Follow me on

Twitter: Scalar360


Monthly List of blogs, To community from community [MARCH]

List of blogs which I found worth reading (Latest writups, Old writeup, Tools). Specially for bug bounty hunters. 

-To all authors
    Thanks a lot for writing and sharing🙏


01-03-2020:

https://aadityapurani.com/2016/07/20/how-i-hacked-your-beats-account-apple-bug-bounty

https://hackerone.com/reports/548094

https://medium.com/@ozguralp/using-vulnerability-analytics-feature-like-a-boss-655fc1f1543b
 

https://hackerone.com/reports/736867
 

https://philippeharewood.com/facebookmarketingdevelopers-com-proxies-csrf-quandry-and-api-fun
 

https://hackerone.com/reports/100820


05-03-2020: 

https://www.ehackingnews.com/2020/03/google-rewards-100000-in-bug-bounty.html


https://vimeo.com/291312866
 

https://whitton.io/articles/messenger-site-wide-csrf
 

https://hackerone.com/reports/737140

https://medium.com/@sw33tlie/finding-a-p1-in-one-minute-with-shodan-io-rce-735e08123f52
 

https://hethical.io/paypal-bug-bounty-updating-the-paypal-me-profile-picture-without-consent-csrf-attack



10-03-2020

http://www.geekboy.ninja/blog/airbnb-bug-bounty-turning-self-xss-into-good-xss-2

https://ngailong.wordpress.com/2017/08/07/uber-login-csrf-open-redirect-account-takeover

https://0xdf.gitlab.io/2019/03/09/htb-ethereal-shell.html

https://www.adamlogue.com/turning-blind-rce-into-good-rce-via-dns-exfiltration-using-collabfiltrator-burp-plugin

https://medium.com/bugbountywriteup/bounty-tip-how-to-push-injection-through-json-xml-stubs-for-api-699f4959fc5

https://httpsonly.blogspot.com/2016/08/turning-self-xss-into-good-xss-v2.html



15-03-2020:

https://medium.com/@mrnikhilsri/unauthenticated-account-takeover-through-http-leak-33386bb0ba0b

https://github.com/evait-security/envizon

https://github.com/Dormidera/WordList-Compendium

https://hackerone.com/reports/713

https://projectdiscovery.io      --->     https://github.com/projectdiscovery/shuffledns

https://medium.com/sourav-sahana/razer-mobile-pin-verification-bypass-1k-bug-2eb1485796b3



20-03-2020: 

https://hackerone.com/reports/604534

https://medium.com/a-bugz-life/the-bugs-are-out-there-hiding-in-plain-sight-12d056613ea3 

https://hackersonlineclub.com/command-injection-cheatsheet/

https://github.com/m4ll0k/AWSGen.py

https://medium.com/swlh/proxying-like-a-pro-cccdc177b081

https://github.com/saeeddhqan/Maryam



25-03-2020:

https://hackerone.com/reports/314808

https://medium.com/bugbountywriteup/account-take-over-vulnerability-in-google-acquisition-famebit-e93b1a0a7af9

https://portswigger.net/bappstore/17544cadcec64dcf8ed68df8518592e4

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938

http://yasserali.com/hacking-paypal-accounts-with-one-click

https://github.com/thewhiteh4t/finalrecon 

Comments

Popular Posts