourse.com/ 
 
-### Automation 
+## Automation 
 You are welcome to skip this section if you think you’ll never need any automation or in depth web application knowledge. However I think learning bash in addition to one the following four languages may help you work smarter rather than harder.
 - Bash
-https://www.learnshell.org/ 
+   - https://www.learnshell.org/ 
+   - https://explainshell.com/
 - Ruby
-https://www.learnrubyonline.org/
+   - https://www.learnrubyonline.org/
 - Python
-https://docs.python.org/3/tutorial/
+   - https://docs.python.org/3/tutorial/
 - Additional Resources:
    - https://www.codecademy.com/learn/paths/web-development
    - https://docs.python.org/3/tutorial/

assets/blogposts.md

@@ -8,9 +8,21 @@ A collection of Blog Posts ordered by Vulnerability Types
     - [CSP Bypass](#CSP-Bypass)
 - [SSRF](#SSRF)
 - [Vulnerability Scanning](#Vulnerability-Scanning)
+- [Token / Authentication](#Token-/-Authentication)
+- [SQL Injection](#SQL-Injection)
+- [Mobile](#Mobile)
+    - [iOS](#iOS)
+    - [Android](#Android)
+- [HTTP Desync](#HTTP-Desync)
+- [File Upload](#File-Upload)
+- [Automation](#Automation)
+- [Misc](#Misc)
 ## XSS
 You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
 
+- [XSS on Google Search - Sanitizing HTML in The Client?](https://www.youtube.com/watch?v=lG7U3fuNw3A) - by LiveOverflow
+    - [The Fix](https://github.com/google/closure-library/commit/c79ab48e8e962fee57e68739c00e16b9934c0ffa)
+
 ### DOM XSS
 - https://hackerone.com/reports/297968
 - https://hackerone.com/reports/168165
@@ -29,8 +41,41 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
 ## SSRF
 - [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019
 - [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
+- [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - by Sayed Abdelhafiz
+
 
 ## Vulnerability Scanning
 - [NMAP For Vulnerability Discovery](https://www.peerlyst.com/posts/nmap-for-vulnerability-discovery-sachin-wagh) - by Sachin Wagh
+
+## Token / Authentication
+- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - by Harsh Jaiswal
+- [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - by Ananda Dhakal
+
+
+## SQL Injection
+- [Time-Based Blind SQL Injection In GraphQL](https://medium.com/bugbountywriteup/time-based-blind-sql-injection-in-graphql-39a25a1dfb3c) - Divyanshu Shukla
+- [SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database](https://hackerone.com/reports/531051) - by spaceraccoon
+
+## Mobile
+### iOS
+- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - by spaceraccoon
+## Android
+- [A deep dive into reversing Android pre-Installed apps](https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf) and the [BlackHat Talk](https://www.youtube.com/watch?v=U6qTcpCfuFc) - by Maddie Stone
+
+## HTTP Desync
+- [HTTP Desync Attacks: Request Smuggling Reborn](https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn) in combination with this [report](https://hackerone.com/reports/510152) - by James Kettle
+- [HTTP Request Smuggling on vpn.lob.com](https://hackerone.com/reports/694604) - by 0X0 (painreigns)
+
+## File Upload
+- [Webshell via File Upload on ecjobs.starbucks.com.cn](https://hackerone.com/reports/506646) - by johnstone
+
+## Automation
+- [Fasten your Recon process using Shell Scripting](https://medium.com/bugbountywriteup/fasten-your-recon-process-using-shell-scripting-359800905d2a) - by Mohd Shibli
+- [Beginner’s Guide to recon automation](https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb) - by Ashish Jha
+- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - by STÖK & Fisher
+
+## Misc
+- [Writing a Simple Buffer Overflow Exploit](https://www.youtube.com/watch?v=oS2O75H57qU) - by LiveOverflow
+
 ---
 back to [Intro Page](/README.md)

assets/mobile.md

@@ -6,6 +6,7 @@ Since there are quite a lot of people asking for Beginner Guides to Mobile Hacki
 ## Getting Started
 - [The Mobile Application Hacker’s Handbook](http://amzn.to/2cVOIrE)
 - [iOS Application Security](http://amzn.to/2d9yo7m)
+- [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - by spaceraccoon
 
 ## Tools
 Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking).

assets/setup.md

@@ -11,6 +11,8 @@ https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox
 https://lifehacker.com/5633909/who-needs-a-mouse-learn-to-use-the-command-line-for-almost-anything
 - Setting up Burp
 https://www.hacker101.com/playlists/burp_suite
+- Burp Suite Introduction
+https://github.com/bugcrowd/bugcrowd_university/blob/master/An_introduction_to_Burp_Suite/Bugcrowd%20University%20-%20Burp%20Suite%20Introduction.pdf - by Jason Haddix
 - Previously Disclosed Vulnerabilities 
 https://hackerone.com/hacktivity
 

assets/tools.md

@@ -27,10 +27,23 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
 |[dirsearch](https://github.com/maurosoria/dirsearch)|dirsearch is a simple command-line tool designed to brute force directories and files in websites.|Python|Mauro Soria|
 |[Amass](https://github.com/OWASP/Amass)|Uses a variety of different techniques to gather subdomains and can build a network map of the target. Very good export options.|Go|OWASP|
 |[BuiltWith](https://builtwith.com)|A very handy Browser Extension (for Chrome, Firefox) that checks for more than 18,000 types of internet technologies. Gives you a very quick glance on what a Web Application is built.||BuiltWith®|
-|[hunter.io](https://www.hunter.io)|Email Enumeration for big corps|||
-|[intelx.io](https://intelx.io/)|Swiss army Knife of OSINT|||
-|[Shodan](https://www.shodan.io/)||||
-|[Censys](https://censys.io)||||
+|[findomain](https://github.com/Edu4rdSHL/findomain)|Very fast cross-platform subdomain enumerator|Rust|[Eduard Tolosa](https://github.com/Edu4rdSHL)|
+|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain|Go|[Tom Hudson](https://github.com/tomnomnom)|
+|[meg](https://github.com/tomnomnom/meg)|meg is a tool for fetching lots of URLs but still being 'nice' to servers. It can be used to fetch many paths for many hosts; fetching one path for all hosts before moving on to the next path and repeating.|Go|[Tom Hudson](https://github.com/tomnomnom)|
+|[httprobe](https://github.com/tomnomnom/httprobe)|Take a list of domains and probe for working http and https servers.|Go|[Tom Hudson](https://github.com/tomnomnom)|
+|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning|Python|[j3ssie](https://github.com/j3ssie)|
+
+#### OSINT Webpages
+| Name 	| Description 	    | Created by   |
+|------	|-------------    	|------------- |
+|[hunter.io](https://www.hunter.io)|Email Enumeration for big corps|[Hunter Team](https://hunter.io/about)|
+|[intelx.io](https://intelx.io/)|Swiss army Knife of OSINT|[Intelligence X](https://twitter.com/_IntelligenceX)|
+|[Shodan](https://www.shodan.io/)|Search engine that lets you find systems connected to the internet with a variety of filters|John Matherly|
+|[Censys](https://censys.io)|"Censys is a public search engine that enables researchers to quickly ask questions about the hosts and networks that compose the Internet."|[Censys](https://censys.io/company)|
+|[Lookyloo](https://lookyloo.circl.lu/scrape)|Lookyloo is a web interface allowing to scrape a website and then displays a tree of domains calling each other. [Github Page of the Project](https://github.com/CIRCL/lookyloo) |[CIRCL](https://circl.lu/)|
+|[Spyse.com](https://spyse.com/)|New Search Engine made for pentesters and cyber security specialists|[Spyse Team](https://spyse.com/about)|
+|[crt.sh](https://crt.sh)|SSL certificate search tool|[Sectigo](https://sectigo.com/)|
+|[Virus Total](https://www.virustotal.com)|WHOIS, DNS, and subdomain recon|[Virus Total Team](https://support.virustotal.com/hc/en-us/categories/360000160117-About-us)|
 ### Exploitation
 | Name 	| Description 	    | Written in    | Created by   |
 |------	|-------------    	| ------------  |------------- |
@@ -45,6 +58,7 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
 |------	|-------------    	| ------------  |------------- |
 |Frida||||
 |[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan|
+|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
 
 ### Others
 | Name 	| Description 	    | Written in    | Created by   |

assets/vulns.md

@@ -5,14 +5,31 @@ Compact descriptions of common vulnerability types with links to useful resource
 ### Online Resources
 - [Owasp Top 10](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
 - [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
+- [Bug Bounty Cheat Sheets](https://github.com/EdOverflow/bugbounty-cheatsheet) - by EdOverflow
 ---
-## Cross-Site Scripting XSS
+## Cross-Site Scripting (XSS)
 As we start to build this repository, we'll be adding more vulnerability types and resources for each one. XSS is a great place to start as it's one of the most popular and easiest vulnerabilities to find in a web application.
 
 - [Hacker101](https://www.hacker101.com/sessions/xss)
 - [OWASP XSS](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS))
 - [A comprehensive tutorial on cross-site scripting](https://excess-xss.com)
 - [Google Application Security (XSS Guide)](https://www.google.com/intl/am_AD/about/appsecurity/learning/xss/)
+ - [What is PHP and why is XSS so common there?](https://www.youtube.com/watch?v=Q2mGcbkX550) - by LiveOverflow
 
+## Cross-Site Request Forgery (CSRF)
+- [Cross-Site Request Forgery Attack](https://www.youtube.com/watch?v=eWEgUcHPle0) - by PwnFunction
+
+## XML External Entities (XXE)
+- [XML External Entities ft. JohnHammond](https://www.youtube.com/watch?v=gjm6VHZa_8s) - by PwnFunction
+## Isecure Direct Object Reference (IDOR)
+- [Insecure Direct Object Reference Vulnerability](https://www.youtube.com/watch?v=rloqMGcPMkI) - by PwnFunction
+- [Finding Your First Bug: Manual IDOR Hunting](https://www.youtube.com/watch?v=gINAtzdccts) - by Insider PhD
+- [Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)](https://www.youtube.com/watch?v=3K1-a7dnA60) - by STÖK & Fisher
+## Open Redirect
+- [Open Redirect Vulnerability](https://www.youtube.com/watch?v=4Jk_I-cw4WE) - by PwnFunction
+## HTTP Parameter Pollution
+- [HTTP Parameter Pollution Attacks](https://www.youtube.com/watch?v=QVZBl8yxVX0) - by PwnFunction
+## Logic Errors
+- [Finding Your First Bug: Business Logic Errors](https://www.youtube.com/watch?v=RobCqW2KwGs) - by InsiderPhD
 ---
 back to [Intro Page](/README.md)