@trozonsec

Hardest-challenge-for-college-students-today

Massive-Web-Application-Penetration-Testing-Bug-Bounty

Use all subdomains tools in a single shot

THE 10 MOST COMMON BUGS OF 2021 SO FAR, AND HOW TO FIND THEM!

Top 25 Vulnerability Parameters based on frequency

Android Penetration Testing

BurpSuite-For-Pentester(Cheat Sheet)

“Scope Based Recon: Smart Recon Tactics” by Harsh Bothra

Damn Vulnerable GraphQL Application

AppSec Findings Database List

Reverse Proxy Cheat Sheet

Finding 0day to hack Apple

Start Bug Bounty from Scratch in 2021- Beginners Guide

File Upload Checklist

Story of a really cool SSRF bug.

Facebook $30,000 bounty | Create post on any Facebook page

Breaking down — Command Injections

Identifying & Escalating HTTP Host Header Injection attacks

Server-Side Request Forgery — SSRF: Exploitation Technique

Facebook bug bounty (500 USD)

SSRF Techniques (Xmind by d0nut)

AllThingsSSRF by jdonsec

Bxss - A Blind XSS Injector tool

Blind SQL Injection Detection and Exploitation (Cheatsheet)

“Testing for Directory or Path Traversal Vulnerabilities” by goswamiijaya

Account Takeover via common misconfiguration in Facebook login

Cross-Site Scripting Exploitation

Fun with IP address parsing

Exploiting Subdomain Takeover on S3

$10000 Facebook SSRF (Bug Bounty)

Bug Bounty Tips #10

How I exploit the JSON CSRF with method override technique

Your Full Map To Github Recon And Leaks Exposure

𝗖𝗹𝗼𝘂𝗱𝗹𝗶𝘀𝘁 — A multi-cloud tool for listing 𝗔𝘀𝘀𝗲𝘁𝘀 from various cloud providers

“An Account Takeover Vulnerability Due to Response Manipulation.” by Avanish Pathak

“20 Things Most People Learn Too Late In Life” by Nicolas Cole

Attacking JSON Web Tokens (JWTs)” by Neha Tariq

View on mobile

Explore other Linktrees

straycats@straycats

rachelscanlon@rachelscanlon

Melissa Becraft@melissabecraft

Jenn Leuke@jenneatsgoood

Popcast@popcast

Billie Eilish@billieeilish

morepurposepod@morepurposepod

Sabrina Carpenter@sabrinacarpenter

breakingrust@breakingrust