2020.05 update

This commit is contained in:
Peer Heinen 2020-05-01 10:57:06 +02:00
parent 55208f735f
commit bf9a194d80
13 changed files with 152 additions and 34 deletions

7
CONTRIBUTORS.md Normal file
View file

@ -0,0 +1,7 @@
A Big Thank You to the Main-Contributors of the Repo:<br>
Securibee<br>
Nahamsec<br>
AshF0x<br>
Cody Brocious (@daeken)<br>
and of course everyone else who sends in suggestions for the repo itself <3

View file

@ -6,7 +6,7 @@ There are a number of new hackers joining the community on a regular basis and m
We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br> We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br>
## Current Version: 2020.04 ## Current Version: 2020.05
[Changelog: See what's new!](/assets/changelog.md) 📣 [Changelog: See what's new!](/assets/changelog.md) 📣
@ -24,3 +24,8 @@ We understand that there are more resources other than the ones we have listed a
- [Hardware & IoT](/assets/hardware.md) - [Hardware & IoT](/assets/hardware.md)
- [Blog posts & Talks](/assets/blogposts.md) - [Blog posts & Talks](/assets/blogposts.md)
- [Media Resources](/assets/media.md) - [Media Resources](/assets/media.md)
- [Certifications](/assets/certs.md)
- [Mindset & Mental Health](/assets/mind.md)
---
If you have more questions or suggestions, come the [Discord Server](https://discord.gg/9jZxjQ5) of nahamsec !

View file

@ -1,6 +1,9 @@
# Resources-for-Beginner-Bug-Bounty-Hunters # Resources-for-Beginner-Bug-Bounty-Hunters
## Table of Contents
## Basics 🤓
### Table of Contents
1. [Stanford CS 253 Web Security](#Stanford-CS-253-Web-Security) 1. [Stanford CS 253 Web Security](#Stanford-CS-253-Web-Security)
2. [HTTP basics](#HTTP-basics) 2. [HTTP basics](#HTTP-basics)
3. [Networking basics](#Networking-basics) 3. [Networking basics](#Networking-basics)
@ -8,21 +11,21 @@
5. [Automation](#Automation) 5. [Automation](#Automation)
## Stanford CS 253 Web Security ### Stanford CS 253 Web Security
- [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross) - [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross)
- "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues." - "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues."
## HTTP basics ### HTTP basics
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics. In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
- All in one resource: https://www.hacker101.com/sessions/web_in_depth - All in one resource: https://www.hacker101.com/sessions/web_in_depth
HTTP basics - HTTP basics
Cookie security - Cookie security
HTML parsing - HTML parsing
MIME sniffing - MIME sniffing
Encoding sniffing - Encoding sniffing
Same-Origin Policy - Same-Origin Policy
CSRF (Cross-Site Request Forgery) - CSRF (Cross-Site Request Forgery)
- Request form - Request form
https://www.tutorialspoint.com/http/http_requests.htm https://www.tutorialspoint.com/http/http_requests.htm
- Response form - Response form
@ -33,7 +36,7 @@ https://www.tutorialspoint.com/http/http_status_codes.htm
https://www.tutorialspoint.com/http/http_url_encoding.htm https://www.tutorialspoint.com/http/http_url_encoding.htm
## Networking basics ### Networking basics
Recon is a common terminology used in bug bounties. Its great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work. Recon is a common terminology used in bug bounties. Its great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work.
- Terminology - Terminology
https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols
@ -48,7 +51,7 @@ http://www.penguintutor.com/linux/basic-network-reference
- [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners - [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
## Programming Basics ### Programming Basics
Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical. Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical.
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step. - HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step.
@ -64,7 +67,7 @@ As always, if you prefer an interactive course, feel free to use Codecademy!
https://www.codecademy.com/learn/learn-sql https://www.codecademy.com/learn/learn-sql
http://www.sqlcourse.com/ http://www.sqlcourse.com/
## Automation ### Automation
You are welcome to skip this section if you think youll never need any automation or in depth web application knowledge. However I think learning bash in addition to one the following four languages may help you work smarter rather than harder. You are welcome to skip this section if you think youll never need any automation or in depth web application knowledge. However I think learning bash in addition to one the following four languages may help you work smarter rather than harder.
- Bash - Bash
- https://www.learnshell.org/ - https://www.learnshell.org/

View file

@ -1,11 +1,11 @@
# Resources-for-Beginner-Bug-Bounty-Hunters # Resources-for-Beginner-Bug-Bounty-Hunters
## Blog posts 📝 ## Blog posts & Disclosed Reports 📝
A collection of Blog Posts ordered by Vulnerability Types A collection of Blog Posts ordered by Vulnerability Types
- [Starting out & Tips](#Starting-Out-&-Questions)
- [XSS](#XSS) - [XSS](#XSS)
- [DOM XSS](#DOM-XSS) - [DOM XSS](#DOM-XSS)
- [Sored XSS](#Stored-XSS) - [Stored XSS](#Stored-XSS)
- [CSP Bypass](#CSP-Bypass)
- [SSRF](#SSRF) - [SSRF](#SSRF)
- [Vulnerability Scanning](#Vulnerability-Scanning) - [Vulnerability Scanning](#Vulnerability-Scanning)
- [Token / Authentication](#Token-/-Authentication) - [Token / Authentication](#Token-/-Authentication)
@ -25,6 +25,13 @@ A collection of Blog Posts ordered by Vulnerability Types
- [API](#API) - [API](#API)
- [Misc](#Misc) - [Misc](#Misc)
--- ---
## Starting out & Tips
- [Basic Bug Bounty FAQ](http://blog.oath.ninja/basic-bug-bounty-faq/) - by [@thedawgyg](https://twitter.com/thedawgyg)
- [Getting started in Cyber Security in 2019 The Complete Guide](https://www.ceos3c.com/hacking/getting-started-cyber-security-complete-guide/) - by ceos3c
- [WTF is a Bug Bounty?](https://www.ceos3c.com/hacking/ethical-hacking-diaries-1-wtf-is-a-bug-bounty/) - by ceos3c
- [How to Set up Certificate-Based SSH for Bug Hunting](https://medium.com/@c0ldbr3w/how-to-set-up-certificate-based-ssh-for-bug-hunting-bonus-ef4af95fca05) - by Mack Staples
- [XSS in Google Colaboratory + CSP bypass](https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html) by Michał Bentkowski
- [Zseanos notes on hacking & mentoring](https://blog.intigriti.com/2020/04/29/bug-business-3-zseanos-notes-on-hacking-mentoring/) by Intigriti & Zseano
## XSS ## XSS
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts: You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
@ -35,6 +42,7 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
- [Microsoft Edge (Chromium) - EoP via XSS to Potential RCE](https://leucosite.com/Edge-Chromium-EoP-RCE/) - [@Qab](https://twitter.com/qab) - [Microsoft Edge (Chromium) - EoP via XSS to Potential RCE](https://leucosite.com/Edge-Chromium-EoP-RCE/) - [@Qab](https://twitter.com/qab)
- [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh - [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh
- [Google Bug Bounty Writeup- XSS Vulnerability](https://pethuraj.com/blog/google-bug-bounty-writeup/) - [@itsmepethu](https://twitter.com/itsmepethu) - [Google Bug Bounty Writeup- XSS Vulnerability](https://pethuraj.com/blog/google-bug-bounty-writeup/) - [@itsmepethu](https://twitter.com/itsmepethu)
- [How to solve the INTIGRITI Easter XSS challenge using only Chrome Devtools](https://www.youtube.com/watch?v=IhPsBMBDFcg) - by STÖK
### DOM XSS ### DOM XSS
@ -50,13 +58,12 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
- [Yahoo Mail stored XSS](https://klikki.fi/adv/yahoo.html) - Jouko Pynnönen - [Yahoo Mail stored XSS](https://klikki.fi/adv/yahoo.html) - Jouko Pynnönen
- [Yahoo Mail stored XSS #2](https://klikki.fi/adv/yahoo2.html) - Jouko Pynnönen - [Yahoo Mail stored XSS #2](https://klikki.fi/adv/yahoo2.html) - Jouko Pynnönen
- [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár - [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár
### CSP Bypass
- https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html
## SSRF ## SSRF
- [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019 - [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019
- [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019 - [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
- [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - Sayed Abdelhafiz - [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - Sayed Abdelhafiz
- [Piercing the Veal](https://medium.com/@d0nut/piercing-the-veal-short-stories-to-read-with-friends-4aa86d606fc5) - by d0nut
## Vulnerability Scanning ## Vulnerability Scanning
@ -66,6 +73,7 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal - [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal
- [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - Ananda Dhakal - [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - Ananda Dhakal
- [Bypassing GitHub's OAuth flow](https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html) - [@not_aardvark](https://twitter.com/not_aardvark) - [Bypassing GitHub's OAuth flow](https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html) - [@not_aardvark](https://twitter.com/not_aardvark)
- [Subdomain Takeover to Authentication bypass](https://hackerone.com/reports/335330) - by geekboy
## SQL Injection ## SQL Injection
@ -137,9 +145,11 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle - [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/) - [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_) - [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
- [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) - by [@leonishan_](https://twitter.com/leonishan_) - [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) by [@leonishan_](https://twitter.com/leonishan_)
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) - by [James Kettle](https://twitter.com/albinowax) - [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) by [James Kettle](https://twitter.com/albinowax)
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) - by Github - [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) by Github
- [URL link spoofing (Slack)](https://hackerone.com/reports/481472) by Akaki Tsunoda (akaki)
- [Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts](https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts/) by Sam Curry
--- ---

16
assets/certs.md Normal file
View file

@ -0,0 +1,16 @@
# Resources-for-Beginner-Bug-Bounty-Hunters
## Certifications 📜
Quite a lot of beginners ask about certifications and if they can help in Bug Bounty. Similar to Coding itself it is a nice thing to have but not a necessity to be successful.<br>
Due to the fact that a lot more Hunters are trying to get better in different fields, and are curious about the certifications, I wanted to add some Info and Notes about some of them.
### OSCP
- OSCP Videos from John Hammond:
- [OSCP - Taking Notes & Resources](https://www.youtube.com/watch?v=MQGozZzHUwQ)
- [100% OSCP: Offensive Security Certified Professional](https://www.youtube.com/watch?v=kdobdnQ2sGw)
- [ALL NEW OSCP - REVAMPED 2020](https://www.youtube.com/watch?v=wjTt-5mfyhY)
- [OSCP Preparation](https://github.com/superhero1/OSCP-Prep) by sup3rhero1
- [TJnulls Preparation Guide for PWK/OSCP](https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html)
---
back to [Intro Page](/README.md)

View file

@ -5,7 +5,56 @@
Updates to this repo will be pushed monthly. You can read about the latest changes below. Updates to this repo will be pushed monthly. You can read about the latest changes below.
--- ---
## Update 2020.04 ## ___Update 2020.05___
### Added
- [Media](/assets/media.md):
- New curated **Bug Bounty List** (Twitter)
- **Curated List of YT Channels** by TCM
- [Labs](/assets/labs.md):
- **Kontra Application Security Training**
- **Cyberseclabs**
- [Coding](/assets/coding.md):
- **Exercism**
- **CodeCademy**
- **Khan Academy**
- **Learn Python the Hard Way**
- **Udacity**
- **Bug Bounty with Bash**
- [Setup](/assets/setup.md):
- New Video by nahamsec: **Creating Wordlists for Pentesting & Bug Bounty**
- [Blogposts & Disclosed Reports](/assets/blogposts.md):
- **Piercing the Veal** by d0nut
- **Basic Bug Bounty FAQ** by dawgyg
- **How to Set up Certificate-Based SSH for Bug Hunting** by Mack Staples
- **Getting started in Cyber Security in 2019 The Complete Guide** by ceos3c
- **WTF is a Bug Bounty?** by ceos3c
- **How to solve the INTIGRITI Easter XSS challenge using only Chrome Devtools** by STÖK
- **URL link spoofing (Slack)** by Akaki Tsunoda (akaki)
- **Subdomain Takeover to Authentication bypass** by geekboy
- **Zseanos notes on hacking & mentoring** by Intigriti & Zseano
- **Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts** by Sam Curry
- [Mobile](/assets/mobile):
- **Android App Reverse Engineering 101** by Maddie Stone
- [Tools](/assets/tools.md):
- **Ghidra** -> Mobile
- **jadx** -> Mobile
- **nuclei** -> Recon & OSINT
- New Category: [Certifications](/assets/certs.md)
- Fot the moment one Cert: **OSCP**
- New Category: [Mindset & Mental Health](/assets/mind.md)
### Changes
- Changed the formating of the Changelog starting this month to make it cleaner
- Removed the links for every new addition to its article.<br>
The headers for every category now links to their page instead.
- Changed the formatting of the **HTTP** Section in the **Basics** Category
- Changed **Blogposts** to -> **Blogposts & Disclosed Reports**
- Changed some of the formatting in the XSS Blogposts, cleaner now
### Fixes
- Fixed some layout errors
- Added missing Header in **Basics** Category
- Fixed Typos
---
## ___Update 2020.04___
### Added ### Added
- New in [Basics](/assets/basics.md) - New in [Basics](/assets/basics.md)
- Added **Stanford CS 253 Web Security** - Added **Stanford CS 253 Web Security**
@ -66,9 +115,8 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
### Fixed ### Fixed
--- ---
## Update 2020.03 ## ___Update 2020.03___
### Added ### Added
- New: [Smart Contracts](/assets/smartcon.md) (special thanks to [@0xatul](https://twitter.com/0xatul)) - New: [Smart Contracts](/assets/smartcon.md) (special thanks to [@0xatul](https://twitter.com/0xatul))
- New White-/yellowpapers in [Smart Contracts](/assets/smartcon.md): - New White-/yellowpapers in [Smart Contracts](/assets/smartcon.md):
@ -99,9 +147,8 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
- Format Issue in [Changelog](/assets/changelog.md) - Format Issue in [Changelog](/assets/changelog.md)
- Changed Format in [README](/assets/README.md) - Changed Format in [README](/assets/README.md)
--- ---
## Update 2020.02 ## ___Update 2020.02___
### Added ### Added
- New XSS Lab: **XSS Labs from PwnFunction** - New XSS Lab: **XSS Labs from PwnFunction**
- New Recon & OSINT Tool: **Reconness** - New Recon & OSINT Tool: **Reconness**
@ -119,10 +166,9 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
### Fixed ### Fixed
- Typos in [Media](/assets/media.md) (contributed by [securibee](https://github.com/securibee)) - Typos in [Media](/assets/media.md) (contributed by [securibee](https://github.com/securibee))
--- ---
## Update 2020.01 ## ___Update 2020.01___
### Added ### Added
- New changelog page - New changelog page
- New content in [Blogposts](/assets/blogposts.md) - New content in [Blogposts](/assets/blogposts.md)

View file

@ -3,10 +3,11 @@
## Coding & Scripting 🤖 ## Coding & Scripting 🤖
### Info ### Info
Many Beginners often ask if Coding is a necessaty for Bug Bounty.<br> Many Beginners often ask if Coding is a necessity for Bug Bounty.<br>
Short Answer: No.<br> Short Answer: No.<br>
But as often discussed on @nahamsec Twitch Channel, it is a good Tool to have in General. Coding can help you a lot with understanding stuff that you will encounter on your Hacking Sessions, but it is also generally a good skill to have in the current times. You can automate your own Tools with Python for example, or write completely new ones if you have a specific task for it in mind. We will add a lot more in here over the next updates and also reorganize the Resources by Languages and so on. But as often discussed on @nahamsec Twitch Channel, it is a good tool to have in General. Coding can help you a lot with understanding stuff that you will encounter on your Hacking Sessions, but it is also generally a good skill to have in the current times. You can automate your Tools with Python for example, or write completely new ones if you have a specific task for it in mind. We will add a lot more in here over the next updates and also reorganize the Resources by Languages and so on.
TL,DR: ___Python___ and ___Bash___ are really good skills to have and start out with.
### Resources ### Resources
- [Bash Scripting Full Course 3 Hours](https://www.youtube.com/watch?v=e7BufAVwDiM) - [Bash Scripting Full Course 3 Hours](https://www.youtube.com/watch?v=e7BufAVwDiM)
- [Explainshell](https://explainshell.com/) - [Explainshell](https://explainshell.com/)
@ -14,6 +15,12 @@ But as often discussed on @nahamsec Twitch Channel, it is a good Tool to have in
- [Text Processing in the Shell](https://blog.balthazar-rouberol.com/text-processing-in-the-shell) - [Text Processing in the Shell](https://blog.balthazar-rouberol.com/text-processing-in-the-shell)
- [Subdomain Enumeration Script](https://twitter.com/Sin_Khe/status/1242785016884625409) - [Subdomain Enumeration Script](https://twitter.com/Sin_Khe/status/1242785016884625409)
- [ShellCheck](https://www.shellcheck.net/) - for finding Bugs in your Shell Scripts - [ShellCheck](https://www.shellcheck.net/) - for finding Bugs in your Shell Scripts
- [Bug Bounty with Bash](https://medium.com/cyberverse/bug-bounty-with-bash-438596ff72f5) - by Aditya Soni
### Learning Platforms
- [Exercism](https://exercism.io/) - "Code Practice and Mentorship.."
- [CodeCademy](https://www.codecademy.com/)
- [Khan Academy](https://www.khanacademy.org/computing/computer-programming)
- [Learn Python the Hard Way](https://learnpythonthehardway.org/)
- [Udacity](https://www.udacity.com/)
--- ---
back to [Intro Page](/README.md) back to [Intro Page](/README.md)

13
assets/health.md Normal file
View file

@ -0,0 +1,13 @@
# Resources-for-Beginner-Bug-Bounty-Hunters
## Mindset & Mental Health 🧘‍♂️
Bug Bounties is a task that can be very challenging and competitive and it can also hard to find the "right" entry point for some beginners. I wanted to have a small dedicated category where we can gather resources for you all to keep a healthy and good mindset to get the ball rolling, but also not to burn out too often.
(Thanks STÖK for putting out great videos regarding this point)
Getting in the right Mindset:
- [Mental Hacking 4 Better Bounties:](https://youtu.be/roVg_wgGgxQ) by STÖK
---
back to [Intro Page](/README.md)

View file

@ -15,6 +15,8 @@
- [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337 - [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337
- [TryHackMe](https://tryhackme.com) | Cool Hacking & Pentesting Labs with Web Challenges - [TryHackMe](https://tryhackme.com) | Cool Hacking & Pentesting Labs with Web Challenges
- Videos: [TryHackMe! Basic Penetration Testing](https://www.youtube.com/watch?v=xl2Xx5YOKcI) // [TryHackMe! EternalBlue/MS17-010 in Metasploit](https://www.youtube.com/watch?v=s6rwS7UuMt8) // [TryHackMe! OhSINT - METADATA & Research](https://www.youtube.com/watch?v=oF0TQQmFu4w) - Videos: [TryHackMe! Basic Penetration Testing](https://www.youtube.com/watch?v=xl2Xx5YOKcI) // [TryHackMe! EternalBlue/MS17-010 in Metasploit](https://www.youtube.com/watch?v=s6rwS7UuMt8) // [TryHackMe! OhSINT - METADATA & Research](https://www.youtube.com/watch?v=oF0TQQmFu4w)
- [Cyberseclabs](https://www.cyberseclabs.co.uk/)
- [Kontra Application Security Training](https://application.security/free-application-security-training)
--- ---
back to [Intro Page](/README.md) back to [Intro Page](/README.md)

View file

@ -11,6 +11,7 @@ Here you find listings to useful media creations that can help beginners in diff
--- ---
## Youtube Channels ## Youtube Channels
- [Curated List of YT Channels](https://threader.app/thread/1248351836672872456) by TCM
- [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs - [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs
- [STÖK](https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg) - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs - [STÖK](https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg) - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs
- [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) - Educational Videos about CTFs, Hacking in General - [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) - Educational Videos about CTFs, Hacking in General
@ -50,7 +51,10 @@ Michal Zalewski
In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offfers great book deals for an awesome price, so have a eye out for those. In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offfers great book deals for an awesome price, so have a eye out for those.
## Twitter ## Twitter
This List does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
### Curated Bug-Bounty List on Twitter by [@securibee](https://twitter.com/securibee): [Link](https://twitter.com/i/lists/1253517962272743424)<br>
The following list does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
| Name | Topics | | Name | Topics |
| ------------------------------------------------------- | ---------------------------------------------------------------------------- | | ------------------------------------------------------- | ---------------------------------------------------------------------------- |

View file

@ -10,6 +10,7 @@ Since there are quite a lot of people asking for Beginner Guides to Mobile Hacki
- [The Mobile Hacking CheatSheet](https://github.com/randorisec/MobileHackingCheatSheet) - Randorisec - [The Mobile Hacking CheatSheet](https://github.com/randorisec/MobileHackingCheatSheet) - Randorisec
- [Introduction to Android Hacking ](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [@0xteknogeek](https://twitter.com/0xteknogeek) - [Introduction to Android Hacking ](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [@0xteknogeek](https://twitter.com/0xteknogeek)
- [Android Pentesting](https://github.com/riddhi-shree/nullCommunity/tree/master/Android) (Github repo containing hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools) - [Android Pentesting](https://github.com/riddhi-shree/nullCommunity/tree/master/Android) (Github repo containing hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools)
- [Android App Reverse Engineering 101](https://maddiestone.github.io/AndroidAppRE/) by [@maddiestone](https://twitter.com/maddiestone)
## Tools ## Tools
Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking). Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking).

View file

@ -2,7 +2,7 @@
## Setup 💻 ## Setup 💻
This section will help you set up your testing environement. This section will help you set up your testing environement.
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk) by nahamsec - [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk) - by nahamsec
- [Setting up your own web server on a VPS](https://www.linux.com/learn/easy-lamp-server-installation) - [Setting up your own web server on a VPS](https://www.linux.com/learn/easy-lamp-server-installation)
- [Setting up virtualbox + linux](https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox) - [Setting up virtualbox + linux](https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox)
- [Docker For Pentesting And Bug Bounty Hunting](https://www.youtube.com/watch?v=5G6tA8Q9AuQ) - [Docker For Pentesting And Bug Bounty Hunting](https://www.youtube.com/watch?v=5G6tA8Q9AuQ)
@ -11,6 +11,7 @@ This section will help you set up your testing environement.
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion - [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow - [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp - [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
- [Creating Wordlists for Pentesting & Bug Bounty](https://www.youtube.com/watch?v=QGbTaxtEQlg) - by nahamsec
## Burp Suite ## Burp Suite
This section should help you get familiar with BurpSuite. This section should help you get familiar with BurpSuite.
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101 - [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101

View file

@ -48,6 +48,7 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
|[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)| |[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)|
|[Knockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)| |[Knockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)|
|[crithit](https://github.com/codingo/crithit)|Takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.|C++|[codingo](https://github.com/codingo)| |[crithit](https://github.com/codingo/crithit)|Takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.|C++|[codingo](https://github.com/codingo)|
|[nuclei](https://github.com/projectdiscovery/nuclei)|"Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use."|Go|[ProjectDiscovery](https://github.com/projectdiscovery)|
#### OSINT Webpages #### OSINT Webpages
@ -86,6 +87,8 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
| Name | Description | Written in | Created by | | Name | Description | Written in | Created by |
|------ |------------- | ------------ |------------- | |------ |------------- | ------------ |------------- |
|Frida|||| |Frida||||
|[jadx](https://github.com/skylot/jadx)|Dex to Java decompiler|Java|skylot|
|[Ghidra](https://ghidra-sre.org/)|"A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"|Java|NSA|
|[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan| |[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan|
|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)| |[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
|[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team| |[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team|