Hello I'm having doubts regarding SSRF
Generally ssrf present in data fetching mechanisms
If any url contains any form of data like files, ip address any third party link, images, etc there may be chance for SSRF
Mainly we have to check for the top 25 parameters that doesn't mean remaining urls are vulnerable if there are many urls we cannot go to every url placing our Collab url in it what to do in this scenario
Only if you can bypass it to the admin panel functionalities or see any sensitive infos otherwise there's no affect so no bounty it's a normal thing to find an admin panel the problem is how to access it.
Читать полностью…🔰Rate limit bug worth $300 🔰
So, Lets Reproduce the attack
steps to reproduce:
1) First, you have to Signup an account on the website(your target)and make sure that your account exists on the website.
2) Now go to the Forget password parameter, Add email address which is already exists on the website server.
3) Then open the Burp suite, intercept the forget password request and send to the intruder also click on clear.
4) Now select the email address and click on add.
5) Move into the payload section and you can add same email multiple time like 100 or 1000.
6) Now click on start attack.
7) Go to the email account and refresh it so that you can check the bunch of forget password request on you email account.
No rate limit successfully done:)
Mitigation steps:
1 — IP Based Blocking
2 — Captcha
3 — Firewall
4 — Reducing the number of API requests
🔰 Find subdomains using RapidDNS
📃 Add this small function into your .bash_profile to quickly find subdomains using RapidDNS API:
rapiddns(){
curl -s "rapiddns.io/subdomain/\?full=1" \
| grep -oP '_blank">\K[^<]*' \
| grep -v http \
| sort -u
}
We can then use it like this:
rapiddns target.com
If you know nothing about trading please permit me to introduce you to a good company that offers 9% of your capital daily they also trade with bot, you can withdraw profit daily if you are interested inbox me privately for the company link
Читать полностью…Burp suite proxy toggler firefox addOn
Install | Source Code
Pros:
1. Open Source, FOSS
2. Totally Free
3. Just one click to switch (Saves a lot of time)
4. Easy to use
5. Very Lite Weight, Takes almost no RAM, Saves Memory
6. Pre-configured for Burp Suite Proxy
7. Specially made for Pentesters and Bug Bounty Hunters
Source Code | Firefox AddON Install»
Join Our Discord»
Hi everyone, I'm new into bug bounty hunting, please I need someone who can guide me or recommend any course to me on Bug Bounty hunting 🙏
Читать полностью…Hi people i seeking a security analyst position job i have 3 years as freelance and 3 month as corporate exp and skills web , api , mobile network i can join immediatly prefered location delhi , noida , remote dm me for my resume
Читать полностью…i got a new laptop i need a mentor i want to learn pentesting with bug bounty who can help me?
Читать полностью…Instagram IDOR
Broken Access Control
https://www.instagram.com/reel/DAygW3Bh2yN/?igsh=MThzZjgxN2tlNHZ0Zg==
🔰 Session Based Bugs - Old Session Does Not Expire After Password Change 🔰
1️⃣ create An account On Your Target Site
2️⃣ Login Into Two Browser With Same Account(Chrome, FireFox.You Can Use Incognito Mode As well)
3️⃣ Change You Password In Chrome, On Seccessfull Password Change Referesh Your Logged in Account In FireFox/Incognito Mode.
4️⃣ If you'r still logged in Then This Is a Bug
Subdomain Takeover ?
10 Blogs explore about it
https://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06
Hacker0x01/a-guide-to-subdomain-takeovers-ddebe0684a58" rel="nofollow">https://medium.com/@Hacker0x01/a-guide-to-subdomain-takeovers-ddebe0684a58
jeetpal2007/my-first-bounty-ever-from-bug-hunting-worth-100-subdomain-takeover-8047f2588b4f" rel="nofollow">https://medium.com/@jeetpal2007/my-first-bounty-ever-from-bug-hunting-worth-100-subdomain-takeover-8047f2588b4f
jeetpal2007/finally-received-first-bounty-from-starbucks-for-subdomain-takeover-5dbb46d56180" rel="nofollow">https://medium.com/@jeetpal2007/finally-received-first-bounty-from-starbucks-for-subdomain-takeover-5dbb46d56180
DrakenKun/how-to-find-subdomain-takeover-using-httpx-dig-5c2351d380b4" rel="nofollow">https://medium.com/@DrakenKun/how-to-find-subdomain-takeover-using-httpx-dig-5c2351d380b4
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
BrownBearSec/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366" rel="nofollow">https://medium.com/@BrownBearSec/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366
https://gupta-bless.medium.com/exploiting-subdomain-takeover-on-s3-6115730d01d7
Join bugtips for bug bounty tips
Follow Us..;)
https://www.instagram.com/ozans3curity/
ozans3curity" rel="nofollow">https://www.tiktok.com/@ozans3curity
FlipperZero Hacking World’s 👨💻
https://www.instagram.com/reel/DAgZ-mvolZp/?igsh=MTc4ZzRvOXFhY3U2ag==
IF OPEN REDIRECT EXISTS SO TRY TO FIND SSRF YOU CAN CHECK ON YOUTUBE HACKERONE REPORT ETC..
Читать полностью…Using the Flipper Zero to copy a Mifare Ultralight hotel key.
ozans3curity/video/7419632037058940161?is_from_webapp=1&sender_device=pc&web_id=7388426516612875782" rel="nofollow">https://www.tiktok.com/@ozans3curity/video/7419632037058940161?is_from_webapp=1&sender_device=pc&web_id=7388426516612875782
Only if you will find any XSS or improper content disposition it will not block your js
Читать полностью…