mirror of
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters.git
synced 2024-11-25 05:00:24 +00:00
2020.05 update
This commit is contained in:
parent
55208f735f
commit
bf9a194d80
13 changed files with 152 additions and 34 deletions
7
CONTRIBUTORS.md
Normal file
7
CONTRIBUTORS.md
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
A Big Thank You to the Main-Contributors of the Repo:<br>
|
||||||
|
Securibee<br>
|
||||||
|
Nahamsec<br>
|
||||||
|
AshF0x<br>
|
||||||
|
Cody Brocious (@daeken)<br>
|
||||||
|
|
||||||
|
and of course everyone else who sends in suggestions for the repo itself <3
|
|
@ -6,7 +6,7 @@ There are a number of new hackers joining the community on a regular basis and m
|
||||||
|
|
||||||
We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br>
|
We understand that there are more resources other than the ones we have listed and we hope to cover more resources in the near future!<br>
|
||||||
|
|
||||||
## Current Version: 2020.04
|
## Current Version: 2020.05
|
||||||
|
|
||||||
[Changelog: See what's new!](/assets/changelog.md) 📣
|
[Changelog: See what's new!](/assets/changelog.md) 📣
|
||||||
|
|
||||||
|
@ -24,3 +24,8 @@ We understand that there are more resources other than the ones we have listed a
|
||||||
- [Hardware & IoT](/assets/hardware.md)
|
- [Hardware & IoT](/assets/hardware.md)
|
||||||
- [Blog posts & Talks](/assets/blogposts.md)
|
- [Blog posts & Talks](/assets/blogposts.md)
|
||||||
- [Media Resources](/assets/media.md)
|
- [Media Resources](/assets/media.md)
|
||||||
|
- [Certifications](/assets/certs.md)
|
||||||
|
- [Mindset & Mental Health](/assets/mind.md)
|
||||||
|
|
||||||
|
---
|
||||||
|
If you have more questions or suggestions, come the [Discord Server](https://discord.gg/9jZxjQ5) of nahamsec !
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
# Resources-for-Beginner-Bug-Bounty-Hunters
|
# Resources-for-Beginner-Bug-Bounty-Hunters
|
||||||
|
|
||||||
## Table of Contents
|
|
||||||
|
## Basics 🤓
|
||||||
|
|
||||||
|
### Table of Contents
|
||||||
1. [Stanford CS 253 Web Security](#Stanford-CS-253-Web-Security)
|
1. [Stanford CS 253 Web Security](#Stanford-CS-253-Web-Security)
|
||||||
2. [HTTP basics](#HTTP-basics)
|
2. [HTTP basics](#HTTP-basics)
|
||||||
3. [Networking basics](#Networking-basics)
|
3. [Networking basics](#Networking-basics)
|
||||||
|
@ -8,21 +11,21 @@
|
||||||
5. [Automation](#Automation)
|
5. [Automation](#Automation)
|
||||||
|
|
||||||
|
|
||||||
## Stanford CS 253 Web Security
|
### Stanford CS 253 Web Security
|
||||||
|
|
||||||
- [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross)
|
- [Stanford CS 253 Web Security](https://web.stanford.edu/class/cs253/) - by [@feross](https://twitter.com/feross)
|
||||||
- "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues."
|
- "This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues."
|
||||||
|
|
||||||
## HTTP basics
|
### HTTP basics
|
||||||
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
|
In order to be able to learn what and how an application works, you need to be able to understand how you are communicating with it. This section is dedicated to all the resources to understand the HTTP basics.
|
||||||
- All in one resource: https://www.hacker101.com/sessions/web_in_depth
|
- All in one resource: https://www.hacker101.com/sessions/web_in_depth
|
||||||
HTTP basics
|
- HTTP basics
|
||||||
Cookie security
|
- Cookie security
|
||||||
HTML parsing
|
- HTML parsing
|
||||||
MIME sniffing
|
- MIME sniffing
|
||||||
Encoding sniffing
|
- Encoding sniffing
|
||||||
Same-Origin Policy
|
- Same-Origin Policy
|
||||||
CSRF (Cross-Site Request Forgery)
|
- CSRF (Cross-Site Request Forgery)
|
||||||
- Request form
|
- Request form
|
||||||
https://www.tutorialspoint.com/http/http_requests.htm
|
https://www.tutorialspoint.com/http/http_requests.htm
|
||||||
- Response form
|
- Response form
|
||||||
|
@ -33,7 +36,7 @@ https://www.tutorialspoint.com/http/http_status_codes.htm
|
||||||
https://www.tutorialspoint.com/http/http_url_encoding.htm
|
https://www.tutorialspoint.com/http/http_url_encoding.htm
|
||||||
|
|
||||||
|
|
||||||
## Networking basics
|
### Networking basics
|
||||||
Recon is a common terminology used in bug bounties. It’s great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work.
|
Recon is a common terminology used in bug bounties. It’s great if you are already using tools to scan a range of IPs for open ports or find subdomain, however, you should first understand why these things matter and how they work.
|
||||||
- Terminology
|
- Terminology
|
||||||
https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols
|
https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols
|
||||||
|
@ -48,7 +51,7 @@ http://www.penguintutor.com/linux/basic-network-reference
|
||||||
- [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
|
- [Network Fundamentals](https://www.youtube.com/playlist?list=PLDQaRcbiSnqF5U8ffMgZzS7fq1rHUI3Q8), A 19 part Video Series about Networking well explained for Beginners
|
||||||
|
|
||||||
|
|
||||||
## Programming Basics
|
### Programming Basics
|
||||||
Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical.
|
Being a great programmer is not a requirement to be a successful hacker. However, having the ability to make an educated guess, may increase your chances of successfully identifying and exploiting an issue. In a number of cases, you may need to automate your work or know more than just the “basics” in order to escalate a bug with a medium severity to high/critical.
|
||||||
|
|
||||||
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step.
|
- HTML: HTML is very easy to learn and there are a ton of free resources for it. If you are interested in learning about XSS this should be your first step.
|
||||||
|
@ -64,7 +67,7 @@ As always, if you prefer an interactive course, feel free to use Codecademy!
|
||||||
https://www.codecademy.com/learn/learn-sql
|
https://www.codecademy.com/learn/learn-sql
|
||||||
http://www.sqlcourse.com/
|
http://www.sqlcourse.com/
|
||||||
|
|
||||||
## Automation
|
### Automation
|
||||||
You are welcome to skip this section if you think you’ll never need any automation or in depth web application knowledge. However I think learning bash in addition to one the following four languages may help you work smarter rather than harder.
|
You are welcome to skip this section if you think you’ll never need any automation or in depth web application knowledge. However I think learning bash in addition to one the following four languages may help you work smarter rather than harder.
|
||||||
- Bash
|
- Bash
|
||||||
- https://www.learnshell.org/
|
- https://www.learnshell.org/
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
# Resources-for-Beginner-Bug-Bounty-Hunters
|
# Resources-for-Beginner-Bug-Bounty-Hunters
|
||||||
|
|
||||||
## Blog posts 📝
|
## Blog posts & Disclosed Reports 📝
|
||||||
A collection of Blog Posts ordered by Vulnerability Types
|
A collection of Blog Posts ordered by Vulnerability Types
|
||||||
|
- [Starting out & Tips](#Starting-Out-&-Questions)
|
||||||
- [XSS](#XSS)
|
- [XSS](#XSS)
|
||||||
- [DOM XSS](#DOM-XSS)
|
- [DOM XSS](#DOM-XSS)
|
||||||
- [Sored XSS](#Stored-XSS)
|
- [Stored XSS](#Stored-XSS)
|
||||||
- [CSP Bypass](#CSP-Bypass)
|
|
||||||
- [SSRF](#SSRF)
|
- [SSRF](#SSRF)
|
||||||
- [Vulnerability Scanning](#Vulnerability-Scanning)
|
- [Vulnerability Scanning](#Vulnerability-Scanning)
|
||||||
- [Token / Authentication](#Token-/-Authentication)
|
- [Token / Authentication](#Token-/-Authentication)
|
||||||
|
@ -25,6 +25,13 @@ A collection of Blog Posts ordered by Vulnerability Types
|
||||||
- [API](#API)
|
- [API](#API)
|
||||||
- [Misc](#Misc)
|
- [Misc](#Misc)
|
||||||
---
|
---
|
||||||
|
## Starting out & Tips
|
||||||
|
- [Basic Bug Bounty FAQ](http://blog.oath.ninja/basic-bug-bounty-faq/) - by [@thedawgyg](https://twitter.com/thedawgyg)
|
||||||
|
- [Getting started in Cyber Security in 2019 – The Complete Guide](https://www.ceos3c.com/hacking/getting-started-cyber-security-complete-guide/) - by ceos3c
|
||||||
|
- [WTF is a Bug Bounty?](https://www.ceos3c.com/hacking/ethical-hacking-diaries-1-wtf-is-a-bug-bounty/) - by ceos3c
|
||||||
|
- [How to Set up Certificate-Based SSH for Bug Hunting](https://medium.com/@c0ldbr3w/how-to-set-up-certificate-based-ssh-for-bug-hunting-bonus-ef4af95fca05) - by Mack Staples
|
||||||
|
- [XSS in Google Colaboratory + CSP bypass](https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html) by Michał Bentkowski
|
||||||
|
- [Zseano’s notes on hacking & mentoring](https://blog.intigriti.com/2020/04/29/bug-business-3-zseanos-notes-on-hacking-mentoring/) by Intigriti & Zseano
|
||||||
## XSS
|
## XSS
|
||||||
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
|
You can find a ton of awesome XSS reports by searching through the HackerOne Hacktivity Page (https://hackerone.com/hacktivity?querystring=XSS). Here are some more complex and some of my favorite XSS related blog posts:
|
||||||
|
|
||||||
|
@ -35,6 +42,7 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
|
||||||
- [Microsoft Edge (Chromium) - EoP via XSS to Potential RCE](https://leucosite.com/Edge-Chromium-EoP-RCE/) - [@Qab](https://twitter.com/qab)
|
- [Microsoft Edge (Chromium) - EoP via XSS to Potential RCE](https://leucosite.com/Edge-Chromium-EoP-RCE/) - [@Qab](https://twitter.com/qab)
|
||||||
- [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh
|
- [Reflected XSS in https://blocked.myndr.net](https://hackerone.com/reports/824433) - Thilakesh
|
||||||
- [Google Bug Bounty Writeup- XSS Vulnerability](https://pethuraj.com/blog/google-bug-bounty-writeup/) - [@itsmepethu](https://twitter.com/itsmepethu)
|
- [Google Bug Bounty Writeup- XSS Vulnerability](https://pethuraj.com/blog/google-bug-bounty-writeup/) - [@itsmepethu](https://twitter.com/itsmepethu)
|
||||||
|
- [How to solve the INTIGRITI Easter XSS challenge using only Chrome Devtools](https://www.youtube.com/watch?v=IhPsBMBDFcg) - by STÖK
|
||||||
|
|
||||||
|
|
||||||
### DOM XSS
|
### DOM XSS
|
||||||
|
@ -50,13 +58,12 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
|
||||||
- [Yahoo Mail stored XSS](https://klikki.fi/adv/yahoo.html) - Jouko Pynnönen
|
- [Yahoo Mail stored XSS](https://klikki.fi/adv/yahoo.html) - Jouko Pynnönen
|
||||||
- [Yahoo Mail stored XSS #2](https://klikki.fi/adv/yahoo2.html) - Jouko Pynnönen
|
- [Yahoo Mail stored XSS #2](https://klikki.fi/adv/yahoo2.html) - Jouko Pynnönen
|
||||||
- [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár
|
- [Account Recovery XSS](https://sites.google.com/site/bughunteruniversity/best-reports/account-recovery-xss) - Gábor Molnár
|
||||||
### CSP Bypass
|
|
||||||
- https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html
|
|
||||||
|
|
||||||
## SSRF
|
## SSRF
|
||||||
- [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019
|
- [DEF CON 27 Conference - Ben Sadeghipour - Owning The Clout Through Server Side Request Forgery](https://www.youtube.com/watch?v=o-tL9ULF0KI)<br>- Nahamsec & daeken | DEFCON 2019
|
||||||
- [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
|
- [Piercing The Veil: Server Side Request Forgery Attacks On Internal Networks](https://peertube.opencloud.lu/videos/watch/40f39bfe-6d3c-40f5-bcab-43f20944ca6a)<br>- Alyssa Herrera | Hack.lu 2019
|
||||||
- [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - Sayed Abdelhafiz
|
- [Vimeo upload function SSRF](https://medium.com/@dPhoeniixx/vimeo-upload-function-ssrf-7466d8630437) - Sayed Abdelhafiz
|
||||||
|
- [Piercing the Veal](https://medium.com/@d0nut/piercing-the-veal-short-stories-to-read-with-friends-4aa86d606fc5) - by d0nut
|
||||||
|
|
||||||
|
|
||||||
## Vulnerability Scanning
|
## Vulnerability Scanning
|
||||||
|
@ -66,6 +73,7 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
|
||||||
- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal
|
- [Abusing feature to steal your tokens](https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74) - Harsh Jaiswal
|
||||||
- [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - Ananda Dhakal
|
- [How I was able to bypass OTP code requirement in Razer [The story of a critical bug]](https://medium.com/bugbountywriteup/how-i-was-able-to-bypass-otp-token-requirement-in-razer-the-story-of-a-critical-bug-fc63a94ad572?) - Ananda Dhakal
|
||||||
- [Bypassing GitHub's OAuth flow](https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html) - [@not_aardvark](https://twitter.com/not_aardvark)
|
- [Bypassing GitHub's OAuth flow](https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html) - [@not_aardvark](https://twitter.com/not_aardvark)
|
||||||
|
- [Subdomain Takeover to Authentication bypass](https://hackerone.com/reports/335330) - by geekboy
|
||||||
|
|
||||||
|
|
||||||
## SQL Injection
|
## SQL Injection
|
||||||
|
@ -137,9 +145,11 @@ You can find a ton of awesome XSS reports by searching through the HackerOne Hac
|
||||||
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
|
- [Cracking reCAPTCHA, Turbo Intruder style](https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style) - James Kettle
|
||||||
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
|
- [Abusing ImageMagick to obtain RCE](https://strynx.org/imagemagick-rce/) - [strynx](https://strynx.org/)
|
||||||
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
|
- [How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN](https://blog.detectify.com/2019/09/19/alyssa-herrera-pulse-corporate-networks-ssl-vpn/) - [Alyssa Herrera](https://twitter.com/Alyssa_Herrera_)
|
||||||
- [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) - by [@leonishan_](https://twitter.com/leonishan_)
|
- [2 Cases of Path Traversal](https://jlajara.gitlab.io/posts/2020/03/29/Path_Traversal.html) by [@leonishan_](https://twitter.com/leonishan_)
|
||||||
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) - by [James Kettle](https://twitter.com/albinowax)
|
- [Top 10 web hacking techniques of 2019](https://portswigger.net/research/top-10-web-hacking-techniques-of-2019) by [James Kettle](https://twitter.com/albinowax)
|
||||||
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) - by Github
|
- [Understanding Search Syntax on Github](https://help.github.com/en/github/searching-for-information-on-github/understanding-the-search-syntax#exclude-certain-results) by Github
|
||||||
|
- [URL link spoofing (Slack)](https://hackerone.com/reports/481472) by Akaki Tsunoda (akaki)
|
||||||
|
- [Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts](https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts/) by Sam Curry
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
16
assets/certs.md
Normal file
16
assets/certs.md
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# Resources-for-Beginner-Bug-Bounty-Hunters
|
||||||
|
|
||||||
|
## Certifications 📜
|
||||||
|
|
||||||
|
Quite a lot of beginners ask about certifications and if they can help in Bug Bounty. Similar to Coding itself it is a nice thing to have but not a necessity to be successful.<br>
|
||||||
|
Due to the fact that a lot more Hunters are trying to get better in different fields, and are curious about the certifications, I wanted to add some Info and Notes about some of them.
|
||||||
|
### OSCP
|
||||||
|
- OSCP Videos from John Hammond:
|
||||||
|
- [OSCP - Taking Notes & Resources](https://www.youtube.com/watch?v=MQGozZzHUwQ)
|
||||||
|
- [100% OSCP: Offensive Security Certified Professional](https://www.youtube.com/watch?v=kdobdnQ2sGw)
|
||||||
|
- [ALL NEW OSCP - REVAMPED 2020](https://www.youtube.com/watch?v=wjTt-5mfyhY)
|
||||||
|
- [OSCP Preparation](https://github.com/superhero1/OSCP-Prep) by sup3rhero1
|
||||||
|
- [TJnull’s Preparation Guide for PWK/OSCP](https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html)
|
||||||
|
|
||||||
|
---
|
||||||
|
back to [Intro Page](/README.md)
|
|
@ -5,7 +5,56 @@
|
||||||
Updates to this repo will be pushed monthly. You can read about the latest changes below.
|
Updates to this repo will be pushed monthly. You can read about the latest changes below.
|
||||||
|
|
||||||
---
|
---
|
||||||
## Update 2020.04
|
## ___Update 2020.05___
|
||||||
|
### Added
|
||||||
|
- [Media](/assets/media.md):
|
||||||
|
- New curated **Bug Bounty List** (Twitter)
|
||||||
|
- **Curated List of YT Channels** by TCM
|
||||||
|
- [Labs](/assets/labs.md):
|
||||||
|
- **Kontra Application Security Training**
|
||||||
|
- **Cyberseclabs**
|
||||||
|
- [Coding](/assets/coding.md):
|
||||||
|
- **Exercism**
|
||||||
|
- **CodeCademy**
|
||||||
|
- **Khan Academy**
|
||||||
|
- **Learn Python the Hard Way**
|
||||||
|
- **Udacity**
|
||||||
|
- **Bug Bounty with Bash**
|
||||||
|
- [Setup](/assets/setup.md):
|
||||||
|
- New Video by nahamsec: **Creating Wordlists for Pentesting & Bug Bounty**
|
||||||
|
- [Blogposts & Disclosed Reports](/assets/blogposts.md):
|
||||||
|
- **Piercing the Veal** by d0nut
|
||||||
|
- **Basic Bug Bounty FAQ** by dawgyg
|
||||||
|
- **How to Set up Certificate-Based SSH for Bug Hunting** by Mack Staples
|
||||||
|
- **Getting started in Cyber Security in 2019 – The Complete Guide** by ceos3c
|
||||||
|
- **WTF is a Bug Bounty?** by ceos3c
|
||||||
|
- **How to solve the INTIGRITI Easter XSS challenge using only Chrome Devtools** by STÖK
|
||||||
|
- **URL link spoofing (Slack)** by Akaki Tsunoda (akaki)
|
||||||
|
- **Subdomain Takeover to Authentication bypass** by geekboy
|
||||||
|
- **Zseano’s notes on hacking & mentoring** by Intigriti & Zseano
|
||||||
|
- **Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts** by Sam Curry
|
||||||
|
- [Mobile](/assets/mobile):
|
||||||
|
- **Android App Reverse Engineering 101** by Maddie Stone
|
||||||
|
- [Tools](/assets/tools.md):
|
||||||
|
- **Ghidra** -> Mobile
|
||||||
|
- **jadx** -> Mobile
|
||||||
|
- **nuclei** -> Recon & OSINT
|
||||||
|
- New Category: [Certifications](/assets/certs.md)
|
||||||
|
- Fot the moment one Cert: **OSCP**
|
||||||
|
- New Category: [Mindset & Mental Health](/assets/mind.md)
|
||||||
|
### Changes
|
||||||
|
- Changed the formating of the Changelog starting this month to make it cleaner
|
||||||
|
- Removed the links for every new addition to its article.<br>
|
||||||
|
The headers for every category now links to their page instead.
|
||||||
|
- Changed the formatting of the **HTTP** Section in the **Basics** Category
|
||||||
|
- Changed **Blogposts** to -> **Blogposts & Disclosed Reports**
|
||||||
|
- Changed some of the formatting in the XSS Blogposts, cleaner now
|
||||||
|
### Fixes
|
||||||
|
- Fixed some layout errors
|
||||||
|
- Added missing Header in **Basics** Category
|
||||||
|
- Fixed Typos
|
||||||
|
---
|
||||||
|
## ___Update 2020.04___
|
||||||
### Added
|
### Added
|
||||||
- New in [Basics](/assets/basics.md)
|
- New in [Basics](/assets/basics.md)
|
||||||
- Added **Stanford CS 253 Web Security**
|
- Added **Stanford CS 253 Web Security**
|
||||||
|
@ -66,9 +115,8 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
## Update 2020.03
|
## ___Update 2020.03___
|
||||||
### Added
|
### Added
|
||||||
- New: [Smart Contracts](/assets/smartcon.md) (special thanks to [@0xatul](https://twitter.com/0xatul))
|
- New: [Smart Contracts](/assets/smartcon.md) (special thanks to [@0xatul](https://twitter.com/0xatul))
|
||||||
- New White-/yellowpapers in [Smart Contracts](/assets/smartcon.md):
|
- New White-/yellowpapers in [Smart Contracts](/assets/smartcon.md):
|
||||||
|
@ -99,9 +147,8 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
|
||||||
- Format Issue in [Changelog](/assets/changelog.md)
|
- Format Issue in [Changelog](/assets/changelog.md)
|
||||||
- Changed Format in [README](/assets/README.md)
|
- Changed Format in [README](/assets/README.md)
|
||||||
|
|
||||||
|
|
||||||
---
|
---
|
||||||
## Update 2020.02
|
## ___Update 2020.02___
|
||||||
### Added
|
### Added
|
||||||
- New XSS Lab: **XSS Labs from PwnFunction**
|
- New XSS Lab: **XSS Labs from PwnFunction**
|
||||||
- New Recon & OSINT Tool: **Reconness**
|
- New Recon & OSINT Tool: **Reconness**
|
||||||
|
@ -119,10 +166,9 @@ Updates to this repo will be pushed monthly. You can read about the latest chang
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- Typos in [Media](/assets/media.md) (contributed by [securibee](https://github.com/securibee))
|
- Typos in [Media](/assets/media.md) (contributed by [securibee](https://github.com/securibee))
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Update 2020.01
|
## ___Update 2020.01___
|
||||||
### Added
|
### Added
|
||||||
- New changelog page
|
- New changelog page
|
||||||
- New content in [Blogposts](/assets/blogposts.md)
|
- New content in [Blogposts](/assets/blogposts.md)
|
||||||
|
|
|
@ -3,10 +3,11 @@
|
||||||
## Coding & Scripting 🤖
|
## Coding & Scripting 🤖
|
||||||
|
|
||||||
### Info
|
### Info
|
||||||
Many Beginners often ask if Coding is a necessaty for Bug Bounty.<br>
|
Many Beginners often ask if Coding is a necessity for Bug Bounty.<br>
|
||||||
Short Answer: No.<br>
|
Short Answer: No.<br>
|
||||||
But as often discussed on @nahamsec Twitch Channel, it is a good Tool to have in General. Coding can help you a lot with understanding stuff that you will encounter on your Hacking Sessions, but it is also generally a good skill to have in the current times. You can automate your own Tools with Python for example, or write completely new ones if you have a specific task for it in mind. We will add a lot more in here over the next updates and also reorganize the Resources by Languages and so on.
|
But as often discussed on @nahamsec Twitch Channel, it is a good tool to have in General. Coding can help you a lot with understanding stuff that you will encounter on your Hacking Sessions, but it is also generally a good skill to have in the current times. You can automate your Tools with Python for example, or write completely new ones if you have a specific task for it in mind. We will add a lot more in here over the next updates and also reorganize the Resources by Languages and so on.
|
||||||
|
|
||||||
|
TL,DR: ___Python___ and ___Bash___ are really good skills to have and start out with.
|
||||||
### Resources
|
### Resources
|
||||||
- [Bash Scripting Full Course 3 Hours](https://www.youtube.com/watch?v=e7BufAVwDiM)
|
- [Bash Scripting Full Course 3 Hours](https://www.youtube.com/watch?v=e7BufAVwDiM)
|
||||||
- [Explainshell](https://explainshell.com/)
|
- [Explainshell](https://explainshell.com/)
|
||||||
|
@ -14,6 +15,12 @@ But as often discussed on @nahamsec Twitch Channel, it is a good Tool to have in
|
||||||
- [Text Processing in the Shell](https://blog.balthazar-rouberol.com/text-processing-in-the-shell)
|
- [Text Processing in the Shell](https://blog.balthazar-rouberol.com/text-processing-in-the-shell)
|
||||||
- [Subdomain Enumeration Script](https://twitter.com/Sin_Khe/status/1242785016884625409)
|
- [Subdomain Enumeration Script](https://twitter.com/Sin_Khe/status/1242785016884625409)
|
||||||
- [ShellCheck](https://www.shellcheck.net/) - for finding Bugs in your Shell Scripts
|
- [ShellCheck](https://www.shellcheck.net/) - for finding Bugs in your Shell Scripts
|
||||||
|
- [Bug Bounty with Bash](https://medium.com/cyberverse/bug-bounty-with-bash-438596ff72f5) - by Aditya Soni
|
||||||
|
### Learning Platforms
|
||||||
|
- [Exercism](https://exercism.io/) - "Code Practice and Mentorship.."
|
||||||
|
- [CodeCademy](https://www.codecademy.com/)
|
||||||
|
- [Khan Academy](https://www.khanacademy.org/computing/computer-programming)
|
||||||
|
- [Learn Python the Hard Way](https://learnpythonthehardway.org/)
|
||||||
|
- [Udacity](https://www.udacity.com/)
|
||||||
---
|
---
|
||||||
back to [Intro Page](/README.md)
|
back to [Intro Page](/README.md)
|
13
assets/health.md
Normal file
13
assets/health.md
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# Resources-for-Beginner-Bug-Bounty-Hunters
|
||||||
|
|
||||||
|
## Mindset & Mental Health 🧘♂️
|
||||||
|
|
||||||
|
Bug Bounties is a task that can be very challenging and competitive and it can also hard to find the "right" entry point for some beginners. I wanted to have a small dedicated category where we can gather resources for you all to keep a healthy and good mindset to get the ball rolling, but also not to burn out too often.
|
||||||
|
|
||||||
|
(Thanks STÖK for putting out great videos regarding this point)
|
||||||
|
Getting in the right Mindset:
|
||||||
|
- [Mental Hacking 4 Better Bounties:](https://youtu.be/roVg_wgGgxQ) by STÖK
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
back to [Intro Page](/README.md)
|
|
@ -15,6 +15,8 @@
|
||||||
- [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337
|
- [0l4bs - Cross-site scripting labs for web application security enthusiasts](https://github.com/tegal1337/0l4bs) - by tegal1337
|
||||||
- [TryHackMe](https://tryhackme.com) | Cool Hacking & Pentesting Labs with Web Challenges
|
- [TryHackMe](https://tryhackme.com) | Cool Hacking & Pentesting Labs with Web Challenges
|
||||||
- Videos: [TryHackMe! Basic Penetration Testing](https://www.youtube.com/watch?v=xl2Xx5YOKcI) // [TryHackMe! EternalBlue/MS17-010 in Metasploit](https://www.youtube.com/watch?v=s6rwS7UuMt8) // [TryHackMe! OhSINT - METADATA & Research](https://www.youtube.com/watch?v=oF0TQQmFu4w)
|
- Videos: [TryHackMe! Basic Penetration Testing](https://www.youtube.com/watch?v=xl2Xx5YOKcI) // [TryHackMe! EternalBlue/MS17-010 in Metasploit](https://www.youtube.com/watch?v=s6rwS7UuMt8) // [TryHackMe! OhSINT - METADATA & Research](https://www.youtube.com/watch?v=oF0TQQmFu4w)
|
||||||
|
- [Cyberseclabs](https://www.cyberseclabs.co.uk/)
|
||||||
|
- [Kontra Application Security Training](https://application.security/free-application-security-training)
|
||||||
|
|
||||||
---
|
---
|
||||||
back to [Intro Page](/README.md)
|
back to [Intro Page](/README.md)
|
|
@ -11,6 +11,7 @@ Here you find listings to useful media creations that can help beginners in diff
|
||||||
---
|
---
|
||||||
|
|
||||||
## Youtube Channels
|
## Youtube Channels
|
||||||
|
- [Curated List of YT Channels](https://threader.app/thread/1248351836672872456) by TCM
|
||||||
- [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs
|
- [Nahamsec](https://www.youtube.com/nahamsec) - Educational Videos and VODs of his Stream, Vlogs
|
||||||
- [STÖK](https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg) - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs
|
- [STÖK](https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg) - Videos About Hacking, Live Events, Bug Bounty Tips & Vlogs
|
||||||
- [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) - Educational Videos about CTFs, Hacking in General
|
- [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) - Educational Videos about CTFs, Hacking in General
|
||||||
|
@ -50,7 +51,10 @@ Michal Zalewski
|
||||||
In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offfers great book deals for an awesome price, so have a eye out for those.
|
In general ["no starch press"](https://nostarch.com/catalog/security) offers great books in the hacking category. [Humble Bundle](https://www.humblebundle.com) sometimes offfers great book deals for an awesome price, so have a eye out for those.
|
||||||
|
|
||||||
## Twitter
|
## Twitter
|
||||||
This List does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
|
|
||||||
|
### Curated Bug-Bounty List on Twitter by [@securibee](https://twitter.com/securibee): [Link](https://twitter.com/i/lists/1253517962272743424)<br>
|
||||||
|
|
||||||
|
The following list does not exclusively contains Bug Bounty themed Accounts but a broad variety of InfoSec and Hacking.<br>
|
||||||
|
|
||||||
| Name | Topics |
|
| Name | Topics |
|
||||||
| ------------------------------------------------------- | ---------------------------------------------------------------------------- |
|
| ------------------------------------------------------- | ---------------------------------------------------------------------------- |
|
||||||
|
|
|
@ -10,6 +10,7 @@ Since there are quite a lot of people asking for Beginner Guides to Mobile Hacki
|
||||||
- [The Mobile Hacking CheatSheet](https://github.com/randorisec/MobileHackingCheatSheet) - Randorisec
|
- [The Mobile Hacking CheatSheet](https://github.com/randorisec/MobileHackingCheatSheet) - Randorisec
|
||||||
- [Introduction to Android Hacking ](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [@0xteknogeek](https://twitter.com/0xteknogeek)
|
- [Introduction to Android Hacking ](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [@0xteknogeek](https://twitter.com/0xteknogeek)
|
||||||
- [Android Pentesting](https://github.com/riddhi-shree/nullCommunity/tree/master/Android) (Github repo containing hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools)
|
- [Android Pentesting](https://github.com/riddhi-shree/nullCommunity/tree/master/Android) (Github repo containing hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools)
|
||||||
|
- [Android App Reverse Engineering 101](https://maddiestone.github.io/AndroidAppRE/) by [@maddiestone](https://twitter.com/maddiestone)
|
||||||
|
|
||||||
## Tools
|
## Tools
|
||||||
Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking).
|
Tools specific for mobile hacking can be found [here](/assets/tools.md#mobile-hacking).
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
## Setup 💻
|
## Setup 💻
|
||||||
This section will help you set up your testing environement.
|
This section will help you set up your testing environement.
|
||||||
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk) by nahamsec
|
- [Setting Up Your Ubuntu Box for Pentest and Bug Bounty Automation](https://www.youtube.com/watch?v=YhUiAH5SIqk) - by nahamsec
|
||||||
- [Setting up your own web server on a VPS](https://www.linux.com/learn/easy-lamp-server-installation)
|
- [Setting up your own web server on a VPS](https://www.linux.com/learn/easy-lamp-server-installation)
|
||||||
- [Setting up virtualbox + linux](https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox)
|
- [Setting up virtualbox + linux](https://linuxconfig.org/how-to-install-kali-linux-on-virtualbox)
|
||||||
- [Docker For Pentesting And Bug Bounty Hunting](https://www.youtube.com/watch?v=5G6tA8Q9AuQ)
|
- [Docker For Pentesting And Bug Bounty Hunting](https://www.youtube.com/watch?v=5G6tA8Q9AuQ)
|
||||||
|
@ -11,6 +11,7 @@ This section will help you set up your testing environement.
|
||||||
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
|
- [Finding your First Bug and Getting a Bounty - Personal Story by @InsiderPhD](https://www.youtube.com/watch?v=iEDoIEBD7gM) - YouTube Discussion
|
||||||
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
|
- [Introduction to Docker for CTFs](https://www.youtube.com/watch?v=cPGZMt4cJ0I) (Works for Bug Bounty too) - by LiveOverflow
|
||||||
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
|
- [Docker Tutorial for Beginners - A Full DevOps Course on How to Run Applications in Containers](https://www.youtube.com/watch?v=fqMOX6JJhGo) - freecodecamp
|
||||||
|
- [Creating Wordlists for Pentesting & Bug Bounty](https://www.youtube.com/watch?v=QGbTaxtEQlg) - by nahamsec
|
||||||
## Burp Suite
|
## Burp Suite
|
||||||
This section should help you get familiar with BurpSuite.
|
This section should help you get familiar with BurpSuite.
|
||||||
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101
|
- [Setting up Burp (Video Series)](https://www.hacker101.com/playlists/burp_suite) by Hacker101
|
||||||
|
|
|
@ -48,6 +48,7 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
|
||||||
|[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)|
|
|[Reconness](https://github.com/reconness)|A Web App Tool to Run and Keep all your #recon in the same place.|C#|[@reconness](https://twitter.com/reconness)|
|
||||||
|[Knockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)|
|
|[Knockpy](https://github.com/guelfoweb/knock)|A python tool designed to enumerate subdomains on a target domain through a wordlist|Python|[@guelforweb](http://twitter.com/guelfoweb)|
|
||||||
|[crithit](https://github.com/codingo/crithit)|Takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.|C++|[codingo](https://github.com/codingo)|
|
|[crithit](https://github.com/codingo/crithit)|Takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.|C++|[codingo](https://github.com/codingo)|
|
||||||
|
|[nuclei](https://github.com/projectdiscovery/nuclei)|"Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use."|Go|[ProjectDiscovery](https://github.com/projectdiscovery)|
|
||||||
|
|
||||||
|
|
||||||
#### OSINT Webpages
|
#### OSINT Webpages
|
||||||
|
@ -86,6 +87,8 @@ Here you can find links to a bunch of useful tools for Bug Bounty Hunting.
|
||||||
| Name | Description | Written in | Created by |
|
| Name | Description | Written in | Created by |
|
||||||
|------ |------------- | ------------ |------------- |
|
|------ |------------- | ------------ |------------- |
|
||||||
|Frida||||
|
|Frida||||
|
||||||
|
|[jadx](https://github.com/skylot/jadx)|Dex to Java decompiler|Java|skylot|
|
||||||
|
|[Ghidra](https://ghidra-sre.org/)|"A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"|Java|NSA|
|
||||||
|[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan|
|
|[dex2jar](https://github.com/pxb1988/dex2jar)|Useful to convert dex files into jar to decompile the application.|Java, Smali|Bob Pan|
|
||||||
|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
|
|[andriller](https://github.com/den4uk/andriller)|Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. [andriller.com](https://www.andriller.com/)|Python|[Denis Sazonov](https://github.com/den4uk)|
|
||||||
|[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team|
|
|[Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF/)|Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.|Python|MobSF Team|
|
||||||
|
|
Loading…
Reference in a new issue