Talk and help about bugbounty
How to do server testing in manual? Can you people of the group tell something please?
Читать полностью…Can someone advice his favorite auto recon scripts? Do use your own or smth public (such as smartrecon)? Or your prefer perform recon manually?
Читать полностью…The PTES framework offers a structured approach to penetration testing, encompassing various phases such as pre-engagement, intelligence gathering, vulnerability analysis, exploitation, post-exploitation, and reporting. By following the PTES guidelines, penetration testers can ensure a systematic and thorough assessment of the target environment.
http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
Does any bro has the OSWP course material with no water mark. Mank thanks~
Читать полностью…Who knows how to perform a dirsearch if the main page redirects to another page?
Читать полностью…Great opportunity to grow your skills in AI, help in solving global issues and win the $$$ prizes at the same time !
Читать полностью…Hi guys, I need some urgent help, The android application detects the usb debugging enabled by using appsealing so is there any way to bypass it?
Читать полностью…if anyone want CEH, ccse , csa , comptia a+, security+,pentest+ linux+ , ejpt , itprotv , and any other related course than dm me
Читать полностью…in documentation include the exploit so they can see the impact that is called proof of concept
Читать полностью…Can anyone plz provide aditya shende bug bounty course
Читать полностью…a property is interpreted as a string and returned to you
Читать полностью…Hi everyone. I was developing burp extension.
I can add custom tab for HTTP. but cannot for WebSockets. is there someone who know??
Thanks
Is it important to know javascript before going into bug bounty?
Читать полностью…Cybersecurity Summer Reading: 11 Books to Boost Your Career
https://www.dice.com/career-advice/cybersecurity-summer-reading-11-books-to-boost-your-career
Possible way to bypass ip
Cloud glow
And extract the real IP of the site
Knowing that I tried several methods and did not work
Hi, I found an ssti vulnerability on a large website and they have a bug bounty program with exceptionally high compensation (a limit of $500k+ for company/individual for reports submitted within 12 months). I didn't read the complete policy and just ran some tests on a "out of scope" asset before realizing I could perform an rce on a "in scope" asset from there and I probably also gain an rce on the out-of-scope asset (payload reflection on 2 endpoint ). Is it worthwhile to report the vulnerability, or will I suffer repercussions for testing on out-of-scope assets?
Читать полностью…Hi guys, does who known where can i find files from rapid7 sonar fdns? May be some torrents or something else.
Читать полностью…Hello I have Q , if I found bug in code should I exploite it so I can documented it , or the document with a good explanation is enough ?
Читать полностью…Try this here you can find 1500+ public bugbounty programs https://defensiveinet.com/bug-bounty-programs-list/
Читать полностью…