Some Resources to apply in a bugbounty

Table of Contents

1. Bug Bounty Platforms
2. Learn Bug Bounty
3. Vulnerabilities
4. PHP Shells
5. Subdomain and TakeOver Tools
6. BurpSuite Extensions
7. Usefull Things

Bug Bounty Platforms:

Open For Signup

• HackerOne
• Bugcrowd
• BountyFactory
• Intigriti
• Bugbountyjp
• Safehats
• BugbountyHQ
• Hackerhive
• Hackenproof

Invite based Platforms

• Synack
• Cobalt
• Zerocopter
• Yogosha
• Bugbountyzone
• Antihack.me
• Vulnscope

Learn Bug Bounty:

• Guide to learn hacking-Youtube
• Portswigger Academy-Web
• Nahamsec’s-Twitch
• Nahamsec interviews with top bug bounty hunters-Youtube
• Nahamsec’s beginner repo-GitHub
• Stök-Youtube
• InsiderPhD-Youtube
• Jhaddix-Youtube
• Blogs from Hacker101 members on how to get started hacking:
  • zonduu-Blog
  • p4nda-Blog
• hacker101 videos

Vulnerabilities:

XSS:

• https://github.com/erik-451/XSS
• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xss.md
• https://github.com/ismailtasdelen/xss-payload-list
• https://github.com/dwisiswant0/findom-xss

SQLi:

• https://github.com/erik-451/SQLi
• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/sqli.md
• https://github.com/Y000o/sql_injection_basic/blob/master/sql_injection_basic.md
• https://geekwire.eu/sql-injection/

SSRF:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/ssrf.md
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery

CRLF:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crlf.md
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection
• https://owasp.org/www-community/attacks/csrf

CSV-Injection:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/csv-injection.md
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSV%20Injection

Command Injection

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20Injection

Directory Traversal:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Directory%20Traversal

LFI:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/lfi.md
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion
• https://github.com/D35m0nd142/LFISuite
• https://hipotermia.pw/bb/bugpoc-lfi-challenge
• https://raw.githubusercontent.com/emadshanab/LFI-Payload-List/master/LFI%20payloads.txt

XXE:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xxe.md
• https://corneacristian.medium.com/top-25-xxe-bug-bounty-reports-ab4ca662afad
• https://gosecure.github.io/xxe-workshop/

Open-Redirect:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/open-redirect.md

RCE:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/rce.md

Crypto:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crypto.md

Template Injection:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/template-injection.md
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection

XSLT:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xslt.md

Content Injection:

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/content-injection.md

LDAP Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection

NoSQL Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/NoSQL%20Injection

CSRF Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSRF%20Injection

GraphQL Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection

IDOR:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Direct%20Object%20References

ISCM:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Source%20Code%20Management

LaTex Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LaTeX%20Injection

OAuth:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/OAuth

XPATH Injection:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20Injection

Bypass Upload Tricky:

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files
• https://github.com/bminossi/AllVideoPocsFromHackerOne

PHP Shells:

• Simple Shell

• B374K Shell

• C99 Shell

• R57 Shell

• Wso Shell

• 0byt3m1n1 Shell

• Alfa Shell

• AK-47 Shell

• Indoxploit Shell

• Marion001 Shell

• Mini Shell

• p0wny-shell

• Sadrazam Shell

• Webadmin Shell

• Wordpress Shell

• LazyShell

• https://github.com/bastillion-io/Bastillion

Subdomain and TakeOver Tools:

SubDomain TakeOver:

• SubDomain TakeOver Scanner by 0x94: https://github.com/antichown/subdomain-takeover

• Subdomain Takeover Scanner: https://github.com/SaadAhmedx/Subdomain-Takeover

• Subzy:
  • https://github.com/LukaSikic/subzy
  • Subdomain takeover vulnerability checker
• TakeOverV1:
  • https://github.com/samhaxr/TakeOver-v1
  • The takeover script extracts the CNAME record of all subdomains at once. TakeOver saves researchers time and increases the chances of finding a subdomain takeover vulnerability.

Tools for Subdomains:

• SubR3con:
  • https://github.com/rohitcoder/SubR3con
  • Specific target and then check the status code for a possible subdomain takeover vulnerability.

• DNS Wordlist: https://github.com/ZephrFish/Wordlists/blob/master/HugeDNS.7z

• https://github.com/1N3/BruteX
• https://github.com/1N3/BlackWidow
• https://github.com/sa7mon/S3Scanner
• https://github.com/MichaelStott/CRLF-Injection-Scanner
• https://github.com/jaeles-project/jaeles
• https://github.com/random-robbie/kube-scan
• https://github.com/hash3liZer/Subrake
• https://github.com/j3ssie/Osmedeus
• https://github.com/sullo/nikto

BurpSuite Extensions:

• Sitemap Extractor
• Param-Miner
• Autorize
• BurpJSLinkFinder
• BurpBounty
• domain_hunter

Usefull Things:

6 Methods to bypass CSRF protection on a web application:

• https://shahmeeramir.com/methods-to-bypass-csrf-protection-on-a-web-application-3198093f6599

Exploit - Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE:

• https://cxsecurity.com/issue/WLB-2020090079

Java deserelization:

• https://github.com/ikkisoft/SerialKiller
• https://pivotal.io/security/cve-2020-5398
• https://github.com/motikan2010/CVE-2020-5398/

Tools and tricks for bug bounty:

• https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/

Vulnerability map:

• https://www.xmind.net/m/2QyGbx/

Map of the bug bounty:

• https://www.xmind.net/m/VWTC3u/

21 Things you can do with an XSS:

• https://s0md3v.github.io/21-things-xss/

Tips for Bug Bounty:

• https://github.com/devanshbatham/Awesome-Bugbounty-Writeups

Info for beginners:

• https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

Help:

• Cheat Sheet Python: https://blog.underc0de.org/cheat-sheet-python/

• The bash bible: https://github.com/dylanaraps/pure-bash-bible
• Machine Learning for cybersecurity: https://github.com/jivoi/awesome-ml-for-cybersecurity
• Page with many useful tools: https://technisette.com/p/home
  • Databases
  • A lot of Tools
• Shodan search queries: https://github.com/jakejarvis/awesome-shodan-queries